Hi. Hoping this is a false positive but... The Bitdefender Antivirus software has found what it thinks is a threat (Gen:Heur.Krypt.26) in the latest version of dropbox for Mac desktop client, in file "wininst-12.0.exe" which is located at: "/Applications/Dropbox.app/Contents/Resources/lib/python2.7/site-packages.zip=>distutils/command/wininst-12.0.exe". I've tried deleting and reinstalling the Mac dropbox app, and have updated the virus definitions to the latest version, but this happened again (and Bitdefender deleted the file). Can you please advise if it can safely be ignored? Thanks, James
Same exact thing happened to me. I would appreciate it if we get an official answer.
Hi; I have exactly the same issue; when I scanned with Virus Scanner Plus, it finds Gen:Heur.Krypt.26. I deleted the file and reinstalled dropbox; same issue it finds this "virus" in the dropbox app package. Would like also to hear from dropbox and or Bitdefender and what are we supposed to do
Thanks for confirming I'm not the only one who had the problem.... Given no official response, I have messaged the Dropbox team directly. If/ when I get a response, I will post it here. TBH I think its most likely Bitdefender making a mistake but let's see...
It must be Bitdefender. I uninstall dropbox and reinstall and whenever I rescan the dropbox app, it finds this virus
Hi Sheryl - what I landed up doing was installing the dropbox software again, running the virus scanner, and letting Bitdefender delete the <<wininst-12.0.exe>> file... Because its a Windows rather than a Mac file, Dropbox can still run on my Mac without it (in fact the file is completely unnecessary for the Mac installer).
What I think might be happening - based on the folder where Bitdefender found the file - is that Dropbox uses some licensed third party software in a bundle which it distributes as part of the installation files to make Dropbox work, and which contains components for Windows as well as Mac, and it is that 3rd party file which Bitdefender is picking up... however I could be completely wrong...
I feel confident enough with Dropbox as a company to do this and continue using the software. However, I'm definitely not a security expert, so please don't take this as advice on what to do yourself.
Here is the response I got from Dropbox tech support for this issue:
The Dropbox desktop client uses the ".dropbox.cache" folder as a staging area to download your files in small chunks. Sometimes antivirus programs will pick up these partial files as false positives and continuously quarantine them. The problem is that Dropbox keeps downloading the file in an attempt to sync the file down to your device. I would recommend adding the Dropbox cache folder to an ignore list for the anti-virus software so that Dropbox can correctly sync that file and/or temporarily disabling your antivirus. Once synced, you should no longer see these warnings or quarantine messages.
To find the location of your folder, follow these instructions:
Open the Finder and select Go to folder... from the Go menu (or press Shift-Command-G).
A dialog box should appear. Now copy and paste the following line into the box and press the return key:
The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.Sound good? Let's get started.
For more info on available support options, see this article.
If you found the answer to your question, please 'like' the post to say thanks to the user!