Bitdefender Total Security has started continually notifying me of a "Potentially Unwanted Program" in my DropBox.cache\new files directory.
Two of the malwares detected are 1) Gen:Application.Venus.Cynthia.Amifl.13buY@am!tBBk and 2) Venus.Cynthia.Donquijote.8auX@aer1sOl .
Two of the file names are 1) a923c15245f51a38b37d01d3e6aab030 and 2) 985179de1a76b88f40fd4679b6027347 .
Searching says “venus” malware is a remote desktop service ransomware so I am happy and grateful BD is protecting me but I need to know what is creating these files so I can eliminate the cause, not just delete the resulting file and get re-notified of a new one when it gets created. And in case I need to pause BD. These files are locked down and can be examined even with admin privileges. I tried restoring them to what I hoped was a safe location but they could not be restored.
Another user had as similar problem with malware detection in the DB cache and DB said:
DB " uses the "dropbox.cache" folder as a staging area to download your files in small chunks during the syncing process. Sometimes antivirus programs will pick up some of these partial files as false positives and continuously quarantine them. The problem here is that Dropbox keeps downloading the file in an attempt to sync the file down to your computer. To tackle this behavior you can either add the Dropbox cache folder to an ignore list so that Dropbox can correctly sync that file or/and temporarily disable your antivirus. Once synced and "Up to date", you should no longer see these warnings or quarantine messages.”
I am reluctant to disable protection for the DB cache or BD itself. I suspect it is DB that is creating the file by trying to sync some file but I’d like to know which one(s) so it can be checked to make sure it is not infected rather than just somehow creating a temporary small chunk for which the malware notifications are annoying but hopefully harmless. Any insights or solutions gratefully appreciated.
