I am a longtime Thunderbird user, currently running 115.6.0 (32-bit). Very recently Windows Defender is detecting malware it identifies as Trojan:HTML/Phish!pz. Defender … (read more)
I am a longtime Thunderbird user, currently running 115.6.0 (32-bit). Very recently Windows Defender is detecting malware it identifies as Trojan:HTML/Phish!pz. Defender is unable to quarantine or eliminate the threat.
The specific file is appearing in Volume Shadow Copy data when I am running backup:
file: \Device\HarddiskVolumeShadowCopy55\Users\fhanz\AppData\Local\Thunderbird\Profiles\sootdszw.default-release\cache2\entries\342F92977A0BA0715CB8880A9289BC8F8827262C
I've attempted several times to remove the offending file(s), but the problem returns.
What is the best method to determine the source of this malware and effectively eliminate it returning?
If it matters, I use Chrome as my default browser.