Sophos Endpoint detect cache2 folder of Thunderbird as malware


I have some clients with the same issue as below:

Sophos Endpoint detect files under the folder named cache2/entries of Thunderbird (mail client) as malware, here is one of them:


Almost every day Sophos reports that the files in the cache2/entries folder are malware even though they have been deleted.

Is this incorrect detection? How do get it fixed? Thanks

Parents Reply
  • Hi Qoosh,

    I discovered one thing is that when I search or install any extensions/themes on Thunderbird, Sophos Endpoint detects malware. I also try to go to Firefox to search or install extensions/themes, everything is fine. Both products are from Mozilla.

    I’m using Thunderbird version 91.2.0 (64-bit). Can you help test it?