Upgrade StorageZotero Cache consistently accrues phishing trojans
Hey everyone, I wonder if anyone else is experiencing the same issue I am.
I have regular hard drive backups scheduled on my computer and for the last several back up attempts my antivirus software (standard windows 11 onboard software) has prevented the backup from progressing due to finding phishing trojans tucked away in my Zotero Cache files at the following path: C:\...\AppData\Local\Zotero\Zotero\Profiles\ih2syp42.default\cache2\entries\filename
Note: antivirus scans of the indicated path, the external drive, and my computer itself do not come up with any problematic files but I believe the concern to be legitimate as follows. When I open said files in notepad they do not look like standard HTML code but rather like program code. I do not have a current example to hand as I have deleted the files posthaste but should the problem arise again I will post screenshots.
I have been able to resolve the issue temporarily by deleting the cache folder's contents and progressing the backup but the cache rebuilds itself from the contents of my library and after about a week the problem comes back.
In reviewing the cache files themselves I have reason to believe that the trojan is hiding in one of the pdfs in my zotero library but I cannot confirm that at present. As such the problem may be with the journal's web security. Regardless I wanted to post this matter to see if anyone else is experiencing the same issue.
Thanks!
Lenny
I have regular hard drive backups scheduled on my computer and for the last several back up attempts my antivirus software (standard windows 11 onboard software) has prevented the backup from progressing due to finding phishing trojans tucked away in my Zotero Cache files at the following path: C:\...\AppData\Local\Zotero\Zotero\Profiles\ih2syp42.default\cache2\entries\filename
Note: antivirus scans of the indicated path, the external drive, and my computer itself do not come up with any problematic files but I believe the concern to be legitimate as follows. When I open said files in notepad they do not look like standard HTML code but rather like program code. I do not have a current example to hand as I have deleted the files posthaste but should the problem arise again I will post screenshots.
I have been able to resolve the issue temporarily by deleting the cache folder's contents and progressing the backup but the cache rebuilds itself from the contents of my library and after about a week the problem comes back.
In reviewing the cache files themselves I have reason to believe that the trojan is hiding in one of the pdfs in my zotero library but I cannot confirm that at present. As such the problem may be with the journal's web security. Regardless I wanted to post this matter to see if anyone else is experiencing the same issue.
Thanks!
Lenny
I would be quite surprised, in fact, if it was an actual virus right there. Here's a Firefox post on the same topic: https://support.mozilla.org/en-US/questions/1400919 (Zotero uses Firefox under the hood, so this is the exact same location, same issue). You should be able to empty the cache as described there and I'd expect that to at least temporarily fix the issue.