PWS:HTML/Phish.QA malware
Hi Thunderbird has been my go to app for email for years but in the last few years I find that in windows, it triggers MS defender quarantining PWS:HTML/Phish.QA. Apparently it tries to capture passwords. It seems to pop up a couple of times one after the other and then again maybe each hour or so. Microsoft help people when I asked them about this a year or two ago said just tag it for the anti virus software to ignore it. I was uneasy about that advice. I have solved it in the past by installing separate anti virus packages which seem to ignore it, but I would rather not deal with all that if possible. The offending file seems to be in a sent email folder in an imap folder so it comes up each time I do a new install on a windows machine.
Could someone point me in the right direction? Is it a matter of finding and deleting something in a sent mail folder? Probably more complicated than that . . .
Cheers, Ken
All Replies (2)
Just delete the offending email from the sent folder on the server. If it is an IMAP account and I think it is based on what you say then that will be the end of it forever.
Thanks Matt, it is an IMAP account. Defender doesn't give me a link to a particular email, only to a profile folder which I think it probably a large folder. How can I identify which email it is?