搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

PWS:HTML/Phish.QA malware

  • 2 个回答
  • 0 人有此问题
  • 19 次查看
  • 最后回复者为 kgw319

more options

Hi Thunderbird has been my go to app for email for years but in the last few years I find that in windows, it triggers MS defender quarantining PWS:HTML/Phish.QA. Apparently it tries to capture passwords. It seems to pop up a couple of times one after the other and then again maybe each hour or so. Microsoft help people when I asked them about this a year or two ago said just tag it for the anti virus software to ignore it. I was uneasy about that advice. I have solved it in the past by installing separate anti virus packages which seem to ignore it, but I would rather not deal with all that if possible. The offending file seems to be in a sent email folder in an imap folder so it comes up each time I do a new install on a windows machine.

Could someone point me in the right direction? Is it a matter of finding and deleting something in a sent mail folder? Probably more complicated than that . . .

Cheers, Ken

Hi Thunderbird has been my go to app for email for years but in the last few years I find that in windows, it triggers MS defender quarantining PWS:HTML/Phish.QA. Apparently it tries to capture passwords. It seems to pop up a couple of times one after the other and then again maybe each hour or so. Microsoft help people when I asked them about this a year or two ago said just tag it for the anti virus software to ignore it. I was uneasy about that advice. I have solved it in the past by installing separate anti virus packages which seem to ignore it, but I would rather not deal with all that if possible. The offending file seems to be in a sent email folder in an imap folder so it comes up each time I do a new install on a windows machine. Could someone point me in the right direction? Is it a matter of finding and deleting something in a sent mail folder? Probably more complicated than that . . . Cheers, Ken

所有回复 (2)

more options

Just delete the offending email from the sent folder on the server. If it is an IMAP account and I think it is based on what you say then that will be the end of it forever.

more options

Thanks Matt, it is an IMAP account. Defender doesn't give me a link to a particular email, only to a profile folder which I think it probably a large folder. How can I identify which email it is?