Jump to content

Recommended Posts

Even though I have the Mailbird.exe process as well as ALL of individual e-mail server domains (incoming and outgoing) added as web exclusions, Malwarebytes still blocks them when malicious website protection is enabled. I don't get a popup indicator, but the minute I disable malicious website protection, Mailbird works fine again. Is there any other fix for this other than leaving malicious website protection disabled?

Link to post
Share on other sites

Hello and welcome, @dorknessrising:

If you do not get a popup notification from the MBAM system tray notification about the IP block, then something else is going on, unless you have notifications disabled in the MBAM GUI.

I have a feeling I know what might be causing the behavior you report, but we need a bit more information in order to help figure this out.

Please ATTACH to your next reply in this thread, the following 4 logs:

  1. An MBAM PROTECTION log (not a scan log) from a day when the behavior reported occurred -- THIS ARTICLE explains how to locate and export the PROTECTION log file. Please use the *.TXT file format (not the *.xml).  Let us know if you need more help with this.
  2. AND a set of all 3 logs from this tutorial: Diagnostic Logs.  The 3 logs will be FRST.txt and Addition.txt from FRST, as well as CheckResults.txt from mbam-check.

Thank you,

Link to post
Share on other sites

Hi:

I'm not sure about that.

Moreover, adding the entire mailbird.exe processes and domains to exclusions is not a safe strategy.
The process/file exclusions setting is rarely, if ever, needed, and only then for one's AV (not for other legit processes or applications).  If you exclude mailbird.exe from MBAM's protection, you are creating a security hole.
Similarly, MBAM blocks IPs and websites for a reason.  While it's possible that the IP blocks could be a False Positive, adding them to exclusions without further research could be dangerous.

As I mentioned, I have at least one idea of a possible cause of the issue you report.  The fix for it will be quite simple.  But, without XRay vision, we would need a bit of information about the system in order to know for sure.;)

Producing the requested diagnostic logs and MBAM protection log will only take a few minutes.:)

But it's up to you.

Thanks,

P.S. If you are running Win 8/8.1 or Win 10, then Windows Defender is an anti-virus.  If you are running only 7 or Vista, then Windows Defender is NOT an anti-virus; it is only a weak anti-malware application.  MBAM alone -- even MBAM Premium -- will not provide adequate real-time protection.  You will need a robust, real-time AV, either free or paid. :(

Link to post
Share on other sites

Thanks for those logs.

While we have a preliminary look at them, it would also help to see the CheckResults.txt log from mbam-check.

If you have another look at the Diagnostic Logs sticky, you'll find the instructions for producing "logset 2" by running mbam-check.

Please attach that log to your next reply.

Thank you,

 

Link to post
Share on other sites

Hi:

Thanks for the logs. The checkresults.txt log may be incomplete, as there are some missing entries.

But -- for starters -- they do show AVG leftovers (including in your temp files), a need to be rebooted, and a ton of quarantine and log files for MBAM dating back to June 2015.

For starters, I suggest the following:

  1. Download and run the vendor's removal tool for AVG and then reboot the computer, in order to clear out any leftovers.
  2. Perform a proper clean reinstall of MBAM.  To do that, I suggest carefully following ALL the suggested steps here: MBAM Clean Removal Process 2x.
    1. It is very important to reboot when prompted by the removal tool. It's a good idea to reboot again after the reinstall.
    2. Do not add any exclusions to MBAM file/folder/process or web exclusions initially -- test mailbird with a clean "out of the box" MBAM installation.
      1. I do not suggest adding the mailbird processes or domains to exclusions as a workaround until we get more expert review of your logs.

Please let us know if that resolves your issue.

If your issue persists after fully removing AVG and cleanly reinstalling MBAM, a fresh set of logs and additional, deeper work may be needed (probably in the special malware removal sub-forum).

Thank you,

 

Edited by daledoc1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.