Jump to content

Recommended Posts

  • Staff
9 minutes ago, Joeltfww said:

Once again I am getting false positives for toolsforworkingwood Please let me know why.

Thanks,

Joel

 

Hello- this block was disabled almost a month ago, assure you have the very latest database installed and try again.

Link to post
Share on other sites

51 minutes ago, Joeltfww said:

I tried this - Doesn't seem to have any effect. Incidentally  I am using Malwarebytes only as a plug in to firefox (not as an installed app)

The screenshots are from the extension. Does Firefox open to several tabs on each start?

Edited by Porthos
Link to post
Share on other sites

While working on another forum issue, I noticed the block occurred before I updated databases after a factory reset.  One minute later, the block was gone.  Did you check immediately after doing the factory reset, or wait 30-60 seconds before doing it?  A factory reset dumps cache, dumps databases, then downloads databases again.  If you did it between the dump and the download, you would have received a block.  Once the download was complete, there should not have been a block.

To make sure we have a stable footing, do this:

  • In your browser, navigate away from toolsforworkingwood.com in any and all tabs you have open for your browser.  This will prevent it from being part of the following steps.
  • Dump your browser cache
  • Do a factory reset in Browser Guard
  • When it is done, count to 25 (not scientific or silly...I want you to give it time to load updated databases)
  • Go to toolsforworkingwood.com and see what the result is.

It should be better.  If not, please download Browser Guard logs and post them here.

Link to post
Share on other sites

I do not see any attempt to go to the web site AFTER the databases have been updated.  The following is from your log:

{"@timestamp": "2022-02-05T00:11:14.709Z", "session": "1644019871363", "message": "RDB: 26 databases loaded", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:14.731Z", "session": "1644019871363", "message": "GUG: Invalid - No stored user_group - will determine", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:14.745Z", "session": "1644019871363", "message": "HFO: Protection layers are  active", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:14.762Z", "session": "1644019871363", "message": "UW: Updated old user to having being welcomed", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:54.773Z", "session": "1644019871363", "message": "ANY: Just matched 'toolsforworkingwood.com' in database: mbgc.db.riskware.2", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:54.773Z", "session": "1644019871363", "message": "OM: (PAGE_BLOCK) malware (riskware) match found on
https://toolsforworkingwood.com/ for https://toolsforworkingwood.com/. ", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:54.777Z", "session": "1644019871363", "message": "ENV: {'browser':'Firefox 96.0','version':'2.3.15','build':'Build 420'}", "level": "INFO"}
{"@timestamp": "2022-02-05T00:11:54.778Z", "session": "1644019871363", "message": "OM: Malware (malware) detection on
https://toolsforworkingwood.com/. Redirecting to block page.", "level": "INFO"}
{"@timestamp": "2022-02-05T00:12:01.355Z", "session": "1644019871363", "message": "OM: (PAGE_BLOCK) malware (riskware) match found on
https://toolsforworkingwood.com/ for https://toolsforworkingwood.com/. ", "level": "INFO"}
{"@timestamp": "2022-02-05T00:12:01.356Z", "session": "1644019871363", "message": "ENV: {'browser':'Firefox 96.0','version':'2.3.15','build':'Build 420'}", "level": "INFO"}
{"@timestamp": "2022-02-05T00:12:01.356Z", "session": "1644019871363", "message": "OM: Malware (malware) detection on
https://toolsforworkingwood.com/. Redirecting to block page.", "level": "INFO"}
{"@timestamp": "2022-02-05T00:12:12.662Z", "session": "1644019871363", "message": "UPD: 26/26 databases updated,{'mbgc.db.ads.2':'2.0.202202031053','mbgc.db.adware.2':'2.0.202202032203','mbgc.db.compromised.2':'2.0.202202010041','mbgc.db.exploit.2':'2.0.202202041005','mbgc.db.fraud.2':'2.0.202202042035','mbgc.db.hijack.2':'2.0.202202032203','mbgc.db.malvertising.2':'2.0.202202021233','mbgc.db.malware.2':'2.0.202202042351','mbgc.db.pharma.2':'2.0.202202010041','mbgc.db.phishing.2':'2.0.202202042212','mbgc.db.pup.2':'2.0.202202010041','mbgc.db.ransomware.2':'2.0.202202042212','mbgc.db.reputation.2':'2.0.202202042351','mbgc.db.riskware.2':'2.0.202202042122','mbgc.db.spam.2':'2.0.202202030607','mbgc.db.spyware.2':'2.0.202202041005','mbgc.db.trojan.2':'2.0.202202042212','mbgc.db.whitelist.ads.2':'2.0.202201160820','mbgc.db.whitelist.malware.2':'2.0.202201241203','mbgc.db.whitelist.scams.2':'2.0.202202042303','mbgc.db.worm.2':'2.0.202201312353','mbgc.db.malware.partial.urls.2':'2.0.202201240827','mbgc.db.malware.patterns.2':'2.0.202201240827','mbgc.db.malware.urls.2':'2.0.202202042351','mbgc.db.whitelist.scams.patterns.2':'2.0.202201240827','mbgc.db.whitelist.tracker.2':'2.0.202202020528'}", "level": "INFO"}
{"@timestamp": "2022-02-05T00:12:15.935Z", "session": "1644019871363", "message": "RDB: 26 databases loaded", "level": "INFO"}

The detection (red) occurs prior to databases being updated (highlighted in green) and available for use.  You are rushing it!  I am trying to get beyond that "formative" point so that we can determine how it is working consistently, rather than the initial phase.  I only saw issues here myself if I went to your website IMMEDIATELY after doing a factory reset (not allowing time for databases to update). Once they updated, there were no issues. That is true for both Firefox and Chrome versions of Browser Guard.

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.