I Think I Went to a Malicious Site..Am I OK?

I went to a site that I don't know If it's safe or not & all of the sudden a thing popped up saying something can't run since its not in my whitelist. I'm worriedif it was a malware or virus..then the thing asked me to recover, close or terminate so I clicked terminate button..am I ok?? It shouldn't affect anything??

 

You have to provide more info, what kind of security you've got, your browser etc. I can't see any other way than scanning the system with several scanners. Something like HitmanPro has the advantage of using different engines, it is quick (within 5 minutes) and free for one month.

 

I have Avast but I thought its safe since I was in sandboxed mode (Firefox)

 

Then you should be okay, Avast is very reliable nowadays.

 

Is it ok even though I hit "terminate now" button when something was trying to run which it couldn't?

 

Are you talking about avast sandbox or sandboxie program

 

sooflymami, I believe you are using Sandboxie. If that's the case, you are fine. When you clicked to terminate all programs, whatever wanted to run, got deleted. Be happy.

Bo

 

You haven't given us much information to go on - such as what attempted to run, and what program you use to sandbox Firefox.

1/ The whitelisting may have been too restrictive, and it was a normal program trying to run.
2/ You may have had a drive-by-download, in which case you need to look at updating your plugins and extensions - particularly Java and PDF reader.

Either way, you're unlikely to be infected from this event given what you've said.

 

I'm not sure how that can be said TBH, unless you believe he's using the sandboxing feature of Avast? The TS is a bit ambiguous in what they're using I'm pretty sure realtime guards should jump in before it gets to the stage of the file being blocked from execution in Sandboxie.

He shouldn't be getting drive-by-downloads. If he has, then it's bypassed any URL blocking, the script scanning (does it support FF yet?), and the fileguard in order to reach the stage of executing from the hard drive.

 

Probably just a pop up to make you download/install some kind of malware.
If you never clicked download, never saw anything download or install then i would say you're pretty fine.

 

Slightly off topic but,,,,,I read that you should not click anywhere on a pop-up window. There is no guarantee that the terminate or even the X in the right hand corner of the window is what it says it is. There is some keyboard combination that will close just the window in question but when I get into this situation I right click on my browser tab in the task-bar and tell it to close the browser.

 

I would trust SBIE sandbox to contain the threat with default settings. I don't know about other sandboxes though.

AV and UAC is a good barrier, but far from 100% effective. Beefing up security with other products can help, if you really want all that running.

I would recommend MBAM if you think you have an issue. You might have to run it in safe mode if you are "infected" with something.

I have fixed more machines this year with win7 and an AV and UAC than in the last 3 years I guess. Don't know why so much this year, but I am certainly getting tired of fixing all the issues while seeing AV up to date and UAC on with IE in protected mode. I wonder if these protections are even turned on sometimes

Sul.

 

Seems the OP has fanished.

 

Thats true, some rogues etc are set up that will run when a user tries to cancel or X out on the popup..I may be wrong but right click in the task to close the browser is the same as the X out Top right and usually is fine. I find when in doubt is to use Ctrl + Alt + Delete then log off and then log back on.

 

I remember a few years ago i accessed a website that started downloading some files automatically (I knew they were malware) i went into panic mode and pushed the restart button in my PC.
It worked HAHAHAHA

 

She deleted the sandbox when this happened and she says the terminate button she hit was for sandboxie and also the sandbox was cleared out after she hit the button. Only items in the sandboxie white list were the adobe pdf reader, plugin-container.exe and firefox.exe. If the java and the pdf reader are update does she not have to worry?

 

I was using Sandboxie when that happened that asked me to terminate now..but everything got deleted after exiting out of sandboxie browser. The ones that are in the white list are Firefox.exe, plug in container.exe and the adobe PDF reader.. If they're all up to date, am I safe? Also if I have ad block plus set as automatically update, am I ok? Whatever that was trying to run shouldn't affect my automatic updates for my plug ins?

 

Yes you are safe. Even if Firefox and/or PDF Reader had not been up to date, your system would still be clean since you were browsing sandboxed.

If your Plugin updater was somehow affected in the sandbox, those changes were gone when you deleted the sandbox.

Bo