I Think I Went to a Malicious Site..Am I OK?

Discussion in 'sandboxing & virtualization' started by sooflymami, Jul 13, 2012.

Thread Status:
Not open for further replies.
  1. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I went to a site that I don't know If it's safe or not & all of the sudden a thing popped up saying something can't run since its not in my whitelist. I'm worriedif it was a malware or virus..then the thing asked me to recover, close or terminate so I clicked terminate button..am I ok?? It shouldn't affect anything??
     
  2. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    You have to provide more info, what kind of security you've got, your browser etc. I can't see any other way than scanning the system with several scanners. Something like HitmanPro has the advantage of using different engines, it is quick (within 5 minutes) and free for one month.
     
  3. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I have Avast but I thought its safe since I was in sandboxed mode (Firefox)
     
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Then you should be okay, Avast is very reliable nowadays.
     
  5. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    Is it ok even though I hit "terminate now" button when something was trying to run which it couldn't?
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Are you talking about avast sandbox or sandboxie program
     
  7. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    sooflymami, I believe you are using Sandboxie. If that's the case, you are fine. When you clicked to terminate all programs, whatever wanted to run, got deleted. Be happy.

    Bo
     
  8. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    You haven't given us much information to go on - such as what attempted to run, and what program you use to sandbox Firefox.

    1/ The whitelisting may have been too restrictive, and it was a normal program trying to run.
    2/ You may have had a drive-by-download, in which case you need to look at updating your plugins and extensions - particularly Java and PDF reader.

    Either way, you're unlikely to be infected from this event given what you've said.
     
    Last edited: Jul 14, 2012
  9. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    I'm not sure how that can be said TBH, unless you believe he's using the sandboxing feature of Avast? The TS is a bit ambiguous in what they're using :) I'm pretty sure realtime guards should jump in before it gets to the stage of the file being blocked from execution in Sandboxie.

    He shouldn't be getting drive-by-downloads. If he has, then it's bypassed any URL blocking, the script scanning (does it support FF yet?), and the fileguard in order to reach the stage of executing from the hard drive.
     
  10. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Probably just a pop up to make you download/install some kind of malware.
    If you never clicked download, never saw anything download or install then i would say you're pretty fine. :thumb: :D
     
  11. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,131
    Slightly off topic but,,,,,I read that you should not click anywhere on a pop-up window. There is no guarantee that the terminate or even the X in the right hand corner of the window is what it says it is. There is some keyboard combination that will close just the window in question but when I get into this situation I right click on my browser tab in the task-bar and tell it to close the browser.
     
  12. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,296
    Location:
    England
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I would trust SBIE sandbox to contain the threat with default settings. I don't know about other sandboxes though.

    AV and UAC is a good barrier, but far from 100% effective. Beefing up security with other products can help, if you really want all that running.

    I would recommend MBAM if you think you have an issue. You might have to run it in safe mode if you are "infected" with something.

    I have fixed more machines this year with win7 and an AV and UAC than in the last 3 years I guess. Don't know why so much this year, but I am certainly getting tired of fixing all the issues while seeing AV up to date and UAC on with IE in protected mode. I wonder if these protections are even turned on sometimes :blink:

    Sul.
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Seems the OP has fanished.
     
  15. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Thats true, some rogues etc are set up that will run when a user tries to cancel or X out on the popup..I may be wrong but right click in the task to close the browser is the same as the X out Top right and usually is fine. I find when in doubt is to use Ctrl + Alt + Delete then log off and then log back on.
     
    Last edited: Jul 15, 2012
  16. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I remember a few years ago i accessed a website that started downloading some files automatically (I knew they were malware) i went into panic mode and pushed the restart button in my PC. :D
    It worked HAHAHAHA
     
  17. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    She deleted the sandbox when this happened and she says the terminate button she hit was for sandboxie and also the sandbox was cleared out after she hit the button. Only items in the sandboxie white list were the adobe pdf reader, plugin-container.exe and firefox.exe. If the java and the pdf reader are update does she not have to worry?
     
  18. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I was using Sandboxie when that happened that asked me to terminate now..but everything got deleted after exiting out of sandboxie browser. The ones that are in the white list are Firefox.exe, plug in container.exe and the adobe PDF reader.. If they're all up to date, am I safe? Also if I have ad block plus set as automatically update, am I ok? Whatever that was trying to run shouldn't affect my automatic updates for my plug ins?
     
    Last edited: Jul 15, 2012
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Yes you are safe. Even if Firefox and/or PDF Reader had not been up to date, your system would still be clean since you were browsing sandboxed.
    If your Plugin updater was somehow affected in the sandbox, those changes were gone when you deleted the sandbox.

    Bo
     
Loading...
Thread Status:
Not open for further replies.