Rogue AV

So I went to this website when I was highjacked and this rogue av popped-up asking to be installed. I couldnt close the page manually so I used the task manager to close it. This should have been enough to prevent infection right? My browser was sandboxed via sbie. Thanks.

 

Believe me you would know by now if your system had been compromised. Based upon my own sad experiences, I bet that of the two defenses you employed Sandboxie is the one that saved your tail.

 

Using Task Manager to close the window was quick thinking & saved your bacon. Never trust a "cancel" button from a fraudster!

 

You could also right click Sandboxie's tray icon and selected terminate programs then delete contents as well.

 

Yea it was my fear that the "cancel" button would authorise the install as well. Thankfully the task manager came through for me!

 

Thats a great idea Franklin, thanks!

 

If your interested in seeing an analysis of fake av's, then..
http://blog.damballa.com/?p=578

Aslo...
http://www.damballa.com/research/aurora/

 

Very interesting read there Searching.