It says to put it in the sandbox which is recommended but her internet is down and she does not know if this is causing it or not. Her internet has been wonky for a while so avast has not been updated. Please respond soon ASAP. She has open in sandbox, open normal or cancel opening. What does cancel opening mean? Does it stay on the HDD and just not stay opened. The file origin says c:/windows/system32/TPSmain.exe
TPSmain is a Toshiba power saver file and should be perfectly safe.
Why is the sandbox reporting this file? I’m guessing she should hit open as normal then?
I would say yes and tell Avast to remember the answer so it doesn’t alert again. The file is probably performing actions common to other things that are actually malicious so Avast is finding it suspicious.
Probably also because of its location (system32) and it probably isn’t digitally signed.
If you/she are/is happy about its origin and legitimacy then Yes open it normally and have her check the Remember my decision for this program.
Thanks we did as recommended.