Hi,
I am following directions to remove the Vista Antivirus 2012 but when I tried to use the Rkill I downloaded, Avast keeps telling me I need to run it in the Sandbox, which gives a message that I interpret to be that anything that is done will be temporary. So,
1)do I run it in the Sandbox and will that work?
2)if it won’t, what do I do next?
I know very little about computers; getting this far is a success - LOL. Feel free to talk to me like I’m 5. Ok, they’d probably know more…
Thanks in advance for any guidance you can provide.
No run it normally.
The autosandbox process is controlled in the first instance by the file system shield (FSS), the suspect.exe file is scanned before it is allowed to run. If it were infected, it could/should be detected by the FSS, so one reasonable thing in its favour is it hasn’t had a definitive detection.
However, the FSS checks other things amongst those a) is the file digitally signed, b) its location and what it does (this is done in the emulation check). these can trigger a suspicion and it is this suspicion that results in the recommendation to use the autosandbox.
Now the user can accept this decision and run it in the autosandbox or have it run normally and to Remember the answer for this program. Provided of course you are familiar with the program and that it is clean and of course that you intentionally initiated the program.
Thank you for your answer. I have tried to run it normally, but it won’t let me. Any ideas on how to proceed?
Why won’t it let you, what errors or alerts ?
I click “run normally”, it then asks me if I’ll allow it or cancel it, I click on “allow”, it then goes back to the original window that recommends the sandbox. It’s like a loop.
OK, I see the problem, it is a battle of wills as there are constantly changing and they are being challenged.
I’m also having my Firewall jump all over this too so it is a pit like pop-up central.
So you may have to Stop both the Behavior Shield (10 minutes should do it) and uncheck the Enable AutoSandbox in the Additional Protection, AutoSandbox, Settings.
This should allow it to run, as far as avast is concerned, if you have UAC, I don’t know if that might jump in or if your firewall might have something to say about it.
Thanks, I think that did it. Unfortunately, now that the scanning is complete, it only lists 4 items, which is a program that I downloaded months ago to restore pictures that inadvertently got deleted. There weren’t any files that looked even remotely similar to the ones that were listed on the websites I’ve looked at to learn more about this virus. I have not deleted the 4 picture files because I’m worried that somehow I may lose my pictures again.
What problems are you having ?
Well using RKill is meant to be the warm-up act for running MBAM, to ensure there is nothing there that might block MBAM.
Did you run MBAM after RKill ?
That’s the Malwarebytes’ Anti-Malware program? Yes, I ran that and that’s what doesn’t make sense to me. It is identifying a picture restoration program (as 4 files?) as the problem. If I get rid of those, will I lose my pictures? I bought that program many months ago, so I have a hard time believing that it is now causing problems. I’m no longer getting pop-up messages that my computer is at risk, so I assume that’s good news. If I turn off my computer, will that create any problems with the MBAM and what it’s identified as the 4 problem files? Or will I just have to run it all over again if the virus isn’t gone. I hope this makes sense.
The easiest bet would have to copy and paste the MBAM log.
to where?
ok, I tried to copy it and couldn’t. I saved the logs but can’t verify it really saved unless I shut the program down, which warns me that the scan will be lost.
Just open the log, in MBAM, Logs tab, select the log for the scan, click on the Open button, that should open in notepad. Just copy the contents (no need to try and save it) of the log and paste into your next post.
It won’t let me go into logs. It is stuck on the scanner tab. If I try to go to Main Menu, it tells me I’ll lose my scan results.
MBAM places them and only them in quarantine and they can be restored.
Once the scan is completed, then you would be able to open the log file and copy and paste.
That’s me for the night, almost 2am here.