Virus and Windows Sandbox

I have a McAfee virus inside Windows Sandbox. It only randomly appears when I read an article on HuffPost.com and it's been there for a long time. I tried reenabling MP_FORCE_USE_SANDBOX to 1 but the virus is still there. I would like to completely uninstall Windows Sandbox itself but that's not possible. Disabling and re-enabling it didn't remove the virus. I may have to reset Windows 11. The virus is not a threat but annoying.

I tested Windows Sandbox in a virtual machine (VMware) and encountered no virus on HuffPost so I concluded it's the Windows Sandbox in my machine.

@mjcampbell2 ......... Welcome to the Forum ! Have you ran these two programs ?

Malwarebytes AdwCleaner >>> Download AdwCleaner

Please download AdwCleaner and save it to your Desktop
* Close all open programs and browsers
* Right click on the icon and select Run as administrator
* Click Scan now
* Allow the program to Quarantine what it finds except for Pre-installed applications if you would like to keep those or other entries you would like to keep
* When completed click View Scan Log File
* Copy and paste the contents in your reply
* Click Skip Basic Repair if it appears then close the program

=================================

Full System Scan with Malwarebytes Antimalware >>> Free Antivirus 2023 | Free Malwarebytes Download | 100% Free & Easy Install | Malware Removal
* If not existing, please download Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

* If the program is already installed:
* Run Malwarebytes Antimalware
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
* Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
*** Post that log back here or just tell me what it found ?
If it is to long then you will have to zip it or find a site to download it to & let me know where !

Thanks !

I have MalwareBytes, no virus found. I tried the first one AdwCleaner, nothing found.

@mjcampbell2 ........... Scan With RootKitUnHooker

Please choose one link and download Rootkit Unhooker and save it to your desktop.

Link 1 ... http://www.kernelmode.info/ARKs/RKUnhookerLE.EXE
Link 2 .... http://www.kernelmode.info/ARKs/RKUnhookerLE.zip
Link 3 .... http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar
Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers and Stealth
Uncheck the rest. then click OK
When prompted to Select Disks for Scan, make sure C:/ is checked and click OK .... or what ever your main disk is named !
Wait till the scanner has finished and then click File > Save Report.
Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in your next reply.

Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?

===============

SIDE NOTE: Sandboxie is mostly used for testing viruses ! That's what i was taught in Malware school !!
Once it is downloaded, double-click on rkill in order to automatically attempt to stop any processes associated with Security Central and other Rogue programs.
Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and
you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Central
when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen
and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Central .
So, please try running Rkill until malware is no longer running. You will then be able to proceed with the rest of my instructions.