avast won't delete viruses

Viruses and worms
1

I have Avast free version. I recently had my email hacked. I ran several quick and full Avast scans which found only one virus which I successfully deleted. My email was hacked again. I then tailored and ran a “custom scan” for PUPs. The custom scan returned 81 viruses from “memory” that appear to be trojan horses and worms and most all with high security alert. Many of these items I have Googled and are well known as damaging. My Avast program will not allow any action to be taken with the “apply” button (delete, etc). I’ve since installed, and run several times, Malwarebytes, Spybot, Adaware, and Kapersky TDSSkiller, and I did a boot time scan with Avast. The Avast scans never find these same viruses unless I run the “custom” scan. Some different viruses were picked up by the other programs and sucessfully deleted - but none are any of the 81 viruses from the Avast scan. What gives? I’ve read other posts re the “apply” button issue. I either can’t follow or clearly understand much of the protocol solutions suggested. For me, you’ll need to really dumb down and simplify any suggested solutions. I would think that getting Avast to follow it’s own program protocol would be a simple fix but I guess it is not. Please help and thanks in advance.

2

The button “Apply” does not work for memory (it works for files).
I suggest a full computer on-line scanning:
BitDefender
ESET NOD32
F-Secure

For detection-only, not cleaning:
Kaspersky
Trendmicro housecall

Here a very comprehensive information about the on-line scanners.
Also, here a full list of on line scanners.

3

so you run a custom scan and selected “scan memory” the forum are full of these cases if you search
you can not move or delete detection in memory since it is not a file but a process…
my guess is that what is detected is signatures loaded in memory from other security programs you have installed ?

if you attach a screen shot of the detection we can probably tell you what

if you do not know what will happen, it is not recomended to play with the scan settings…
so do not use the “scan memory” setting as it will give some strange scan result
use the default quick/full scan with default scan settings

also PUP is not virus
PUP (potentially unwanted program) http://searchsecurity.techtarget.com/definition/PUP

4

No scanner can detect this. :wink:
If your email was hacked reset your mail account(s) and use stronger passwords…!!

5

To answer a few of your comments;
I have reset my email password. No problems since the last reset.
I can’t attach a screen shot of the Avast virus log since Avast I can’t highlight - and hence copy the log page.
I believe I understand the difference between the PUP and the bad stuff.

I’m surmising from all the kind advice that these “memory” viruses aren’t really viruses that are currently affecting my computer. This seems likely to me since all the other remedial services I downloaded are running clean - as well as the “full” and “quick” Avast scan. The consensus seems to be that my computer is likely uninfected - right? Correct me if I might be wrong. Thanks again.

6

I did NOT say that. Just that you can’t use the “apply” button to a memory block.

Did you run any on line scanner?

7
I can't attach a screen shot of the Avast virus log since Avast I can't highlight - and hence copy the log page.
you dont copy it...you open it...take a screen shot and attach that here

or rewrite 2-3-4 lines from the log (not all 81) here

i suspect it is detected signatures from windefender since you say you installed the other tools after detection…

8

If you want to dig deeper: http://forum.avast.com/index.php?topic=53253.0

9

Did you run any on line scanner?
I downloaded and ran Ad-Aware and did a quick scan which returned nothing. I downloaded and ran Malwarebytes and Spydot and TDSS and got a few other viruses which I deleted or quarantined. Not sure of the order but did several of each till all clean. I then ran the Avast custom memory scan again and it came back with the same 81 viruses as in the beginning - all in memory.

Take a screen shot and attach here:
I made a screen shot of about half of one page of the scan log (there is more if you need it) but could not copy the shot directly onto this page, however my notebook did allow me to submit it as a browsed attachment. It should be attached here.

Thanks again for any advice.

10

as i expected…the process detected is “msmpeng.exe” wich is Windows Defender http://www.processlibrary.com/directory/files/msmpeng/27074/
jusched.exe belongs to java and teatimer.exe belongs to SpyBot S&D

all this is a result of you having selected “Scan Memory”…so to avoid this do NOT use the “Scan Memory” setting

if you do not know what will happen, then dont play with the scan settings…

use the default quick/full scan with default settings…

11

Thank you all.