[Solved] Threat detected, can't apply action.

I am running Avast 5.1.889 (Free version) on a Windows XP machine. A recent scan found 6 “infected” files of high severity. All of the files have “Process 1556 [aawservice.exe], memory block” in the name. The status of each shows "Threat: " and then the names of several trojans. The problem is that even though I can select an action from the dropdown box, the apply button never activates and I thus cannot deal with these threats.

My thought is that Avast just picked up on something in the detection files for Ad-Aware and that those aren’t really malware.

Is this the case, or is something else going on?

Any help greatly appreciated.

http://www.processlibrary.com/directory/files/aawservice/214115/

This is from Lavasoft Ad-Aware, IF you have it installed. Though, it could equally be a rogue pretending to be Ad-Aware. Check the file’s size and properties, esp. version and author, to see if they make sense or not.

It seems that AA loads its signatures unencrypted into memory.
Therefore this shouldn’t be a problem.
asyn

  • Detections in Memory
  • My guess is that you are doing a Custom scan in which you have elected to scan Memory and that all these detections are in memory. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.

The detections in memory are frequently other security applications loading unencrypted virus signatures into memory, adaware in this case. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.

Personally I wouldn’t give adaware hard disk space there are better applications, but if you do a memory scan you may well find the same.

Ad-Aware is useless nowadays.

Malwarebytes Anti-Malware (MBAM) is much better.

I agree, we tend to use MBAM for fake-AV removal and the like. Ad-Aware was a good product in its heyday, but that is long past.

Thank you for your responses. Yes, I had Ad-Aware installed, and I did do a custom scan. I also appreciate the recommendation of Malwarebytes.

Thanks again for your help.

You’re welcome…!
asyn