OK, re your:

  1. This is a restore point “C:System Volume Information.…\A))52078.exe”
  • Infected Restore Points:
    There really is little benefit in chasing a detection in the system volume information folder. It is only there because it had previously been deleted or moved from the system folders and this is a back-up created by system restore.

  • Worst case scenario it isn’t infected and you delete it, you can’t use that restore point in the future, not much of a loss and the older the restore point is the less of an issue it is.

  • So if there is any suspicion about a restore point then it is best removed from the system volume information folder or it could bite you in the rear at some point in the future when you use system restore if it included that restore point. So even if deleted this is no real loss.

  1. This “Process: C:\Program Files\Malwarebytes’ Anti-Malware\Mbam.exe” is a detection in memory, unencrypted virus signatures loaded into memory by the mbam.exe ‘process.’ Generally you only see the mbam.exe process in the task manager when you are doing or have just run an mbam scan. You can’t actually delete something in memory as it isn’t a physical file, just a block of memory, which in due course will be cleared by windows as and when the memory is needed or you reboot.

Detections in Memory -
My guess is that you were doing a Custom scan in which you have elected to scan Memory and that this detection was in memory. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out (if there were only these memory detections).

The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.

So generally I wouldn’t recommend you do a custom scan or elect to scan memory, the default scans are file, whilst they scan memory it isn’t in the same depth as the one in a custom scan.