Threats found, but Move To Apply button isn't available

Permission to come aboard? I’m an unintentionally silly noob; an old gal who knows little about computers. I apologize profusely in advance. :stuck_out_tongue:

I’ve done searches on this problem but have yet to find the topic.

I’ve upgraded to the new Avast! free6, but this problem was happening before the upgrade. Whenever I do any scan, either thorough/fast or custom, Avast! is catching High-level threats, but when I go to Apply “Move to Chest”, the Move to Apply button is not available/not clickable/faded. I’ve checked my settings; tried switching from the option of automatically “Moving to Chest” to “Do Nothing”, but the darn button won’t let me fix the problems. The scans are always productive (dangit, LOL) but what’s the point if I can’t isolate the problems? I always run a boot-time scan after each Avast! scan, but it’s not giving me an option to Move to Chest or anything else then, either. The scans and results don’t even show up as having been done in the scan logs, either.

WinSpy, AsianRaw, dialer, etc. - I want them gone. I love Avast!, but it catching the threats isn’t enough - I have to be able to isolate them and make them go bye-bye. I’m to the point now that I’m afraid another keystroke is going to make my system implode. snort

Can anyone help? This old broad thanks you profusely in advance.

Hi,
Download malwarebytes free and update it and run full scan and remove what it finds. Your computer is quite heavly infected

Thank you, Sir. :-[ Do I just go to, say, Cnet and search for “malwarebytes” and download it? You truly are dealing with a gal who knows little, so… blush

where are the file(s) detected located ?

can you post full path to the file…

malwarebytes is here http://filehippo.com/download_malwarebytes_anti_malware/

Hello!

Did you try to click in this disabled/faded button?

I ask this, because, in all machines that I had installed avast 6 free, the button to apply actions on infections after an on demand scan, appears to be faded (disabled).
However if you click on it, the button actually works. Its enabled, just its layout seems to be disabled.

Thanks for your time,

BrBrasil

Yes, sir, I tried clicking the faded button, but nothing happens. :frowning:

The infected files seem to be in Documents and Settings. The latest scan results show (using three as examples):
Process 1736: aawservice.exe memory Threat: HIGH Win32 Nimda-0 [Drp];
Process 1736: aawservice.exe memory Threat: HIGH Win32 WinSpyCK [Trj];
Process 1736: aawservice.exe memory Threat: HIGH Win32 Bags-AF [Wrm]

But I ran the Malwarebytes Full Scan - and nothing came up…the scan found no infections*. :o Yet an Avast! scan brought them up again, with no way to isolate them. :stuck_out_tongue:

*mbam-log-2011-07-22 (09-36-23).txt

Scan type: Full scan

(C:|D:|E:|F:|G:|H:|I:|)
Objects scanned: 262583
Time elapsed: 1 hour(s), 25 minute(s),

28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Seeing the list of reported files/malware:
They are Detections in Memory -
My guess is that you are doing a Custom scan in which you have elected to scan Memory and that all these detections are in memory. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.

The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.

So these examples you posted of the items in the list are as a result of having AdAware installed and its service loading unencrypted virus signatures into memory.

I see! That’s why it mentions MEMORY. That’s probably also why when I do an Avast! Full Thorough (preset) scan, nothing shows up, but when I do a Custom scan, they do. Right?

So my system isn’t infected? Should I uninstall AdAware? If I do, should I run another Avast! Full scan and then a BootTime scan as well? Do you have a suggestion on how often I should run Avast! and Malwarebytes?

I’m sorry for being pesky - I don’t mean to be. You are all wonderful! I appreciate you & your help so very much. :-[ I told ya I’m clueless…

Only if in that custom scan you selec memory as one of the scan opthins, on its own a custom scan doesn’t scan memory.

Personally I have no idea why you do a custom scan ?
But The ore-defined Quick and Full System scans are more than adequate, unless your reason for doing a custom scan is worthy (but that is a decision you make not me).

  • With a resident on-access antivirus like avast, the need for frequent on-demand scans is much depreciated. For the most part the on-demand scan is going to be scanning files that would be otherwise be dormant or inert. If they were active files then the on-access file system shield would be scanning them before being created, modified, opened or executed.

I have avast set to do a scheduled weekly Quick scan, set at a time and day that I know the computer will be on. If for some reason my system wasn’t on, no big deal I will catch up on the next scheduled scan.

Personally I wouldn’t give adaware hard disk space, but this has nothing to do with this issue, it is no longer in the top rank of anti-spy/malware applications. Since you have MBAM also it kind of makes adaware redundant. As I mentioned above I tend to run the quick scan weekly and the same for MBAM if you have the free version which is an on-demand only scanner. I have the MBAM Pro version which has resident scanner so I may well miss the odd weekly scan on that.