Forum newbie and not much more than computer novice here so feel free to spell stuff out for me
Ran AV 4.8 and received the following 2 reports:
C:\Documents and Settings\HP_Owner\Application Data\Twain\Twain.exe is infected by WIN32:Trojan-gen [other]
Action: I pressed â2â to delete all and the following error came up:
C:\hiberfil.sys is infected by WIN32:Lineage-197[Trj]
Action: I pressed â2â again to delete and received: Error 0xC0000043 (file cannot be opened because share access flags are incompatible) Repair attempt = error 42060 (file not repaired)
I did some research after this and found advice to NOT delete because then itâs not possible to undo any changes if the system is not working properly anymore, especially if you donât really know what you are doing (DOH! ::))
At that point I registered for this forum to ask people who know way more than I do.
In My Computer, what do you see? How many drives, and what are the names? C:, D: etc.
Hyberfil.sys is the hibernation file where memory is dumped to disk during hibernation. It is not usually scanned unless youâre scanning from a separate partition, when it frequently generates false positives.
I thought hyberfil.sys was excluded scanning from the same partition: I donât know why youâre seeing that detection.
As I said before itâs just a memory dump, so you should ignore it. If itâs not a false positive, the virus is not active in the hyberfile.sys file but it will be active elsewhere.
If you have deleted twain.exe, youâll probably find your scanner doesnât work: this is why itâs always best to send detected files to the Chest (quarantine) where they can do no harm but can be restored if they turn out to be a false positive.
Iâd recommend you try a boot time scan with avast! Right click the scanner screen, select âschedule a boot time scanâ and reboot when requested. (Or open the tab at the top left of the scanner screen and select the boot time option from there.)
Download, install and update the programs.
Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.
Sorry, FWF. I shouldnât know better. According ThreatExpert, 96% of this filename was found to be a threat. About 4% of this filename was considered safe. Iâm must be confusing a legitimate file for a malicious file.
@BowlMe900, you have to reinstall your HP scanner/printer all over again.