Threat:Win32:Malware-gen

[assist please]

DavidR -Überevangelist – Thank you.
My first Avast Windows XP scan was unfortunate.

It indicated a “Threat:Win32:Malware-gen” in the following files:

C:\drivers\video\onboard\igfxpers.exe
C:\i386\igfxpers.exe
C:\WINDOWS\system32\igfxpers.exe
              …Two more were for FreeNetXero.exe and I don’t want them.

The files are in the Virus Chest.  Is it POSSIBLE for the Malware to be removed and can these files then be RESTORED?  ARE THEY IMPORTANT??

 I’m not very tech savvy. SHOULD I TAKE the laptop to a computer repair shop to try and remove the Malware and Restore the files – or are they unimportant? 

An Avast person wanted to charge me an annual fee to check remotely for conflict files but I’ve already gotten misdirected by an old Avast phone number to an “iYogi” man who misrepresented himself as Avast and remotely went into my computer. I’m worried that that was where to malware came from.  So I’d rather go local. 

Is quick repair urgent?  Should I go to a pro?

[DavidR]

Ideally this should have been added to your first topic as it is related (keeps the prior information and this together); as I said about the infected/detected restore point, just let avast move that to the chest.

No need to take your laptop to repair shop unless you have a surplus of money, otherwise stick with the avast forums

This detection on the igfxpers.exe (in three locations) needs further investigation as it is a legit file name (doesn't mean it is clean though) to confirm or deny the detection as it could be a false positive.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here, post the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to Open the chest and right click on the file and select 'Extract' it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\*
That will stop the File System Shield scanning any file you put in that folder.