Difficult Time Dealing With Win32:vigorf.a

Discussion in 'Malware Help (A Specialist Will Reply)' started by Homebrewed, Nov 10, 2022.

  1. Homebrewed

    Homebrewed Private E-2

    I have a file that is infected by "WIN32:vigorf.a" This thing is absolutely driving me mad. Defender is supposed to be able to remedy this virus, but it seems to be having an incredibly difficult time in dealing with it. Plus it is exhibiting some weird actions.

    The infected file is on a data drive typically used only for storing data. It is a RAID volume. (I'm actually questioning if that may be a contributing factor.) I'm also wondering if the virus may have been inadvertently triggered somehow. There are no warnings by Defender when the computer first boots. "Security at a glance" says everything is Okay.

    If you attempt to copy, or move the file, the virus starts up. (Defender now gives a warning that the virus is active.)
    If you attempt to delete the file, the file is locked and returns "error 0x800700e1," (Again, Defender now gives a warning that the virus is active.) leading to my suspicions the virus 'may' be active and simply be very good at hiding.

    A few years back there were several sites that had extensive data on hundreds of viruses; their behavior, often related code, registry keys to look for, startup locations, sometimes even batch files or custom removers to do the work for you. All of these sites seem to have disappeared or gone behind paywalls.

    I simply want to remove the infected file from my drive. I'm not even interested in saving the infected program. And I want to make certain my system isn't secretly running the virus, or that there are any remnants that could trigger either a reconstruction, or re-download of the issue.. Any information or suggestions?
     
    Homebrewed, Nov 10, 2022
    #1
  2. plodr

    plodr MajorGeek Super Extraordinaire Moderator Staff Member

    Download Malwarebytes and scan with that. You will have a 14 day trial, then it will revert to the free version.
    https://www.malwarebytes.com/mwb-download

    I didn't link to MajorGeeks because the link is broken. I click on the link to download version 4.5.17.221 and it leads me only to some featured software, none of which is malwarebytes.

    This is what you want the scan options set at
    MBAM.jpg
     
    plodr, Nov 11, 2022
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    For the external Hard Drive and a USB stick.

    Insert your flash drive before you begin. Hold down the Shift key when inserting the flash drive until Windows detects it to bypass the autorun feature. This will keep the autorun.inf from executing automatically.

    Please have all your removable storage devices ready for disinfection.

    Download Flash Disinfector by sUBs and save it to your desktop.

    * Double-click Flash_Disinfector.exe to run it.
    * Your desktop and icons may disappear. This is normal.
    * It will do a cleanup of removable storage devices, and write a protected Autorun.inf file to help prevent re-infection.
    * Follow any prompts that may appear.
    * The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
    * Wait until it has finished scanning and then exit the program.
    * There will be no GUI interface or log file produced.
    * Reboot your computer when done.

    Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.
     
    TimW, Nov 11, 2022
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let me check and notify Tim.
     
    TimW, Nov 11, 2022
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    plodr....the link in the malware forum works -
    Downloading Malwarebytes 4.5.17.221
     
    TimW, Nov 11, 2022
    #5
  6. Homebrewed

    Homebrewed Private E-2

    Gone! Thank you.
     
    Homebrewed, Nov 11, 2022
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds