winfire.exe is making my blood boil
June 9, 2006 5:51 AM Subscribe
I found a strange new process, winfire.exe on my system. HELP!?
NOD32 can't seem to get rid of it. I tried to delete it but it just pops up again. I even tried running the scan in safe mode but it doesn't work in this case.
Here's a screenshot. I can't find either winfire.exe or rdriv.sys on my system!
How do I get rid of this pesky little critter?!
NOD32 can't seem to get rid of it. I tried to delete it but it just pops up again. I even tried running the scan in safe mode but it doesn't work in this case.
Here's a screenshot. I can't find either winfire.exe or rdriv.sys on my system!
How do I get rid of this pesky little critter?!
Googling for winfire.exe turned up this link. Looks like it has a cleaner and instructions. I'd give it a try.
posted by chndrcks at 6:15 AM on June 9, 2006
posted by chndrcks at 6:15 AM on June 9, 2006
I see that NOD32 is an antivirus package, and claims to have spyware/adware/malware removal. Clearly, it ain't livin' up to the hype. Consider using an antivirus program from a well-known vendor, like Microsoft or AVG.
posted by Merdryn at 6:17 AM on June 9, 2006
posted by Merdryn at 6:17 AM on June 9, 2006
NOD32 has a pretty good rep, Merdyn. That said, Spybot and then Housecall. Now.
Later on you can work out which - if any - memory-resident AV software you want to use. Please note that Housecall has a tendency to to be a little trigger happy as far as false positives go, but that's more a feature and less a bug.
posted by Ryvar at 6:28 AM on June 9, 2006
Later on you can work out which - if any - memory-resident AV software you want to use. Please note that Housecall has a tendency to to be a little trigger happy as far as false positives go, but that's more a feature and less a bug.
posted by Ryvar at 6:28 AM on June 9, 2006
I wouldn't drop NOD32. If you did, Kaspersky would be a solid alternative though...AVG not so much unless you need something free and lightweight--in fact Google actually turns up two people using AVG having the same struggle with this malware.
What I would do after winfire is cleaned is try to figure out how it got on in the first place. Was it a drive by browser install (are you using Internet Explorer?) or something you downloaded? One thread mentioned a windows media player skin site as the suspected source, but didn't make it clear if they'd gotten it just from visiting or if they'd downloaded something...
posted by Pryde at 8:35 AM on June 9, 2006
What I would do after winfire is cleaned is try to figure out how it got on in the first place. Was it a drive by browser install (are you using Internet Explorer?) or something you downloaded? One thread mentioned a windows media player skin site as the suspected source, but didn't make it clear if they'd gotten it just from visiting or if they'd downloaded something...
posted by Pryde at 8:35 AM on June 9, 2006
Response by poster:
Phew. I managed get rid of it.
rdrivRem.bat + Ewido Anti-Malware + Spybot + Housecall + NOD32 = Total Eradication.
I know how I got winfire.exe btw. It was from some piece of software that I downloaded from mininova.org a couple of days ago to test drive. I didn't check the files before continuing the download. Shame on me.
I'm gonna hold on to NOD32. It's got a pretty good reputation and it lives up to it. Getting winfire,exe into my system was my crummy fault and I deserved it.
Anyway, thanks for all your help guys. I really appreciate it! :)
posted by mordecai at 11:13 PM on June 9, 2006
Phew. I managed get rid of it.
rdrivRem.bat + Ewido Anti-Malware + Spybot + Housecall + NOD32 = Total Eradication.
I know how I got winfire.exe btw. It was from some piece of software that I downloaded from mininova.org a couple of days ago to test drive. I didn't check the files before continuing the download. Shame on me.
I'm gonna hold on to NOD32. It's got a pretty good reputation and it lives up to it. Getting winfire,exe into my system was my crummy fault and I deserved it.
Anyway, thanks for all your help guys. I really appreciate it! :)
posted by mordecai at 11:13 PM on June 9, 2006
« Older Success Factors for Iterative Development | Where can I get my hands on a Rockstar cooler? Newer »
This thread is closed to new comments.
Once you've done that, download and install (IN SAFE MODE WITH NETWORKING SUPPORT, you'll see it on the F8 menu) Spybot Search and Destroy. It's not the most user-friendly program, but run a scan and delete anything it finds. You may lose your cookies, but the 1/2 punch combination of the above-linked post and Spybot Search and Destroy should set you right.
Once you've been able to clean the machine (spybot doesn't show any infections, even after a reboot), install a virus and malware/spyware realtime and resident scanner, for example, Windows OneCare Live. It's $50 a year, and that covers up to three PCs. You can download a 60 day trial on their web site.
If you already have anti-virus installed, and you're keeping it updated (OneCare makes this really simple), get a standalone realtime and resident malware/spyware scanner. For example, Windows Defender (yes, it's beta, but it's rock-solid and offers great protection).
posted by Merdryn at 6:15 AM on June 9, 2006