Anyone explain this Vista 64 problem?

splosher

splosher

Power User
Hi

Got major problem with system now - conime.exe*32 is in and slowing my PC down to a crawl. How do i get this out as i've tried to rename it, delete it and move it but get access denied. Checked permissions and it's running under Trusted Installer.

Have tried safe mode to no avail, have run defender, avast anti virus and now Ad-Aware but the first 2 don't pick anything up and Ad-Aware just stops at the beginning deep scanning registry.

Is there a registry line i can delete in order to remove this c**p from my system?

Many thanks
 

My Computer

System One

  • CPU
    Q6600@stock
    Motherboard
    Asus P5N32-E SLI
    Memory
    4GB Geil DDR2 PC6400 CAS4
    Graphics Card(s)
    1 x BFG 8800 GTS 512mb OC
    Hard Drives
    2 x 80Gb Samsung SATAll in RAID 0
    2 x 80Gb Maxtor SATA1 in RAID 1
    1 x 120Gb Maxtor SATA1 back-up
    Internet Speed
    Bt Broadband, so about same as 56k modem!
Had a quick look and found two things.

1. conime.exe is a backdoor trojan related to ghost which will allow an attacker remote access to your computer.
2. It is part of the console ime. (thought I have heard of it before).

If you have logs for your internet traffic look at those to try and work out.
Try going into cmd. Type netstat -a this will tell you all the connections you have. If any ip address looks bad that may point you in the right direction.

Look at Conime.exe - Critical Security.NET
 

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    I5 3570K
    Motherboard
    Gigabyte Z77-DS3H
    Memory
    4 x 4GB corsair ballistix sport DDR3 1600 Mhz
    Graphics Card(s)
    Gigabyte Geforce GTX 660 TI
    Sound Card
    creative x-fi
    Monitor(s) Displays
    Primary CiBox 22" Widescreen LCD ,Secondary Dell 22" Widescreen
    Screen Resolution
    Both 1680 x 1050
    Hard Drives
    2 x 500G HD (SATA) 1 x 2TB USB
    PSU
    Corsair HX 620W ATX2.2 Modular SLI Complient PSU
    Case
    Antec 900 Ultimate Gaming Case
    Cooling
    3 x 80mm tri led front, 120mm side 120mm back, 200mm top
    Keyboard
    Logik
    Mouse
    Technika TKOPTM2
    Internet Speed
    288 / 4000
    Other Info
    Creative Inspire 7.1 T7900 Speakers
    Trust Graphics Tablet
splosher said:
Hi

Got major problem with system now - conime.exe*32 is in and slowing my PC down to a crawl. How do i get this out as i've tried to rename it, delete it and move it but get access denied. Checked permissions and it's running under Trusted Installer.

Have tried safe mode to no avail, have run defender, avast anti virus and now Ad-Aware but the first 2 don't pick anything up and Ad-Aware just stops at the beginning deep scanning registry.

Is there a registry line i can delete in order to remove this c**p from my system?

Many thanks
Click to expand...


Maybe this link can help.
conime.exe - conime, Bfghost process, Trojan and Spyware Alert!
 

My Computer

System One

  • CPU
    Intel Q6600
    Motherboard
    MSI 975x Platinum Power Up
    Memory
    KIngston DDR2 800mhz VR
    Graphics Card(s)
    eVGA Geforce 8800GT
    Hard Drives
    2-250GB Seagate running RAID 0
Thanks Lads

Messed about trying to get it out for hours and finally booted in safe, managed to change the permissionson the thing - took forever - then i could delete it from systemWOW64 folder in windows.

Whilst in safe mode, ran Ad-aware 2007 Pro and RegCure 1.5 but same thing happens as when they run in normal mode: Ad-aware refuses to go past registry checking - just stops about 3/4 along - and when you disable this in the scan settings, it'll still do a registry scan (conditional) at the end of a scan, so you have to manually stop the scan before the end anyway.

RegCure 1.5 finds lots of things - first scan had 23,000 items in the File\Path References section! - but appears to be just looping on itself as i have to stop it manually whether it's running 2 mins or 2 hours.

So, i think i can definitely say that there's a problem within my registry, but i'm damned if i can find out what it is - anyone have any ideas?

Many thanks
 

My Computer

System One

  • CPU
    Q6600@stock
    Motherboard
    Asus P5N32-E SLI
    Memory
    4GB Geil DDR2 PC6400 CAS4
    Graphics Card(s)
    1 x BFG 8800 GTS 512mb OC
    Hard Drives
    2 x 80Gb Samsung SATAll in RAID 0
    2 x 80Gb Maxtor SATA1 in RAID 1
    1 x 120Gb Maxtor SATA1 back-up
    Internet Speed
    Bt Broadband, so about same as 56k modem!
I have noticed that I often have conime.exe (64bit) running, but the other day I saw 4 instances of "conime.exe *32" and that made me very suspicious.

Searching for some time with google did not yield any sensible way of determining if I have some kind of issue on my machine or not.

As i have installed chinese and japanese fonts (looks fascinating whenever I see them on webpages) ,I take it, it is for this reason the basic conime.exe show up in task manager, though I do not really know why.
 

My Computer

System One

Yeah this process causes problems on my system at random times unfortunatly its a legitimate Vista Program.

You can find copys of the files here:
C:\Windows\winsxs\x86_microsoft-windows-consoleime_31bf3856ad364e35_6.0.6000.16386_none_b403c7645ad02a2c
C:\Windows\System32\
 

My Computer

System One

You must log in or register to reply here.
Back
Top