conime.exe, safe or harmful?

Discussion in 'Windows 7 Help and Support' started by kaya51181, Dec 9, 2009.

  1. kaya51181

    kaya51181 New Member

    Joined:
    Dec 4, 2009
    Messages:
    8
    Likes Received:
    0
    I've just started using windows 7 and I was going through msconfig turning off things for startup. I noticed a exe that does not have a manufacturer. I've read that it MAY be safe, or MAY be harmful and was wondering how I could tell.

    Startup Item - Conime
    Manufacturer - Unknown
    Command - %windir%\system32\conime.exe
    Location - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

    I have Windows 7 64-bit
     
  2. lmjai

    lmjai New Member

    Joined:
    Nov 22, 2009
    Messages:
    10
    Likes Received:
    0
    AFAIK there are 2 conime.exe knows files, 1 of them is a windows file that has something to do with support for asiatic languages, the other one is a "backdoor Input Method Editor Remote de BFGhost 1.0". I'd run a virus scan on the comp but I don't think you need this file in the start-up anyway.
     
  3. reghakr

    reghakr Excellent Member

    Joined:
    Jan 26, 2009
    Messages:
    14,220
    Likes Received:
    180
    Exactly,

    look for bfghost.exe in Task Manager.

    You'll now know you have a virus.

    Here;s instructions if you need them:

    1. Kill the following processes in the Task Manager:
    bfghost.exe, editmm.exe, conime.exe

    2. Unregister service.dll in Windows\system\

    How? Start - Run - copy and paste:

    REGSVR32 /u C:\Windows\System\service.dll

    Press Enter and REBOOT.

    3. Remove the following files
    bfghost.exe, editmm.exe, read it.txt.
    conime.exe in Windows\
    regsys.vxd, service.dll in Windows\system\
     
  4. kaya51181

    kaya51181 New Member

    Joined:
    Dec 4, 2009
    Messages:
    8
    Likes Received:
    0
    only things in my task manager are...

    crss
    dwm
    explorer
    firefox
    nvvsvc
    PSUNMain
    taskhost
    taskmgr (obviously) >.<
    winlogon

    I would list services... but I doubt anyone wants to look through that, nor do I want to type it...
     
  5. kaya51181

    kaya51181 New Member

    Joined:
    Dec 4, 2009
    Messages:
    8
    Likes Received:
    0
    I'm also wondering how it got on my system... because I'm generally extremely safe with my computer, have Panda Cloud Antivirus on here before I connected to the internet, got all my updates asap, browse with firefox. Only thing I do that's kinda naughty is torrents/limewire. Panda Cloud isn't the greatest at getting RID of problems, but it has the highest detection rate supposedly because of it being cloud and such.
     
  6. reghakr

    reghakr Excellent Member

    Joined:
    Jan 26, 2009
    Messages:
    14,220
    Likes Received:
    180
    That I can't tell you, I haven't heard of panda Cloud until this post.

    Maybe a more standard anti-virus would help I prefer Avira free.

    Here's a special deal :

    dotTech Exclusive: Free 1 year license of Returnil Virt
    As promised earlier this week, we have a real treat for everyone this weekend:

    Everyone can get a 1 year license of Returnil Virtual System 2010 Home Lux for free! Before I delve into how to get the 1 year license, let me give a quick overview of what RVS 2010 is for those that don't know.

    Returnil Virtual System 2010 is a unique security software that protects your computer in an unorthodox manner. RVS 2010 uses a powerful combination of anti-virus, anti-malware, and a virtual system to protect your computer from all types of viruses and unwanted system changes.

    The traditional security software like Avira, Kaspersky, Norton, AVG, NOD32, etc. actively, and on demand, detect and remove infected files. RVS 2010, on the other hand, has a two pronged attack to the malware problem

    More.............dotTech Exclusive: Free 1 year license of Returnil Virtual System 2010 Home Lux! | Freebies | dotTech [.org]
     
  7. Tepid

    Tepid New Member

    Joined:
    Jun 11, 2009
    Messages:
    1,344
    Likes Received:
    38
    Additional Info,,,

    "conime.exe is a part of the the Microsoft Windows Operating System and is essential for the secure and safe operation of your computer."

    However,,,

    it is also related to....

    "a process which is registered as the Input Method Editor Remote administration backdoor tool. This backdoor application can allow attackers to access your computer, stealing passwords and personal data. This process is a security risk and should be removed from your system."

    Also see... conime.exe Windows process - What is it?
     

Share This Page

Loading...