The characteristics that have been infected computers of malware include:
- Function show hide hidden files in Folder Options does not work.
- Internet connection will seem slow
- If using an additional firewall other than Windows property, will often appear a message telling like this CtDrvMgq going to do an internet connection to a specific IP. If the message first appears when Windows, finished booting and you select the option “Deny” then the browser automatically will not be used for browsing for as if the internet connection stops.
- Additional firewall will also let you know that the hosts file is modified illegally.
- Tool as Cprocess, HijackThis, Microsoft Malicious software removal tool and the like can not be executed because the process will always be in the “kill” the middle of the road by one of the processes running in computer.
For your computer infected by this virus, this some tips and ways to eliminate infection.
- Find the file msvbvm60.dll, located in the Windows folder, although I certainly was not so notice.
- Rename the file to be msvbvm60ss.dll example, do not be too much to change the name originally due to be returned later as before.
- Restart your computer, will appear some error messages for some specific programs will fail running as it requires this dll files including viruses.
- Run regedit from the Run menu
- Find the key and value by using the menu CtDrvMgq Find.
- Delete any values that contain the words CtDrvMgq.exe
- Continue the search by pressing F3 key. if found, delete again. Repeat until out a message “Finish searching ….”
- Look for key or value with the keyword conime
- Delete if the value or key is conime.exe and search again as before, but you must be careful because the windows also have its own conime.exe files.
- Look for key or value with CtDrvMgv.exe keywords
- Delete if the value or keynya is CtDrvMgv.exe and search again like the previous step.
- Next, search for files CtDrvMgq.exe, conime.exe and CtDrvMgv.exe on drive C and then delete the three files it.
- Restore files that have direname etc. prior to the original name of msvbvm60.dll
- Restart your computer, scan the registry and repair registry changes are found.
- Download and run the Microsoft Malicious Software removal tool to search for other malware.
Detail for conime.exe (Bfghost process).
- The conime.exe process is a backdoor/trojan. It will allow people direct access to your computer with which they can gain access to your personal information and files.
- conime.exe is considered to be a security risk, not only because spyware removal programs flag Bfghost process as spyware, but also because a number of users have complained about its performance.
- Bfghost process is likely spyware and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of conime.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information.
- conime.exe is considered to be a security risk, not only because antivirus programs flag Bfghost process as a trojan, but also because other sites consider it a Trojan as well.
- Bfghost process is likely a Trojan and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of conime.exe may cause serious harm to your system and will likely cause a number of problems, loss of data, loss of control or leaking private information.