Description of trojan conhost.exe
This malware is part of rogue program Wireshark Antivirus. It modifies a system setting in registry so that whenever an executable file is running, this malware will be loaded first, then it can block some anti-malware programs from running. Once it is active, it will download many other rogue programs from internet and redirect search result to unrelated website.
Objects of trojan conhost.exe
Registry Value:
HKEY_CLASSES_ROOT\exefile\shell\command\open :@=C:\Program Files\conhost.exe “%1? %*”
Registry Key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QTUpdate
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Object\{19090308-636D-4e9b-A1CE-A647B6F794BF}
File:
C:\Program Files\shk_v10.dll
C:\Program Files\csrss.exe
C:\Program Files\conhost.exe
Folder:
C:\Program Files\Wireshark Antivirus
%UserProfile%\C:\Documents and Settings\Administrator\Start Menu\Programs\Wireshark Antivirus
How to remove trojan conhost.exe with Adware Away
Adware Away can completely remove trojan conhost.exe and all malware downloaded by this malware. Just follow the steps below:
- 1. Launch Adware Away
- 2. Click "Start Scan" button and wait for the scan completes
- 3. Click "Fix Selected" button in the scan result window
- 4. Reboot your computer if Adware Away prompts to reboot.
Adware Away scan result for trojan conhost.exe (Note: result may be different between different variants)
About Adware Away and Customizing Removal Service
Adware Away is the only product that doesn't provide free trial vesion in anti-malware industry. We have 100% confidence to remove any malware with Adware Away and its customizing removal service. The download link is to download a scan-only version, you are required to purchase it before using it to remove the malware it finds.
