I run a lenovo laptop that has the 'synaptics' family of drivers on it. I noticed yesterday that one chunk of that software, is running conhost.exe, which is a Microsoft executable. Someone (synaptics, or you Microsoft) has dropped the ball on conhost.exe, as it shows a virus signature under ProcessExplorer from sysinternals:
Here is the link showing the virus info:
Not sure whose problem this is - yours (Microsoft) for the native conhost.exe having a problem, or Synaptics if they're redistributing your exe (note that the conhost.exe has microsoft signatures in it, so it came from you.) Has conhost.exe been patched in a security update? If so, which one? I keep my computer up to date, I think the right solution for this, is for MS to put this in an update and supersede any earlier versions. Someone from your side should reach out to Lenovo about Synaptics, they won't listen to me but you've got an IHV program I'm sure you can work through.
It's pretty disheartening to have found this after using this computer for years, hopefully nothing's compromised. Also, I run windows defender ad-hoc regularly and scheduled often, too, and it didn't peep about this.