We migrated ticketing systems!

If you would like to check on the status of a ticket, please visit huntress.zendesk.com.

For the time being, our documentation will stay the same, we will make a hard cutover when all the documentation is ready. The Huntress Support site will continue to be support.huntress.io, it will just come with a new look and feel.

Click here to check the status of a ticket



Top

AV detecting WinExeSvc but Huntress isn't reporting anything

Some antivirus applications may flag the executable WinExeSvc.exe as a potentially unwanted application (PUA). The WinExeSvc.exe is related to WinExe, a utility that is similar to Microsoft's PsExec. WinExe is used to run commands on a Windows host from Linux and other Unix-based operating systems.

When WinExe is used to run a command, a helper service, WinExeSvc.exe, is created on the Windows host.

Some SIEM applications, such as FortiSIEM, and other Linux-based applications may use WinExe to run commands on Windows hosts. 

Applications known to use WinExe:

  • Unitrends
  • FortiSIEM
  • AlienVault
  • OpenVAS
  • Reevert

Snip-it from FortiSIEM documentation: 

If you need more assistance, please reach out to Huntress support at support@huntress.io, and we would be happy to help.