Antivirus detecting WinExeSvc but Huntress isn't reporting anything
Some antivirus applications may flag the executable WinExeSvc.exe as a potentially unwanted application (PUA). The WinExeSvc.exe is related to WinExe, a utility that is similar to Microsoft's PsExec. WinExe is used to run commands on a Windows host from Linux and other Unix-based operating systems.
When WinExe is used to run a command, a helper service, WinExeSvc.exe, is created on the Windows host.
Some SIEM applications, such as FortiSIEM, and other Linux-based applications may use WinExe to run commands on Windows hosts.
Applications known to use WinExe:
Snip-it from FortiSIEM documentation:
If you need more assistance, please reach out to Huntress support at firstname.lastname@example.org, and we would be happy to help.