You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. We have recently updated our Privacy Policies. We encourage you to read the full terms here. Hi, I'm seeing quite a few alerts detecting winexesvc. Is this a false positive - popped up on an otherwise not active PC after overnight's Windows updates? Anyone else seeing this? Edwin icon Best answer by JesseBropez 15 June , Like Quote Share.
I came here with the same question. Post Windows Update, lots of winexesvc. Like Quote. Hi, I'm also getting a lot of these detections on protected endpoints. The files are being quarantined but I would like to know the main cause or if any preventive measures can be set in place to lower the alerts. I also saw on the web where these could be generated from a Linux server pushing files to a windows machine These alerts started for me around yesterday morning and they've escalated up to this time.
Please submit a ticket to our Support Team so they can review the logs to make a proper determination. Hi there, Same is happening here. We have found out that our Unitrends Backup Appliance is using winexesvc. Just a heads up to other people wondering how the application got there. Hello 10d, This file "winexesvc. Because of the enormous potential to be used maliciously, Webroot has classified this file malicious as it is potentially un-safe.
If this program is needed in your environment, you may create an override and restore it from Webroot's quarantine via the Webroot Console. For steps to override this file, please visit the link below. Regards, Jesse L. Webroot Advanced Malware Removal Team. Thanks Jesse for the background. I s this happening because Windows 10 is extending the Linux subsystem feature with newer versions? EXE on one of my Exchange servers that uses Datto backup.
Consequently the backups were not running. I have since restored from quarantine and added and policy override. As such I can't monitor the services or free space since none of that information is working. The default Zenoss graphs are populating, however.
My WMI environment are 32 and 64 bit servers running 2k3 and 2k8. There is no correlation between an OS and it working or not working. You're not going to make progress unless you fix this bug and recompile it yourself according to my instructions above. Maybe they're not aware of it. I've updated the source and made the changes you suggest.
I recompiled and restarted Zenoss instance just to be sure. However my WMI script is still producing the same error. Now i can start and stop windows service from linux. Archived community. Search for:. Welcome, Guest Login Register Username:? Remember Me. Please enter a title. You can not post a blank message. Please type your message and try again. Up to Discussions in zenoss-users. Currently Being Moderated. Like 0. May 21, AM in response to gmiller. If you're trying to check out processes via SNMP - why are you using winexe?
Report Abuse Like 0. May 23, PM in response to jmp I've tried to look into it in a bit more detail, but there's not much information out there about winexe. It might be possible to just copy winexesvc. Winexe is connecting with the correct username and password since if it's incorrect it'll ask for another password , but from there just this 0x error. Does anyone know what it means? Regards, Waylon Kenning. May 23, PM in response to basicallythis.
Aug 11, PM in response to rebelinux. I just downloaded the VMWare instance and am experimenting with it and I've received the same problem. Unfortunately, downloading version 0. I can't compile from source because autoconf.
0コメント