Win64:Malware-gen C:\windows\winexesvc.exe

[BudG]

We received a virus alert for the 1st time called Win64:Malware-gen C:\windows\winexesvc.exe and am wondering if this is a false positive?  Or did a new definition make this file now be considered Malware? What does the Win64:Malware-gen designation mean? Does that mean it is a PUP?  Looks the file has been on our systems for nearly 2 years and never classified as Malware.  Malwarebytes does not see it as Malware either.  Odd.  I understand that the file can be used to push software installs from Linux boxes such as by AlienVault OSSEC agents, which we do use AlienVault.  So, is Avast just saying this file could have potential risks? Or does this mean that file has been itself infected with something else?

[Sirmer]

Can you please upload this file into virustotal and send us a link? Or send us this file directly?

[BudG]

Can you please upload this file into virustotal and send us a link? Or send us this file directly?

It is currently quarantined.  Can I send it from the virus chest using "submit file to virus lab"?

Not sure how to send in VirusTotal.  I know how to upload to it and have a file checked, but dont know how to send a file using VirusTotal.

Or should I un-quarantine it and send it another way?

[Pondus]

It is currently quarantined.  Can I send it from the virus chest using "submit file to virus lab"?

yes

[BudG]

It is currently quarantined.  Can I send it from the virus chest using "submit file to virus lab"?

yes

I just sent it from the quarantine using "submit file to virus lab" from in the virus chest.  I put my email address in so you should be able to find it.  Will someone email me back and let me know the findings?
If I need to send it another way I can send it another way if it needs to get to the right person to be able to get information about the file.

[Pondus]

Will someone email me back and let me know the findings?

Maybe

there used to be a feature i chest where you right cliked on file to rescan and see if it was still detected, if not detected you may restore it
Dont use avast so dont know if this is still possible

[BudG]

Will someone email me back and let me know the findings?

Maybe

there used to be a feature i chest where you right cliked on file to rescan it and see if it was still detected, if not detected you may restore it
Dont use avast so dont know if this is still possible

Hi,
I am trying to find out if the file has been infected with something or if the file itself is just considered malicious due to its power.  The file on Windows is winexesvc.exe and can be used on windows to receive files pushed from a Linux server to a windows server. We do use AlienVault on Linux that does push and install its OSSEC agent to windows servers. If the file itself is just considered possible malicious I do not mind restoring the file.  However, if the file has been infected with some other Malware then I want to keep in quarantined.  That is why I need to hear from someone as to which it is.
Thanks,
Bud

[BudG]

Can you please upload this file into virustotal and send us a link? Or send us this file directly?

I just sent it from the quarantine using "submit file to virus lab" from in the virus chest.  I put my email address in so you should be able to find it.  Will someone email me back and let me know the findings?
If I need to send it another way I can send it another way if it needs to get to the right person to be able to get information about the file.

I am trying to find out if the file has been infected with something or if the file itself is just considered malicious due to its power.  The file on Windows is winexesvc.exe and can be used on windows to receive files pushed from a Linux server to a windows server. We do use AlienVault on Linux that does push and install its OSSEC agent to windows servers. If the file itself is just considered possible malicious I do not mind restoring the file.  However, if the file has been infected with some other Malware then I want to keep in quarantined.  That is why I need to hear from someone as to which it is.

[BudG]

Can you please upload this file into virustotal and send us a link? Or send us this file directly?

I just sent it from the quarantine using "submit file to virus lab" from in the virus chest.  I put my email address in so you should be able to find it.  Will someone email me back and let me know the findings?
If I need to send it another way I can send it another way if it needs to get to the right person to be able to get information about the file.

I am trying to find out if the file has been infected with something or if the file itself is just considered malicious due to its power.  The file on Windows is winexesvc.exe and can be used on windows to receive files pushed from a Linux server to a windows server. We do use AlienVault on Linux that does push and install its OSSEC agent to windows servers. If the file itself is just considered possible malicious I do not mind restoring the file.  However, if the file has been infected with some other Malware then I want to keep in quarantined.  That is why I need to hear from someone as to which it is.

Pinging thread due to no more responses or answers to solve problem of how to get file to Avast so someone can look at it and let me know the results of what they find...