topic Re: File wininfo.exe cassified as malicious(verdict changed today), yet appears to be a legitimate Lenovo service in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/file-wininfo-exe-cassified-as-malicious-verdict-changed-today/m-p/426611#M1266 <P>looks like they changed it back to benign</P> Thu, 12 Aug 2021 23:07:52 GMT InfoSec2019 2021-08-12T23:07:52Z File wininfo.exe cassified as malicious(verdict changed today), yet appears to be a legitimate Lenovo service https://live.paloaltonetworks.com/t5/advanced-threat-prevention/file-wininfo-exe-cassified-as-malicious-verdict-changed-today/m-p/426610#M1265 <P>We had a ton of alerts in XDR generate on this file hash<BR />3ae8462769a4d5012b66af226a196bb12571c72a231b66f07afcc838e878045c<BR /><BR />Which is related to the above fie but everywhere we look it looks like an authentic Lenovo service related to BIOS updates.<BR /><BR />Does anyone know why the file determination was changed to malicious today?</P> Thu, 12 Aug 2021 23:06:59 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/file-wininfo-exe-cassified-as-malicious-verdict-changed-today/m-p/426610#M1265 InfoSec2019 2021-08-12T23:06:59Z Re: File wininfo.exe cassified as malicious(verdict changed today), yet appears to be a legitimate Lenovo service https://live.paloaltonetworks.com/t5/advanced-threat-prevention/file-wininfo-exe-cassified-as-malicious-verdict-changed-today/m-p/426611#M1266 <P>looks like they changed it back to benign</P> Thu, 12 Aug 2021 23:07:52 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/file-wininfo-exe-cassified-as-malicious-verdict-changed-today/m-p/426611#M1266 InfoSec2019 2021-08-12T23:07:52Z