- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
Alert from Traps regarding malware detection file “Wininfo.exe”.
- LIVEcommunity
- Collaboration
- Discussions
- Endpoint (Traps) Discussions
- Alert from Traps regarding malware detection file “Wininfo.exe”.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Alert from Traps regarding malware detection file “Wininfo.exe”.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-17-2021 01:14 AM
Received a huge number of alerts from Traps regarding malware detection of the maximum system due to file “Wininfo.exe”.
Please find of a snapshot of one system and suggest how to fix this. Is there any impact?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-24-2021 09:39 AM
Good Day
How have you confirmed that this file is NOT malicious in nature? As you know, there is both static analysis on a brand new/unseen file, as well as the dynamic analysis from the WF cloud. If it is claiming to be malicious, I would ask that you do your diligence to confirm if this is false positive. If so, then you can either create an exception for that signature, or go to the WF portal and ask that PANW re-check their verdict.
- False Positive Report in VirusTotal
- host reachability require in internal host detection in GlobalProtect Discussions
- Hola VPN False Detection in VirusTotal
- Detecting UserAgent spoofing in General Topics
- Behavioral Alert from Vulnerability Scanner - How to Allow Scans WITHOUT alerts from IP address? in Cortex XDR Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
