WinCal.Exe Arbitarily Wanting to Start

Hi folks,

This morning for the 1st time "WinCal.Exe" application wanted to get started so my "Comodo Memory Firewall" asked me if I wanted to allow this operation.

Well, I have never used Windows Vista Calendar .... heck I did NOT even knew that there was such an animal or application on my laptop. So, I chose to block the application.

According to Comodo Memory Firewall this is a pattern for a Hacker's attack!

Here is what throws me off ... yesterday I happen to ran these Anti-Virus applications in FULL Scan mode and found nothing ... Avira Antivirus, SuperAntiSpyware, Malwarebytes Anti-Malware.

Q1: Do I have something to worry about? Am I infected?

If not can someone shed a light on this ... why would this application just want to start out of nowhere ... I have had this laptop for over 9 months ... why this application never had tried to start before and this morning all of sudden!

I have used Comodo almost from day one on my laptop.

Q2: Any suggestions on what to do with this Application and it's safety?

BTW, I am running Vista Home Prem., SP1, 64-Bit.

Thanks,

G!

 

upload the file to www.virustotal.com to verify if it's legitimate - around 30 antiviruses will scan it at once.

there are two scenarios - 1) it's malware using the app's name, and you will see this in the virustotal results; or 2) it's a legitimate app trying to get updates or whatever, even if you don't use it.

 

Hi entropy,

I actually did run the WinCal.exe thru VirusTotal and it came back "Clean" ... so I breathed a little ... BUT, I am still dumb-founded why in the world this application Never ran before on it's own ... and I have had this laptop for about 9 months ... so that is why I panic'ed.

I did install couple of programs the other day and visited some websites I usually don't go to ... Free Download sites ... may be somehow something activated this program ... but I would love to know what.

I will run Deep Scans with SAS, MAM, and Avira tomorrrow when I have some more time.

THANKS for your relpy!

G!

 

you're welcome.

according to http://www.microsoft.com/windows/windows-vista/features/calendar.aspx , the application seems to be a part of all Vista editions... if it was only the start of the application what Comodo warned you about, i would guess that it was updated after some Windows Update, so the file was changed, and therefore Comodo considered it to be a new application. Comodo didn't know the "new" program, so it triggered the ask dialogue.

 

Hi entropy,

Now that makes a good sense! This explanation and the fact my several Virus Scan did not catch anything ... does give me a peace of mind!

Thanks again dude!

G!