When I went in the chest to restore the file so that I could submit it to VT, I noticed another detection in the chest pertaining to system restore…see attached screen shot. Mind you, I haven’t run any more Avast scans, yet there was a new detection. I did however run MBAM & SAS scans & they detected nothing. I also use hard & soft firewalls & also use some other network security features & practice extremely safe internet, so the chance that I picked up a bug are not likely!
FYI, I updated to the new version of Avast a couple of days ago & now suddenly I am experiencing problems. Comodo was blocking attempts by Avast to update, & I of course allowed all.
Would love it if Avast would verify these supposed FP’s or can somehow confirm if in fact they are malicious in nature. According to Avast as listed on VT, the suspect file is clean. I am confused!
I am about to run a boot scan! Just went thru all the settings of Avast 6.0 & adjusted to my liking.
Oh, & BTW…Avast seems to have fixed the issue!! Just scanned the two files in question & now they are clean…well they were always clean, but you get the point. Let’s see what the boot scan turns up…I hope nothing, as I believe should be the case.
I am curious now though why I have WZCNFLCT on my machine ??? Seems like I can delete it anyway…stay tuned…
A0043371.EXE from the restoration files and WZCNFLCT.EXE are likely the same files. They are both the same size at 45130 bytes.
You should be able to find out what program install put the file there. It would be better to uninstall that program if you don’t want/need it rather than just deleting the file. It seems that it was a false positive, anyway.
The VirusTotal results link you posted has a “Show All” button. Clicking that gives the filesize and checksums, among other information about the file.
Visiting the links I posted earlier lists one candidate. Searching Google for WZCNFLCT.EXE and comparing the results with your Add/Remove Programs list on your machine should give you the answer.
In regards to the program that installed WZCNFLCT, if you are referring to the SQL Server, I don’t have that. I don’t have all that many programs installed & other than one of the other MS ones, I can’t imagine how it would have got there. I keep a pretty clean system.
UPDATE: Unless it is part of “The Microsoft Visual C++ 2008 Redistributable Package”