Mr_Frog 14 Posted May 23 Share Posted May 23 This case is remain again today when I installed new version of Winflector. ESET detect it as a suspicious object and sent it to quarantine. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 23/05/2024 20.57.06;Real-time file system protection;file;C:\Winflector\server\wfrdsk.exe;Suspicious Object;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred during an attempt to access the file by the application: C:\Windows\System32\CompatTelRunner.exe (A13077579A31F131DECA8D2D949F7DB29D7527BC).;030E1984469424754A2526C1E1616CBCAB5F29B1;23/05/2024 20.56.05 This is frustrating Quote Link to comment Share on other sites More sharing options...
itman 1,707 Posted May 23 Share Posted May 23 Other AV's detect wfrdsk.exe as malicious: https://www.virustotal.com/gui/file/6b50b54a5f002dd785f3c790ff44fa8ed7f9d55eeb1149f4d88a6c26f2d5faf1/details . However what I believe Eset is triggering on is thatC:\Windows\System32\CompatTelRunner.exe is accessing the file. Are you running Winflector in Win compatibility mode? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,143 Posted May 23 Administrators Share Posted May 23 I wanted to find more information about the Winflector maker but could not find any contact information which looks suspicious. Quote Link to comment Share on other sites More sharing options...
itman 1,707 Posted May 23 Share Posted May 23 11 minutes ago, Marcos said: I wanted to find more information about the Winflector maker but could not find any contact information which looks suspicious. Looks like OTC S.A. in Poland is the vendor: http://www.otc.pl/index.asp?s=109&l=2 Contact info here: http://www.otc.pl/index.asp?s=28&l=2 Quote Link to comment Share on other sites More sharing options...
Mr_Frog 14 Posted May 24 Author Share Posted May 24 14 hours ago, itman said: Are you running Winflector in Win compatibility mode? No. I didn't. Here is the official website for this product https://www.winflector.com and its true the vendor is from Poland. I have been using this app for quite a while and faced this problem two times. This is the first: Quote Link to comment Share on other sites More sharing options...
itman 1,707 Posted May 24 Share Posted May 24 The reputation issue here is the developer, OTC S.A, has set up value added retailer relationships; i.e. partners, just like Eset does. When you access www.winflector.com in the browser, you are being redirected to one of these partners; most likely based on locality. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.