Login

**mclarenclarkson** · (This post was last modified: 10-19-2014, 02:06 PM by mclarenclarkson.)

Hi all,

So I recently went into my local shop and saw a computer magazine about Windows 10 and how to run the technical preview on your PC and it seemed easy to do so I went home and downloaded the iso. I didn't want to partition my drive so I tried an external drive and it was so slow that copying a folder with 2.5GB of pictures would have taken 2 and a half hours to do! So I did some research and then I saw that their was a program called "WinToUsb" that had been recommended by lifehacker (I think) and looked very promising. So I downloaded the 1.5 Version and it spat me out an error so I downloaded the 1.6 Beta Version which worked fine. But then when it was writing to the USB kaspersky flashed up and said "Trojan detected, virus removed". I am very confused as to why it gave me that and I am wondering if I should download it again and disable/make an exception in kaspersky?

Should I do it or is it too risky? I rarely get false positives from kaspersky.

Thanks for all the help,
Dan.

**GuiltySpark** · 10-18-2014, 04:53 PM

What was the actual file path of the Trojan?

**mclarenclarkson** · 10-18-2014, 05:14 PM

Kaspersky actually deleted the entire wintousb exe suprisingly.
The path was: C:\program files (x86)\wintousb\bin\wintousb.exe

**GuiltySpark** · 10-18-2014, 05:21 PM

Strange. Could be a FP.

I would upload it to VirusTotal next time as it may have just been Kaspersky that (wrongfully) caught it, assuming you downloaded from the main source and not a ~~turd~~ party...sorry third party Big Grin

**mclarenclarkson** · (This post was last modified: 10-18-2014, 06:01 PM by mclarenclarkson.)

Just finished uploading it to Virus Total and all the EXE'S Check out as virus free, no idea why kaspersky gave me a FP. I'm just about to load windows on the usb stick again so I'll get back to you when it's done.

Edit: Just hit 1% Of Completion, takes ages to install.

**Akron Computer Guy** · 10-18-2014, 06:17 PM

Britec has a video with instructions on how to use WinToFlash. https://www.youtube.com/watch?v=_SwZDboRv6U It's a very useful tool, no trojans at all!

**mclarenclarkson** · (This post was last modified: 10-18-2014, 07:16 PM by mclarenclarkson.)

(10-18-2014, 06:17 PM)Akron Computer Guy Wrote: Britec has a video with instructions on how to use WinToFlash. https://www.youtube.com/watch?v=_SwZDboRv6U It's a very useful tool, no trojans at all!

That's just an installer so if you boot that up it's just going to bring you up a windows installer window asking you to select a hard-drive.
What wintousb does is install windows to a usb stick not install the installer to a usb stick.
Thanks for telling me about that though as I'll probably use it later.

So this is what I get:

[Image: mCaaY.jpg]

Their ain't nothing bootable about that!
Might give up or run a VM if it comes down to that but my PC only has 4GB RAM but it's 1600MHz so it's ok.

***Britec*** · 10-18-2014, 07:56 PM

If this is the WinToUSB you are talking about? its clean

virus-total result

**mclarenclarkson** · 10-18-2014, 08:19 PM

(10-18-2014, 07:56 PM)Britec Wrote: If this is the WinToUSB you are talking about? its clean

virus-total result

That's the one. Check out what I just got from kaspersky after installing it:

[Image: LlCiR.jpg]

I really am confused. I think it's because the folder contains a .dll called watcher.dll.

What should I do?

**mclarenclarkson** · 10-18-2014, 09:24 PM

Just finished removing that virus after it completely screwed my PC by mucking up all paths to every programs, disabling sound drivers, making everything run at a super slow pace and make the computer unable to turn off! Do not download!

Thanks for all your advice and help,
Dan.