Jump to content


  • Posts

  • Joined

  • Last visited

Profile Information

  • OS
    Windows 7

andrum99's Achievements


Newbie (1/14)



  1. I have put a request on the Kaspersky forums for an explanation as to why Pure 3.0 is red flagging the installer version of WinToolkit. I suspect that it doesn't like the crapware that the installer contains, since the portable version is not getting red flagged.
  2. I began with a Windows 7 retail ISO image and integrated all security updates downloaded my Windows Updates Downloader. There is no traffic of any concern in my Wireshark capture. I did some of the run with my VM's antivirus disabled and it all looked OK. It seemed a lot faster in the VM - perhaps this is due to my using different antivirus. Total time for the integration run was 50mins 5 secs. I did not attempt to run Windows Updates Downloader at any point - I simply used files that it downloaded previously. My next step is to run Windows Updates Downloader in a VM with Kaspersky Pure 3.0, then WinToolkit in a VM with Kaspersky Pure 3.0 to see what happens. I found no evidence that there is anything untoward about WinToolkit. I am satisfied that WinToolkit contains nothing untoward, and is safe to use. I have therefore issued a full retraction on my website, and I apologise unreservedly for the problems I have caused here this evening. Andrew Pattison.
  3. Many thanks for doing that. YOu will have a full apology from me once wireshark gives me a clean log. I want to do this the right way this time ;-)
  4. Just a thought - if you are going to advise folk to disable their AV it might be worth recommending disconnecting from the internet while they have it disabled. That recommendation troubled me somewhat,
  5. I will send my logs to Kaspersky tomorrow to have this false positive in their product corrected.
  6. The unfortunate thing is the broadband is actually my brother's since I share a flat with him. With any luck this will all resolve itself soon...
  7. I am drafting a full retraction, to be issued when, as I expect, Wireshark turns up nothing untoward. Expect it in the next hour or 2.
  8. Just a small point - why did you file a complaint with Sky rather than blogger? Just wondering.
  9. I have reverted my blog post to draft, as this is the quickest way to blank it just now, while I further investigate this. It seems I may have been mistaken. I did also use another product on my system just before running WinToolkit so perhaps it is to blame. The product I used was called Windows Updates Downloader, but again this is another apparently legitimate application. Apologies if I have gone off half cocked on this one - I did panic slightly. I will run the portable installer in a VM with wireshark running and see what it looks like.
  10. You can send as many cease and desist requests as you like. Last time I looked, fair comment was a defence for defamation, I am not required to publish your comments. For example, something is fair comment if it is factually accurate, as is the case with my observations.
  11. The virustotal analysis only proves that the file itself contains no malware. It is easy to create an app that downloads something dodgy without the binary actually containing anything dodgy itself. If you think that the behaviour of the app is benign then please explain its operation and the presence of write.exe in c:\WinToolkit_mount, with permissions designed to prevent its removal.
  12. As I said on my blog, the fact that there is a non-crapware version of the installer does not necessarily mean that WinToolKit itself does not contain, or itself download malware. I have posted further evidence on my blog. It is telling that as well as your attempted character assassination you have not attempted to post any evidence to contradict my statements, except for stating that there is an adware free installer. Regards Andrew Pattison andrum99@gmail.com
  13. If you believe that Kaspersky has flagged this software as a false positive then please post your evidence here. For the record, I am 37. Regards Andrew Pattison.
  14. Further malicious activity has been detected by Kaspersky once I installed WinToolKit and the Kaspersky Security Network now red flags the installer with a more serious warning. DO NOT INSTALL THIS PRODUCT. I am an IT professional with 20 years experience - I know a bad app when I see one. GIve this site and the product as wide a bearth as you can. I expect someone will be along soon to either deny this is the case, or to simply delete this message. Please contact me via my blog (andrum99.blogspot.co.uk) if you have concerns about this notice and to confirm that this message is genuine. You have been warned! Andrew Pattison FIfe, Scotland.
  15. My installation of Kaspersky Pure 3.0 has detected the current version of wintoolkit as UDS:DangerousObject.Multi.Generic. This is a generic alert generated by the Kaspersky Security Network. Is this a false positive? Thanks Andrew.
  • Create New...