WinToolkit from 1.7.0.1 to 1.7.0.8 to antivirus quarantine
- mcluskyism
- Beiträge: 5
- Registriert: Fr 26. Jul 2019, 20:56
- Status: Offline
WinToolkit from 1.7.0.1 to 1.7.0.8 to antivirus quarantine
Hi everyone, I'm new to the forum, I hope I wrote in the appropriate one.
I wanted to point out that my company antivirus (Check Point Endpoint Anti-Malware Blade) identifies WinToolkit.exe as infected with UDS:Trojan.MSIL.Agent.gen and relegates it to quarantine.
This happens with the WinToolkit_1.7.0.7 version which is therefore unusable, while with the WTK_v1_1.7.0.0 version the same executable passes the control, and it works.
I would like to test the versions prior to 1.7.0.7 but the download link only points to the latest.
Where can I find intermediate versions? Or should I wait for the next one?
Feel free to offer me further suggestions, thanks and greetings
Hallo allerseits, ich bin neu im Forum, ich hoffe, ich habe in der entsprechenden geschrieben.
Ich wollte darauf hinweisen, dass mein Unternehmensantivirus (Check Point Endpoint Anti-Malware Blade) WinToolkit.exe als mit UDS infiziert identifiziert: Trojan.MSIL.Agent.gen und in die Quarantäne verschiebt.
Dies geschieht mit der WinToolkit_1.7.0.7-Version, die daher unbrauchbar ist, während mit der WTK_v1_1.7.0.0-Version dieselbe ausführbare Datei das Steuerelement übergibt und funktioniert.
Ich möchte die Versionen vor 1.7.0.7 testen, aber der Download-Link verweist nur auf die neueste Version.
Wo finde ich Zwischenversionen? Oder soll ich auf den nächsten warten?
Zögern Sie nicht, mir weitere Vorschläge, Dank und Grüße anzubieten
I wanted to point out that my company antivirus (Check Point Endpoint Anti-Malware Blade) identifies WinToolkit.exe as infected with UDS:Trojan.MSIL.Agent.gen and relegates it to quarantine.
This happens with the WinToolkit_1.7.0.7 version which is therefore unusable, while with the WTK_v1_1.7.0.0 version the same executable passes the control, and it works.
I would like to test the versions prior to 1.7.0.7 but the download link only points to the latest.
Where can I find intermediate versions? Or should I wait for the next one?
Feel free to offer me further suggestions, thanks and greetings
Hallo allerseits, ich bin neu im Forum, ich hoffe, ich habe in der entsprechenden geschrieben.
Ich wollte darauf hinweisen, dass mein Unternehmensantivirus (Check Point Endpoint Anti-Malware Blade) WinToolkit.exe als mit UDS infiziert identifiziert: Trojan.MSIL.Agent.gen und in die Quarantäne verschiebt.
Dies geschieht mit der WinToolkit_1.7.0.7-Version, die daher unbrauchbar ist, während mit der WTK_v1_1.7.0.0-Version dieselbe ausführbare Datei das Steuerelement übergibt und funktioniert.
Ich möchte die Versionen vor 1.7.0.7 testen, aber der Download-Link verweist nur auf die neueste Version.
Wo finde ich Zwischenversionen? Oder soll ich auf den nächsten warten?
Zögern Sie nicht, mir weitere Vorschläge, Dank und Grüße anzubieten
Zuletzt geändert von mcluskyism am Mo 29. Jul 2019, 18:27, insgesamt 1-mal geändert.
Debian GNU/Linux by vocation, inevitably on Windows 

- Thiersee
- Beiträge: 457
- Registriert: Di 26. Jul 2016, 15:08
- Wohnort: Tirol (Österreich)
- Hat sich bedankt: 3 Mal
- Danksagung erhalten: 40 Mal
- Status: Offline
Re: WinToolkit_1.7.0.7 to antivirus quarantine
Buongiorno e benvenuto!
With intermediate versions it may happen too that the AV identifies the executable as infected: it's a false positive!
Anyway you can get such intermediate versions only from the user unantastbar (programmer/new developper), but only in two weeks: he is on holiday!
The same happens with MSE; the new version 1.7.0.8 isn't identified a infected (until now!).
Version 1.7.0.0 is the last version from the 1st programmer of WTK.mcluskyism hat geschrieben: ↑Sa 27. Jul 2019, 03:04....
while with the WTK_v1_1.7.0.0 version the same executable passes the control, and it works.
....
With intermediate versions it may happen too that the AV identifies the executable as infected: it's a false positive!
Anyway you can get such intermediate versions only from the user unantastbar (programmer/new developper), but only in two weeks: he is on holiday!
The same happens with MSE; the new version 1.7.0.8 isn't identified a infected (until now!).
MfG, Thiersee
- Nemo
- Beiträge: 1272
- Registriert: Di 12. Jul 2016, 12:28
- Wohnort: Bad Soden am Taunus
- Hat sich bedankt: 152 Mal
- Danksagung erhalten: 132 Mal
- Status: Offline
Re: WinToolkit_1.7.0.7 to antivirus quarantine
Hi mcluskyism,
Welcome to the forum!
When Sven/Unantastbar (the owner of this forum) launched WTK v1.7.0.8 before his vacation he apparently had no time to update the head of "Win Toolkit - Aktuelle Version".
Although named as "WTK v1.7.0.7" the link leads to the DL of the actual version v1.7.0.8.
As @Thiersee already mentioned:
Welcome to the forum!
When Sven/Unantastbar (the owner of this forum) launched WTK v1.7.0.8 before his vacation he apparently had no time to update the head of "Win Toolkit - Aktuelle Version".
Although named as "WTK v1.7.0.7" the link leads to the DL of the actual version v1.7.0.8.
As @Thiersee already mentioned:
Regards, Nemothe AV identifies the executable as infected: It's a false positive!
- mcluskyism
- Beiträge: 5
- Registriert: Fr 26. Jul 2019, 20:56
- Status: Offline
Re: WinToolkit_1.7.0.7 to antivirus quarantine
Hy guys
thanks for the quick answers, unfortunately I have just tested the latest version too, the false positive is still present, for now I try to stay on the original version v1_1.7.0.0 (more information for Nemo https://www.wincert.net/forum/topic/145 ... uarantine/). Thanks again
thanks for the quick answers, unfortunately I have just tested the latest version too, the false positive is still present, for now I try to stay on the original version v1_1.7.0.0 (more information for Nemo https://www.wincert.net/forum/topic/145 ... uarantine/). Thanks again
Debian GNU/Linux by vocation, inevitably on Windows 

- Nemo
- Beiträge: 1272
- Registriert: Di 12. Jul 2016, 12:28
- Wohnort: Bad Soden am Taunus
- Hat sich bedankt: 152 Mal
- Danksagung erhalten: 132 Mal
- Status: Offline
Re: WinToolkit_1.7.0.7 to antivirus quarantine
Hi,
I hope the old WTK Thiersee uploaded for you will do.
Regards,
Nemo
I hope the old WTK Thiersee uploaded for you will do.
Regards,
Nemo
- mcluskyism
- Beiträge: 5
- Registriert: Fr 26. Jul 2019, 20:56
- Status: Offline
Re: WinToolkit_1.7.0.7 to antivirus quarantine
Hi Nemo, just downloaded the bulk archive of intermediate releases, I will test ASAP and sorry for the delay.
For now, just for sake of clarity:
original v1_1.7.0.0 passes antivirus check
latest 1.7.0.8 and previus 1.7.0.7 don't
in between, who knows?
For now, just for sake of clarity:
original v1_1.7.0.0 passes antivirus check
latest 1.7.0.8 and previus 1.7.0.7 don't
in between, who knows?

Debian GNU/Linux by vocation, inevitably on Windows 

- mcluskyism
- Beiträge: 5
- Registriert: Fr 26. Jul 2019, 20:56
- Status: Offline
Re: WinToolkit from 1.7.0.1 to 1.7.0.8 to antivirus quarantine
Hi to all, unfortunately I can confirm that all releases of WinToolkit from 1.7.0.1 to 1.7.0.8 are presumed infected, according to my company antivirus.
I am still convinced that this is a false positive, but for now I am screwed.
Thanks anyway for all the support, and greetings to the whole forum
I am still convinced that this is a false positive, but for now I am screwed.
Thanks anyway for all the support, and greetings to the whole forum

Debian GNU/Linux by vocation, inevitably on Windows 

- Nemo
- Beiträge: 1272
- Registriert: Di 12. Jul 2016, 12:28
- Wohnort: Bad Soden am Taunus
- Hat sich bedankt: 152 Mal
- Danksagung erhalten: 132 Mal
- Status: Offline
Re: WinToolkit from 1.7.0.1 to 1.7.0.8 to antivirus quarantine
Hi,
Ask your IT administration to whitelist WTK!
Rgards, Nemo
Ask your IT administration to whitelist WTK!
Rgards, Nemo
- mcluskyism
- Beiträge: 5
- Registriert: Fr 26. Jul 2019, 20:56
- Status: Offline
Re: WinToolkit from 1.7.0.1 to 1.7.0.8 to antivirus quarantine



Sorry for the delay, have a nice week end
Debian GNU/Linux by vocation, inevitably on Windows 
