Post information to the creator of the software, it could be a false positive, because virustotal shows up clean.
Could you please removed confirmed Virus from title until we are 100% positive its a virus.
Sure, but do you not think that a dll called WATCHER.DLL is dodgy? And then when you run the program kaspersky detects that it is watching you and asks to delete it? I really am inclined to believe it is a virus.
You could well be right about it being a virus, but we need to b e sure, I will take a look at it in a day or so.
What I don't want is we start to post content saying is a virus and its a false positive, we need to be 100% sure before we warn people away from the software.
There are legit watcher.dll files and some can/are malicious in some way, but as Brian says contact the owner of the software to let them know. Also I would contact Kaspersky and talk them through it as they may wish to investigate further.
[additional]
Ran a little check on WintoUSB 1.6 beta (couldnt get the 1.5 version to work) using Ghex and the only thing I could tell from the brief view (and it was quite brief) is that it has a "mailslot" program which could be perfectly legit. ClamAV, chrootkit both showed no problems, here's an image of the hex;
I was going to say, if it was a bad program, I am sure virustotal would of have at least 3 or 4 virus detections, Kaspersky detected it as a virus, but that was a 2013 version I see, Kaspersky is one of many antivirus company's on virustotal and it did not detect it, maybe the programs has talked with these company's and its now classed as a false positive.
I will take a look when I get time.