False positives or...?


#1

Hi Elive,

I came across this OS and I must say I’m extremely impressed with the focus and determination of it’s author.

Not sure if intentional or not (I’m new, and didn’t heard of Elive before), but VirusTotal didn’t really agree with the files here starting from the USB tool…

4b0e4b3a90a04cf4e410577c14499833231fa021a0cb01a9175cb194a5c26beb

Copy and paste that into the virustotal search…

If it’s not meant to be this way, I’d highly suggest something to be done about it. Else, it’d be kind of pointless to attract more people (I read the forum) when anyone who scans it finds a multitude of viruses associated to Elive.

EDIT
God, I tried to donate. It refused point-blank for me to select my own country in the Paypal selection, which basically means I can’t donate anything even if I wanted to. I think that should be another priority…


#2

One scanner engine says ‘unsafe’. 33 engines say ‘clear’.
A quick view in my Test-VM: There is nothing suspicious here. Very clean, and easy to use. But there seems to be something, so let’s peek behind the GUI (Using IDA7.0 Free):

179kb of ‘take a file and write it to USB, perform some checks of consistence’. There are no suspicions network handler. Not even a internal web-self-update.

The Tool is from middle of 2015 and not a product of Elive Linux itself.
I could imagine the tool is detected, because it will write blockwise directly to a USB Device. But to be honest: This is the purpose of the tool (A heuristic engine can’t know this detail).