[syslinux] Virus scan - false positive for 32-bit syslinux.efi in syslinux 6.04-pre?

Bynum, Hugh R hugh.r.bynum at intel.com
Fri Aug 18 13:46:11 PDT 2017

Not sure if this has been addressed previously; I couldn't find anything in the mailing list archives, at least since December 2016.

In a routine virus scan of a project that includes syslinux, McAfee Virus Scan reported what I strongly suspect to be a false positive in 32-bit syslinux.efi in the syslinux-6.04-pre1.tar.gz distribution. A follow-up search with VirusTotal shows that the same file, as identified by its SHA256, was scanned on 2 March of this year. In that scan, 9 of 59 scan engines flagged various threats, 48 of the remaining 50 engines found no issues, and two abstained due to file type. My own additional scans with ClamAV and COMODO were clean, and I'd also note that the 64-bit syslinux.efi, presumably built from the same source, also scanned clean.

Has the syslinux development team examined this at all? I'd like to get an expert opinion if possible.

Link here: https://www.virustotal.com/en/file/76fc824303aeea75ffd281b22a18a5c034d0ef9bb98eea79fad0fd4022887cde/analysis/

Thanks in advance,
Hugh Bynum

More information about the Syslinux mailing list