[syslinux] Virus scan - false positive for 32-bit syslinux.efi in syslinux 6.04-pre?

H. Peter Anvin hpa at zytor.com
Wed Aug 30 12:24:30 PDT 2017

On 08/18/17 13:46, Bynum, Hugh R via Syslinux wrote:
> Not sure if this has been addressed previously; I couldn't find anything in the mailing list archives, at least since December 2016.
> In a routine virus scan of a project that includes syslinux, McAfee Virus Scan reported what I strongly suspect to be a false positive in 32-bit syslinux.efi in the syslinux-6.04-pre1.tar.gz distribution. A follow-up search with VirusTotal shows that the same file, as identified by its SHA256, was scanned on 2 March of this year. In that scan, 9 of 59 scan engines flagged various threats, 48 of the remaining 50 engines found no issues, and two abstained due to file type. My own additional scans with ClamAV and COMODO were clean, and I'd also note that the 64-bit syslinux.efi, presumably built from the same source, also scanned clean.
> Has the syslinux development team examined this at all? I'd like to get an expert opinion if possible.
> Link here: https://www.virustotal.com/en/file/76fc824303aeea75ffd281b22a18a5c034d0ef9bb98eea79fad0fd4022887cde/analysis/

They have been contacted several times, but don't seem to care.


More information about the Syslinux mailing list