Is this something I should be concerned about?
No. The Unix.Trojan.Vali-6606621-0 signature is a garbage signature. The signature itself is this: Unix.Trojan.Vali-6606621-0:6:EP+0:31ed4989d15e4889e24883e4f050544c8d055a050000488d0de3040000488d3d The string of hex characters after the last colon is the actual 'signature' which for this type of signature is just a hex dump of a portion of the binary. In this case it's the preamble located at the ELF entry point. This[0] is a dump of the entry point of the 'detected' systemd binary. If you pay attention to the hex characters in the second column you'll see that it matches the hex characters at the end of the signature. Meanwhile this[1] is the same section of code from the current pacman binary. If you look closely you'll find that the only difference is three bytes in the middle of line 7bff and 7c06. That section of code species the addresses that it's comparing against. The only reason all of our binaries don't match it is that the symbols it's comparing against will be put at different addresses by the linker based on what else it has to link. All-in-all, completely ignore the Unix.Trojan.Vali-6606621-0 signature, it's utterly pointless. [0]: https://ptpb.pw/1Vuq [1]: https://ptpb.pw/N67V -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 PGP Key FP: 5134 EF9E AF65 F95B 6BB1 608E 50FB 9B27 3A9D 0BB5 https://theos.kyriasis.com/~kyrias/