Jump to content


  • Content Count

  • Joined

  • Last visited

About FattyBoomsticks

  • Rank
  • Birthday 01/01/1970

Profile Information

  • Interests
  1. Yes, although initially I didn't. As far as I can tell (newbie here), SAS only lets you report a false positive upon finding potential threats, but not after they have been quarantined. Not wanting to restore the quarantined files, I reported the false positive in this thread instead.
  2. ...specifically the zlib.dll file that comes with the lcc-win32 c compiler (which I downloaded from the authors' website http://www.cs.virginia.edu/~lcc-win32/). The reasons why I think that this is a false positive are:- 1. Popular compiler and yet I can't find anyone who says that it is infected. 2. I recall reading that the compiler uses OS hooks, which are supposedly a common source of false positives for antivirus software. 3. Only C:\lcc\bin\zlib.dll is reported as infected, i.e. there has been no virus-like spread to other files executable files on my drives (although possibly a rootkit could hide infected files from the operating system, I don't know). 4. Trial versions of both Kaspersky and nod32 never detected it. Neither did Windows Defender. 5. No virus-like behaviour whatsoever as far as I can tell. TaskDir is, I believe, a mail spammer and yet I haven't noticed any unusual or increased network or CPU activity. Norton antibot hasn't reported any bot-like activity (ugh, I'm turning into a security software junky). 6. I found that during installation of lcc Avast Home antivirus flagged it as a virus. Why do I think that this supports my argument that zlib.dll is not infected? I believe this has something to do with point 2 above. I trust Kaspersky's and Nod32's detection capabilities over Avast based on their reputation and the fact that Avast Home is free (don't get me wrong, love your work! ). I have a second laptop that never had lcc installed, I will check shortly to see if it too has been infected. Cheers.
  • Create New...