Win32.Palevo False Positive
Hello my uncle has encountered a false positive.
It is detected as Win32.Palevo. He uses a 64bit win 7 ultimate OS. I have tested the file myself with the old updates but didin't encounter the false positive. But with the latest updates 2011-03-16 I encounter this false positive too. My OS is Win vista hom premium 32bit. It occurs when we debug my uncle's following c file:
Code:
#include <stdio.h>
#include <stdlib.h>
typedef struct
{
char adi[30];
char soyadi[40];
char nosu[20];
float vize;
float final;
float ortalama;
} liste;
void main()
{
int i, n;
printf("Kac kisi gireceksiniz? > ");
scanf("%d",&n);
liste kayit[n];
for(i=0; i<n; i++)
{
printf("\n");
printf("%d. Kayit: \n\n",i+1);
printf("Adi gir > ");
scanf("%s",&kayit[i].adi);
printf("Soyadi gir > ");
scanf("%s",&kayit[i].soyadi);
printf("Nosu gir > ");
scanf("%s",&kayit[i].nosu);
printf("Vize gir > ");
scanf("%f",&kayit[i].vize);
printf("Final gir > ");
scanf("%f",&kayit[i].final);
kayit[i].ortalama = kayit[i].vize*0.4 + kayit[i].final*0.6;
}
printf("Butun Bilgiler\n\n");
printf("SIRA ADI SOYADI NOSU VIZE FINAL ORTALAMA");
printf("\n");
for(i=0; i<n; i++){
printf("%4d. ", i+1);
printf("%s \t", kayit[i].adi);
printf("%s \t", kayit[i].soyadi);
printf("%s \t", kayit[i].nosu);
printf("%.1f \t", kayit[i].vize);
printf("%.2f \t", kayit[i].final);
printf("%.2f \t", kayit[i].ortalama);
printf("\n");
}
}
It's not my code lol :D The teatimer module gives this fp. while executing the program.
Oh btw: My spybot version is the latest 1.6.2.46
Getting this with Erlang inet_gethost.exe subprocess now
Hello there,
Seeing the same Palevo false positive when running Erlang on windows, version R14B02. Running the 2011-04-06 detection updates on 1.6.2.46.
The executable inet_gethost.exe, which is an Erlang subprocess, is being flagged, see the image below:
http://img707.imageshack.us/img707/2861/snap005y.png
Source is here: http://www.erlang.org/download/otp_src_R14B02.tar.gz
inet_gethost.c is a pretty simple bit of code, see:
https://github.com/erlang/otp/blob/d...inet_gethost.c
It getting flagged by Spybot is preventing Erlang on Windows from playing nicely with teatimer. This in turn is preventing some really nice software (such as CouchDB) from working right on Win32 that has teatimer active.