2025-07-18 02:07 CEST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0002308Spring engineGeneralpublic2011-01-19 14:39
Reporterdfreeman 
Assigned Toabma 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusresolvedResolutionnot fixable 
Product Version 
Target VersionFixed in Version 
Summary0002308: SpringModuleUpdater.exe reported as Trojan.IRCBot-3999
DescriptionI just ran clamav (the virus scanner) for the first time in a long while, and it picked up an old version of SpringModuleUpdater.exe as Trojan.IRCBot-3999.

The descriptions that I have read for this virus definition suggest that it might be a generic catch-all for executables that connect to IRC, without specifically knowing that it will open a back-door or join a bot-net. The other major vendors, Symantec/Kaspersky/etc. have a matching definition.

However I thought I would report this in case it proves to be interesting. If it does, ask and I will attach the file.

My copy has a time-stamp of 2009-09-06 23:28, probably the time when I downloaded it. It has a size of 2036647 bytes, and the following checksums:

MD5: 404270fffdfb6d3c19281c659ff17b75
SHA1: c491255a15c4fe29c705b60ca6ee4b065d893840
TagsNo tags attached.
Checked infolog.txt for Errors
Attached Files

-Relationships
+Relationships

-Notes

~0006274

abma (administrator)

Last edited: 2011-01-19 14:44

thanks for the notify, but please report this to http://cgi.clamav.net/sendvirus.cgi as false positive. the spring devs can't change anything here as this file seems to come from springinfo.info.

+Notes

-Issue History
Date Modified Username Field Change
2011-01-19 14:15 dfreeman New Issue
2011-01-19 14:39 abma Note Added: 0006274
2011-01-19 14:39 abma Status new => resolved
2011-01-19 14:39 abma Resolution open => not fixable
2011-01-19 14:39 abma Assigned To => abma
2011-01-19 14:44 abma Note Edited: 0006274
+Issue History