Antivirus hits on something called a "FRAUDPACK" ?

I keep running the CIS antivirus program on my 2003 server and it keeps finding what it calls “Trojware.win32.Fraudpack.p@nnnnnn” where the n’s are random numbers. The directory that these hits are in is \Program Files\Microsoft.NET\SDK\Compact Framework\v3.5\WindowsCE and the file appears to be

If this is a false positive, can someone confirm?

If this is not, how does this keep showing up and any ideas on how I picked this up? This is a server box that is used for server things. I have never used it to browse questionable web sites.


That looks like it could be a false positive.

I will move this to the f/p board. Please read the instructions in the sticky topic about how to report them.


Thanks for reporting.
Could you please submit the detected file at
Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year.