Antivirus hits on something called a "FRAUDPACK" ?

brdietrich · March 31, 2011, 3:41pm

I keep running the CIS antivirus program on my 2003 server and it keeps finding what it calls “Trojware.win32.Fraudpack.p@nnnnnn” where the n’s are random numbers. The directory that these hits are in is \Program Files\Microsoft.NET\SDK\Compact Framework\v3.5\WindowsCE and the file appears to be NetCFv35.ppc.arwv4.cab.

If this is a false positive, can someone confirm?

If this is not, how does this keep showing up and any ideas on how I picked this up? This is a server box that is used for server things. I have never used it to browse questionable web sites.

thanks

Citizen_K · March 31, 2011, 11:20pm

That looks like it could be a false positive.

I will move this to the f/p board. Please read the instructions in the sticky topic about how to report them.

Chunli · April 1, 2011, 3:11am

Hi,Dabrain

Thanks for reporting.
Could you please submit the detected file at
Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year.

Regards
Chunli.chen