Forum LiberKey

Decided to try out ClamWin portable last night and to my surprise it has detected 24 files with Trojan: FraudPack 4400.

I'm hoping that these are false positives. I checked the drive with Microsoft Security Essentials and it did not detect anything. Will try with a couple of other AVs just to be sure.

The files that ClamWin detected are:

M:\Apps\Aspect\App\Aspect\aspect.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\CheckeMON\App\CheckeMON\CheckeMON.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\ColorPic\App\ColorPic\ColorPic.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\DSynchronize\App\DSynchronize\DSynchronize.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\DupKiller\App\DupKiller\Plugins\ApproCom\approcom.dll: Trojan.Fraudpack-4400 FOUND
M:\Apps\DupKiller\App\DupKiller\Plugins\HearIt\HearIt.dll: Trojan.Fraudpack-4400 FOUND
M:\Apps\DupKiller\App\DupKiller\Plugins\SimpleImageComparer\SimpleImageComparer.dll: Trojan.Fraudpack-4400 FOUND
M:\Apps\Erunt\App\Erunt\ERDNT.E_E: Trojan.Fraudpack-4400 FOUND
M:\Apps\Erunt\App\Erunt\ERUNT.EXE: Trojan.Fraudpack-4400 FOUND
M:\Apps\FastStoneImageViewer\App\FastStoneImageViewer\fssl.db: Trojan.Fraudpack-4400 FOUND
M:\Apps\Folder2Iso\App\Folder2Iso\Folder2Iso.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\FotoSketcher\App\FotoSketcher\FotoSketcher.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\iWebAlbum\App\iWebAlbum\iWebAlbum.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\MobaLiveCD\App\MobaLiveCD\MobaLiveCD.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\MobaPhoto\App\MobaPhoto\MobaPhoto.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\NetMeter\App\NetMeter\NetMeter.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\PCChrono\App\PCChrono\PCChrono.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\PENetworkConfigurator\App\PENetworkConfigurator\PENetCfg.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\PerformancePinging\App\PerformancePinging\perfping.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\PocketDivXEncoder\App\PocketDivXEncoder\PocketDivXEncoder.exe: Trojan.Generic.Bredolab-2 FOUND
M:\Apps\QuicksysRegDefrag\App\QuicksysRegDefrag\dskmts.dll: Trojan.Fraudpack-4400 FOUND
M:\Apps\UltraShredder\App\UltraShredder\ultrashredder.exe: Trojan.Fraudpack-4400 FOUND
M:\Apps\UniversalExtractor\App\UniversalExtractor\bin\MHTUnp.wcx: Trojan.Fraudpack-4400 FOUND
M:\Apps\UniversalViewer\App\UniversalViewer\Plugins\ICLView\ICLView.wlx: Trojan.Fraudpack-4400 FOUND

EDIT: OK, I've checked this with F-Prot, AntiVir, BitDefender, AVG, Microsoft Security Essentials and they all say the files are clean.

It's only ClamWin that says "files may be infected!". My view is that ClamWin is throwing up a false positive. This is a bit of a pain, because ClamWin is quite a handy app to have around, but if its throwing up false positives then it kind of takes the edge of this app.

Comments from anyone else?

Thanks,

GrahamG

Hello GrahamG.

Thank you for the feedback.
We have the same result.

This problem doesn't occured with the lastest version of ClamWin.

The update will be available today.

@ skybird. Many thanks for the update. I went over to the ClamWin site and noticed that they had updated ClamWin for the Trojan: FraudPack 4400 yesterday (03/09/10). Very quick response on your part. Well done.

Thanks,
GrahamG

hello GrahamG,

ClamWin 0.96.2.1 is available.