It Appears that Crossloop is now showing up as a Trojan Variant again. I've had it installed on my office systems for a long time now and use it on hundreds of clients systems with no problems. It was detected awhile back as a heuristics detection and I submitted it for analysis and even excluded it from scans, but it appears to be catching it again. Here is the message from this mornings scan log. C:\Program Files\CrossLoop\CrossLoopConnect.exe - probably a variant of Win32/Genetik trojan Anybody know anything about this? Thanks
Send it for analysis to samples("at")eset[dot]com with the subject "False Positive". Probably a heuristic update got it detected.
If it was already fixed by ESET, the exact same file should remain undetected. Sometimes I upgrade to a newer version of NOD32 and just after install there is an older version of database. However FPs fixed in a new version of DB are problem again, until DB is updated to a recent version.
As of this morning, Crossloop is being detected and deleted again. I excluded the entire program files folder and added the .exe to the exclusion list as well just in case, and it still got rid of them. I don't want to have to uncheck "unwanted/dangerous applications" just to keep it from deleting my VNC program. I've submitted this more than once as an issue. It is now detecting it as a Win32/RemoteAdmin.WinVNC Application, because it is one, but its not a dangerous one. I need this app on my workstations and my server and it's kinda frustrating when I check my weekend scan logs to see that it was deleted from every workstation again. Anybody from Eset that sees this, can you look into it again please? Thank You