The application Crossloop which is intended for remote assistance uses TightVNC internally and Comodo CIS 3.5 Beta’s Malware scanner (which runs after installation) detects it as threats. This is the result of the scan:

Application.Win32.WinVNC.~BAAA(ID = 0x66e7c) C:\Program Files\CrossLoop\VNCHooks.dll
ApplicUnsaf.Win32.RemoteAdmin.WinVNC(ID = 0xe4d5) C:\Program Files\CrossLoop\winvnc.exe

Of course these files are harmless so this is a false positive.


From what i can see from your post it seems that the detections are not a false alarm. The files in question seems to be detection under “potentially dangerous” applications category as indicated by the names “ApplicationUnsafe” and “Application” meaning that these applications themselves are legitimate applications - but, they can be used by a malicious attacker to compromise your computer’s security.

In this case, the files in question have the capability to enable a user to connect to a computer remotely. These files can be installed without a users consent and can be used to gain remote access to the computer by an attacker. The applications are therefore detected with the intent to warn the users about the presence of these files on their computers which you can ignore safely if you had installed these applications with your knowledge.

You can add these files to the exclusion list and continue to use them without problems.

Thanks and Regards.


However if I understand correctly then by default it would remove the files - preventing Crossloop from working. It might be useful to put a disclaimer somewhere that ‘removing some addware/spyware/potentially unsafe applications’ may prevent certain applications on your computer from working that are using these files. Just as the people from Spybot do.