Crystal Security 3.7 BETA

Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
Petrovic said:
https://www.crystalsecurity.eu/downloads/crystal_security_3.7.0.28_setup.msi - Interactive analysis - ANY.RUN
Click to expand...

Hi @Petrovic

Thank you for the feedback.

Static engine updates information about malware via Feeds. Feeds collects information about malware.
Feed includes hashes and urls but only hashes of malware are stored locally. URLs of malware are only temporarily loaded.
It seems that Any Run service analysis captured temporarily loaded URLs during analysis.

Regards,
Kardo
 
  • Like
Reactions: JM Safe, Petrovic, harlan4096 and 1 other person
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
  • Like
Reactions: brambedkar59, _CyberGhosT_, vtqhtr413 and 3 others
F

ForgottenSeer 69673

Windows Defender flags the install file as a trojan.
ScreenHunter_134 Dec. 21 16.08.jpg
 
  • Like
Reactions: harlan4096, vtqhtr413, Kardo Kristal and 2 others
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
ticklemefeet said:
Windows Defender flags the install file as a trojan.
Click to expand...

Hi @ticklemefeet

Thank you for your feedback.

I just tried to check the installer file on my computer and here is clean.
The installer file is not detected by Windows Defender.

Can you please send False Positive report to Microsoft?

Regards,
Kardo
 
  • Like
Reactions: brambedkar59, harlan4096 and vtqhtr413
F

ForgottenSeer 69673

Kardo Kristal said:
Hi @ticklemefeet

Thank you for your feedback.

I just tried to check the installer file on my computer and here is clean.
The installer file is not detected by Windows Defender.

Can you please send False Positive report to Microsoft?

Regards,
Kardo
Click to expand...

I am on the latest insider update. Maybe that is why. Not sure how to send the file since it deletes it right after download. It delets the install file and the portable file. It does not quarantine it or offer a way to white list the file. This is something you will have to submit to MS I am afraid.
 
  • Like
Reactions: brambedkar59, oldschool, vtqhtr413 and 2 others
vtqhtr413

vtqhtr413

Level 27
Well-known
Aug 17, 2017
1,609
ticklemefeet said:
I am on the latest insider update. Maybe that is why. Not sure how to send the file since it deletes it right after download. It delets the install file and the portable file. It does not quarantine it or offer a way to white list the file. This is something you will have to submit to MS I am afraid.
Click to expand...
Are you using any of the Defender tweakers ( Config Defender, NVT OSA, System hardeners)?

It's not starting at boot for me most of the time now since the last few Windows updates?

Windows 7 home 64bit
 
  • Like
Reactions: brambedkar59, stefanos and oldschool
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
In2an3_PpG said:
@Kardo Kristal

Is the dynamic engine scanning with sources like VT or what does it do?
Click to expand...

Hi @In2an3_PpG

Thank you for your interest. :)

Dynamic engine uses local rules set to identify file status.
Currently there are about 15 different rules in rules set.

Some examples of rules: File signature, file age, extension, location, file visibility...
Dynamic engine does not require database updates and it can work without internet connection.

All data collected in the file is compared with the rules set.
When certain combination of rules are detected then Dynamic engine can determine the file status.

Regards,
Kardo
 
Last edited:
  • Like
Reactions: Fel Grossi, vtqhtr413 and harlan4096

Similar threads

Trident
    • +Reputation
    • Thanks
New Update Announcing End of Life for Kaspersky Engine in Harmony Endpoint
Replies
14
Views
1,252
Other security for Windows, Mac, Linux
Trident
Trident
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Eset Smart Security Premium v18
Replies
12
Views
1,157
Video Reviews - Security and Privacy
mlnevese
mlnevese
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,978
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top