Kardo Kristal

From Crystal Security
Verified
Developer
Hi @Petrovic

Thank you for the feedback.

Static engine updates information about malware via Feeds. Feeds collects information about malware.
Feed includes hashes and urls but only hashes of malware are stored locally. URLs of malware are only temporarily loaded.
It seems that Any Run service analysis captured temporarily loaded URLs during analysis.

Regards,
Kardo
 

ticklemefeet

Level 22
Verified
Hi @ticklemefeet

Thank you for your feedback.

I just tried to check the installer file on my computer and here is clean.
The installer file is not detected by Windows Defender.

Can you please send False Positive report to Microsoft?

Regards,
Kardo
I am on the latest insider update. Maybe that is why. Not sure how to send the file since it deletes it right after download. It delets the install file and the portable file. It does not quarantine it or offer a way to white list the file. This is something you will have to submit to MS I am afraid.
 

BryanB

Level 17
Verified
I am on the latest insider update. Maybe that is why. Not sure how to send the file since it deletes it right after download. It delets the install file and the portable file. It does not quarantine it or offer a way to white list the file. This is something you will have to submit to MS I am afraid.
Are you using any of the Defender tweakers ( Config Defender, NVT OSA, System hardeners)?

It's not starting at boot for me most of the time now since the last few Windows updates?

Windows 7 home 64bit
 

Kardo Kristal

From Crystal Security
Verified
Developer
@Kardo Kristal

Is the dynamic engine scanning with sources like VT or what does it do?
Hi @In2an3_PpG

Thank you for your interest. :)

Dynamic engine uses local rules set to identify file status.
Currently there are about 15 different rules in rules set.

Some examples of rules: File signature, file age, extension, location, file visibility...
Dynamic engine does not require database updates and it can work without internet connection.

All data collected in the file is compared with the rules set.
When certain combination of rules are detected then Dynamic engine can determine the file status.

Regards,
Kardo
 
Last edited: