- Jul 12, 2014
- 1,143
Crystal Security 3.5
- Thread starter Kardo Kristal
- Start date
- Status
- Feb 5, 2016
- 163
nooo that it's ok i mean Sql ,mysql,sqlite,ms sql ,oracle ,mono,abo.db
- Jul 12, 2014
- 1,143
Hi @Mr.NoName,
Local database is loaded into memory without SQL, MySql etc..
Only latest threat information is downloaded and stored on your computer (mostly for offline usage).
Regards,
Kardo
Last edited:
- Aug 2, 2015
- 4,286
@Kardo Kristal I agree with Logethica
just over the past year alone I have watched your product grow and improve exponentially
you should be proud.
just over the past year alone I have watched your product grow and improve exponentially
you should be proud.
- Feb 5, 2016
- 163
so you use array or string ok good but what about when you load more than 6 million sigs in this memory ?
- May 14, 2016
- 1,597
Not to answer your question, but I have thought one thing when I read it :
About values :
SHA256 = 32 Bytes
32 Bytes x 6000 000 => 183 MB ( with 1024² used)
HASH = 16 Bytes
for 6000 000
=> 91.5 MB
Only to say: often, "high x very small" = "not too high"
(Sorry, I know it may not help a lot, and can have nothing to do with the real answer, but before I go to bed, I needed to make a last post
)
Last edited:
- Feb 5, 2016
- 163
yes bot there are more than one billion malware and threats at all so this is bigNot to answer your question, but I have thought one thing when I read it :
About values :
SHA256 = 32 Bytes
32 Bytes x 6000 000 => 183 MB ( with 1024² used)
HASH = 16 Bytes
for 6000 000
=> 91.5 MB
Only to say: often, "high x very small" = "not too high"
(Sorry, I know it may not help a lot, and can have nothing to do with the real answer, but before I go to bed, I needed to make a last post
- Jul 12, 2014
- 1,143
Hi @_CyberGhosT_
Thank you for the kind words. I am glad you like Crystal Security.
Hi @Mr.NoName,
Local database is limited. There is no plan to load millions of signatures in the memory. Thanks to Heuristic engine which is also local and Cloud engines, detection ratio should be quite good to detect any kind of malware.
Hi @DardiM,
Thanks bro.
Regards,
Kardo
- Nov 19, 2014
- 2,350
@DardiM You mentioned here some extensions need to be added manually. I am trying the product now and would love to know what those extensions are and why they are not used by default(assuming you know why). Also is there any drawback from using the extra extensions?(Hopefully not more alerts).
Will really appreciate it if you have the time to enlighten me. Thanks in advance.
PC: SECURE - Vanduss's Security config
Will really appreciate it if you have the time to enlighten me. Thanks in advance.
PC: SECURE - Vanduss's Security config
- May 14, 2016
- 1,597
@Kardo Kristal , the creator of this useful tool, could explain better than me.
I will try :
There are two extensions that I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file made Crystal security prompt an alert (you can imagine the number of .js file used by website :'( ), and excluding a folder was a problem because several sub temp folders was created by this Browser.
=> @Kardo Kristal resolved this in a update where excluding a folder also excludes the sub folders.
You can follow the discussion with @Kardo Kristal
- from this link Crystal Security 3.5
- to this link Crystal Security 3.5
(2) .bin
=> some malware sample (on some website) are with .bin extension (added at the end of real extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
Last edited:
- Nov 19, 2014
- 2,350
OK thanks. WIll add bin for now and check what folder i need to whitelist for js to see if it's worth it. I control wscript with other ways and adding an exclusion might be a bad idea depending on set location.@Kardo Kristal , the creator of this useful tool could explain better than me.
There are two extension I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file make Crystal security prompt an alert (unknown files)
and excluding a folder was a prolem because sub temp folder was created by this Browser.
=> @Kardo Kristal resolve this in a update where exluding a folder exlude also the sub folders
(2) .bin
=> some malware sample are with .bin extension (ate the end the .exe extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
Thanks a lot for your quick reply.
- May 14, 2016
- 1,597
I tested with Vivaldi, Firefox, Chrome, IE
=> the problem only appears with IE
This is what I posted :
"For people who want to do the same, don't forget that in the path
...\AppData\Local\Microsoft\Windows\INetCache\Low\IE
there are hidden / protected folders you must make "visible" before adding in Crystal Security.
AppData => choose : "show hidden file/folder or drive"
INetCache => Uncheck : "Hide protected system files"
And don't forget to reverse this changes after folder has been added in Whitelist
"
Last edited:
- Nov 19, 2014
- 2,350
Oh cool, i thought it was for all browsers. I never open IE and use Chrome and Firefox so will add js. No reason not to do so it if no whitelist is required. Thanks again.I tested with Vivaldi Firefox chrome IE
=> the problem only appear with IE
This is what I posted :
"For people who want to do the same, don't forget that in the path
...\AppData\Local\Microsoft\Windows\INetCache\Low\IE
there are hidden / protected folders you must make "visible" before adding in Crystal Security.
AppData => choose : "show hidden file/folder or drive"
INetCache => Uncheck : "Hide protected system files"
And don't forget to reverse this changes after folder has been added in Whitelist
- May 14, 2016
- 1,597
You are welcome
One more thing : don't make the same error that I've made the first time I used Crystal Security
Add you custom extension here :
Settings => Protection => File Types => Custom and don't forget to click on apply (I was certainly exhausted
)
- Jul 12, 2014
- 1,143
Hi @SHvFl,
Thanks for the interest.
Additional extensions are optional. You can add any extension you like. It is possible that with new extensions, you may see more alerts (e.g. when detected file is unknown, suspicious or unsafe). It depends on your Settings.
By default only common executables are monitored.
There are two extension I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file made Crystal security prompt an alert (you can imagine the number of .js file used by website :'( ),
and excluding a folder was a problem because sub temp folder was created by this Browser.
=> @Kardo Kristal resolved this in a update where excluding a folder also exludes the sub folders
You can follow the discussion with @Kardo Kristal
from this link Crystal Security 3.5
to this link Crystal Security 3.5
(2) .bin
=> some malware sample are with .bin extension (added at the end of real extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
@DardiM Thanks for the useful reply.
Regards,
Kardo
- May 17, 2015
- 705
@Kardo Kristal
what news on my Norton problem, since hash changes each Norton local protection update
what news on my Norton problem, since hash changes each Norton local protection update
Last edited:
- Jul 12, 2014
- 1,143
Hi @bjm_,
Thanks to sub-folders support your issue should be fixed.
Please white-list the following folder under Whitelist section: C:\ProgramData\Norton\
Regards,
Kardo
- May 17, 2015
- 705
Aha, Okay. I'll try CS again and see what's new. Thanks!Hi @bjm_,
Thanks to sub-folders support your issue should be fixed.
Please white-list the following folder under Whitelist section: C:\ProgramData\Norton\
Regards, Kardo
_________________________________
FWIW ~this is as I see with FoxWebSecurity. http://s31.postimg.org/rzfpksl8b/screenshot.png
SafeWeb reports SAFE https://safeweb.norton.com/report/show?url=crystalsecurity
Default Policy-1 DNS IP's used by FoxWebSecurity may be over-reaching. IDK
Last edited:
- Sep 22, 2014
- 1,767
Is there any settings like "trust all" when installing on clean PC?
I would like to reduce pop-up of Unknown file by Collective Cloud (I was just turn off that for a day).
I would like to reduce pop-up of Unknown file by Collective Cloud (I was just turn off that for a day).
- Jul 12, 2014
- 1,143
Hi @bjm_,
Seems like Uptodown and Programosy sites are detected. Should be False Positives by filter.
Hi @Av Gurus,
Currently there is no such feature/setting. There is a plan to add Folder whitelisting option to notification so when unknown file is detected during the installation of new program then you can easily white-list whole directory. It should help to reduce unknown pop-ups.
Regards,
Kardo
- Status
