- Feb 24, 2017
- 1,661
does that option solve the first point? can't test cause the samples i have are instantly detected static.
ps: nevermind, it doesn't...
Last edited:
Crystal Security 3.5
- Thread starter Kardo Kristal
- Start date
- Status
does that option solve the first point? can't test cause the samples i have are instantly detected static.
ps: nevermind, it doesn't...
- Feb 24, 2017
- 1,661
pretty impressive, VT is full clean, but the sample is malicious according to any.run
Crystal blocked it due to it's Dynamic engine
i just can't figure out how to halt the process till decision is made...
ps: sorry for the spam, i'm just reporting interesting things while toying with it.
also got it to bug out with the sample submitting, had to restart it a few times, it stopped analyzing files or uploading them cause one file got stuck in queue and even removing it didn't help.
Stealth mode makes it a whitelist based anti-exe too
ps: It's an FP. dang it
Crystal blocked it due to it's Dynamic engine
i just can't figure out how to halt the process till decision is made...
ps: sorry for the spam, i'm just reporting interesting things while toying with it.
also got it to bug out with the sample submitting, had to restart it a few times, it stopped analyzing files or uploading them cause one file got stuck in queue and even removing it didn't help.
Stealth mode makes it a whitelist based anti-exe too
ps: It's an FP. dang it
Last edited:
- Feb 24, 2017
- 1,661
I wanted to like this but I just can't.
the cloud uploading is buggy, it uploads files that shouldn't be uploaded, like password protected zips and then it never receives a VT result, the entry gets stuck in the UI
you can't stop an upload, you can remove it from a tab, but the tab still has it listed. for example removing it from unrecognized, overview will still have it
stuff like this is also pretty annoying, i guess its done like this to save performance and not having to wait for VT, but for example Voodooshield doesn't have this problem and gets VT results almost always instantly
still, if someone doesn't want to use this as the primary defense layer, it's the lightest and in considering that, the best VT/sig scanner I have tried yet. if you don't mind the shortcomings.
the cloud uploading is buggy, it uploads files that shouldn't be uploaded, like password protected zips and then it never receives a VT result, the entry gets stuck in the UI
you can't stop an upload, you can remove it from a tab, but the tab still has it listed. for example removing it from unrecognized, overview will still have it
stuff like this is also pretty annoying, i guess its done like this to save performance and not having to wait for VT, but for example Voodooshield doesn't have this problem and gets VT results almost always instantly
still, if someone doesn't want to use this as the primary defense layer, it's the lightest and in considering that, the best VT/sig scanner I have tried yet. if you don't mind the shortcomings.
- Jun 22, 2014
- 864
Good review mekelek. Some interesting points mentioned especially the silent mode pure whitelist anti-exe setting.
Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe ?)
Regards Eck
Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe
?)Regards Eck
- Feb 24, 2017
- 1,661
I sent him an email i found on the site in case he doesn't visit MT, no response yetGood review mekelek. Some interesting points mentioned especially the silent mode pure whitelist anti-exe setting.
Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe
Regards Eck
- Jun 22, 2014
- 864
- Status
