Crystal Security 3.5

[Oxygen]

I really do like how clean the interface is.

 

[Kardo Kristal]

I've noticed sometimes popups do not show... 3 unknown and 1 suspicious have entered Overview, but I didn't get a popup asking for a decision. User Intervention is selected. Even after checkup finished, nothing popped up.

@Marin Eres Thanks for the feedback. If I can re-produce it then I am able to fix it.

I really do like how clean the interface is.

@Fedora I am happy that you like it!

Regards,
Kardo

 

[marzametal]

@Marin Eres Thanks for the feedback. If I can re-produce it then I am able to fix it.

I figured out why they didn't pop up. It was during checkup mode. Once checkup mode finished, the alerts arrived when the files were executed again.

 

[Kardo Kristal]

I figured out why they didn't pop up. It was during checkup mode. Once checkup mode finished, the alerts arrived when the files were executed again.

@Marin Eres Thank for the information. I am glad that issue is solved.

Regards,
Kardo

 

[david8]

@Kardo Kristal Hi, I've been trying your antivirus recently. (3.5.0.110 BETA) I like it, but I've a problem:

It looks Crystal is marking as suspicious some Bitdefender free dll. I've uploaded it here: http://1drv.ms/1LtHo07
It is located in C:\Program Files\Bitdefender\Antivirus Free Edition\ThreatScanner\lightav64_18588
For some reason I can't add it into whitelist.

If I try to add in blacklist, it throws an error and shows this log:

Access to the path is denied in System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
  in System.IO.File.Move(String sourceFileName, String destFileName)
  in Crystal_Security.Main.v()
  in System.Windows.Forms.MenuItem.OnClick(EventArgs e)
  in System.Windows.Forms.Command.Invoke()
  in System.Windows.Forms.Control.WmCommand(Message& m)
  in System.Windows.Forms.Control.WndProc(Message& m)
  in System.Windows.Forms.ListView.WndProc(Message& m)
  in System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
  in System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

 

[Kardo Kristal]

Hi, Thank you for using Crystal Security product. @david8

It looks Crystal is marking as suspicious some Bitdefender free dll. I've uploaded it here: http://1drv.ms/1LtHo07

Just analyzed it with Crystal Security and got Safe result.

Please do not add this file to blacklist because it is safe and required file for Bitdefender Antivirus.

If I try to add in blacklist, it throws an error and shows this log:

Thanks for the report. I'll look into it.

Regards,
Kardo

 

[david8]

I know, it is Bitdefedner file, I just tried

 

[Kardo Kristal]

Hello,

Crystal Security 3.5.0.111 BETA released

Changelog

• Improved password protection
• Fixed bug in default settings (suspicious and unsafe detection ratio)
• Fixed several bugs in notification
• Fixed bug in "Whitelist" section (double entries)
• Fixed bug in active protection (downloads detection via Internet Explorer and Mozilla Firefox)
• Fixed bug in on-access (files detected partially)
  
• Fixed several other reported bugs

NB! Crystal Security should now detect downloads correctly via Internet Explorer and Mozilla Firefox.

Special Thanks to @LAGUN, @Dani Santos and @RmG152

Two different types of downloads

Download installer version of Crystal Security 3.5.0.111
Download portable version of Crystal Security 3.5.0.111

Looking forward to your feedback.

Regards,
Kardo

 

[Malware1]

Submitted to Comodo for whitelisting.

https://forums.comodo.com/news-anno...isted-2015-t108997.0.html;msg798426#msg798426

Reported as FP to ClamAV.

 

[Kardo Kristal]

Submitted to Comodo for whitelisting.

https://forums.comodo.com/news-anno...isted-2015-t108997.0.html;msg798426#msg798426

Reported as FP to ClamAV.

@Malware1 Thank you bro!

Regards,
Kardo

 

[marzametal]

NB! Crystal Security should now detect downloads correctly via Internet Explorer and Mozilla Firefox.

Looking forward to this,.,.

 

[Kardo Kristal]

Looking forward to this,.,.

@Marin Eres With last update you can already try it out. Tested here multiple times and workd without problems.

Regards,
Kardo

 

[ismethere]

Direct Download [Official]
Crystal Security 3.5.0.111 Beta [Msi 720 KB] Setup
Crystal Security 3.5.0.111 Beta [Zip 448 KB] Portable
​

 

[Kardo Kristal]

best cloud security

@A N G E L Hehe, I am happy If you like Crystal Security. Any feedback is welcome.

Direct Download [Official] Crystal Security 3.5.0.111 Beta [msi 720 KB] Setup
Direct Download [Official] Crystal Security 3.5.0.111 Beta [Zip 448 KB] Portable
​

@ismethere Indeed.

Regards,
Kardo

 

[RmG152]

I'm trying to reset configuration to default, but program crash:

La ruta de acceso no tiene un formato válido.   en System.IO.Path.NormalizePathFast(String path, Boolean fullCheck)
   en System.IO.Path.GetFullPathInternal(String path)
   en System.IO.Directory.InternalGetFileDirectoryNames(String path, String userPathOriginal, String searchPattern, Boolean includeFiles, Boolean includeDirs, SearchOption searchOption)
   en System.IO.Directory.GetFiles(String path, String searchPattern, SearchOption searchOption)
   en System.IO.Directory.GetFiles(String path)
   en Crystal_Security.Main.A4(Object a, EventArgs A)
   en System.Windows.Forms.Timer.OnTick(EventArgs e)
   en System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message& m)
   en System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

mmm another bug:
I download 10 "PotentiallyUnwanted.exe" and this is the result (need to kill program to stop this spam):

Error en la carga del proveedor    en System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   en System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
   en Crystal_Security.Main.aN()
   en System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   en System.Threading.ThreadHelper.ThreadStart()

 

[Kardo Kristal]

I'm trying to reset configuration to default, but program crash:

Hi @RmG152 ,Thanks for the info.

Just tried to reset settings to default without issue (no crash)... Hmm....

mmm another bug:
I download 10 "PotentiallyUnwanted.exe" and this is the result (need to kill program to stop this spam):

I need additional information to re-produce it:

1. How you downloaded (which browser)?
2. Program was active or started after downloads?
3. On-access analysis enabled or disabled?

Step-by-step description would be helpful.

Possible workaround: Uninstall Crystal Security completely and remove Crystal Security folder from AppData. Then re-install program again.

Thanks in advance.

Regards,
Kardo

 

[RmG152]

mmm after reboot I can't reproduce real time protection issue again, I dont know why :/

I'm using portable version, after clean appdata folder I can reset configuration to default, but now I found this bug:

1. Close Crystal Security to prepare scenario.
2. Download PotentiallyUnwanted.exe (I'm using opera).
3. Put exe in a folder.
4. Close folder.
5. Run Crystal Security.
6. Enter to folder.
7. Run and Accept exe on smartscreen.
8. Now Crystal security block it.
9. Try to run again.
10. Exe run without problems.
11. Close Crystal Seurity and run again.
12. Exe is now blocked, but if you try to run 2nd time exe run without problem.


Some times Exe disapear (quarentine I think) on 1st run, some times persist.


My configuration:
Windows 8.1 x64
Folder on non system harddrive.
AppGuard (disabled on test)
Exe Radar Pro (disabled on test)
360IS (Disabled on Test)
Opera (last stable)
Crystal Security portable, default rules.

 

[Kardo Kristal]

@RmG152 Thank you for the reply.

Strange... I tried to re-produce it but for me Crystal Security blocked all PUP files without problems.

1. On-access disabled
2. Ran file: Blocked
3. Ran same file with different name: Blocked
4. Enabled on-access: Blocked fourth time (same file)
5. Exited program, downloaded PUP files again
6. Launched Crystal Security and blocked newly downloaded PUP files

Unfortunately I don't know why you got this issue because everything is fine here.

PS. Please try to refresh folder content too see if PUP file is still there.

Regards,
Kardo

 

[RmG152]

@Kardo Kristal

mmm are you testing on C:?

Can you test in a secondary hdd?

I test it on virtual machine with only 1 hdd and work well, but in my computer I use 1 hdd for system, 1 hdd with testing folder and 1 hdd with download folder.

another "issue"
Can you make like 70 copies and enter folder? sometimes alert change:

 

[Kardo Kristal]

@RmG152

mmm are you testing on C:?

Yes. Soon I can test it on a different/separate hard drive.

I test it on virtual machine with only 1 hdd and work well, but in my computer I use 1 hdd for system, 1 hdd with testing folder and 1 hdd with download folder.

Thanks for the information.

another "issue"
Can you make like 70 copies and enter folder? sometimes alert change:

Actually it is a limitation of VT API (10 files per minute).

Regards,
Kardo