Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Crystal Security 3.5
- Thread starter Kardo Kristal
- Start date
- Status
nooo that it's ok i mean Sql ,mysql,sqlite,ms sql ,oracle ,mono,abo.db
Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Hi @Mr.NoName,
Local database is loaded into memory without SQL, MySql etc..
Only latest threat information is downloaded and stored on your computer (mostly for offline usage).
Regards,
Kardo
Last edited:
@Kardo Kristal I agree with Logethica
just over the past year alone I have watched your product grow and improve exponentially
you should be proud.
just over the past year alone I have watched your product grow and improve exponentially
you should be proud.
so you use array or string ok good but what about when you load more than 6 million sigs in this memory ?
Not to answer your question, but I have thought one thing when I read it :
About values :
SHA256 = 32 Bytes
32 Bytes x 6000 000 => 183 MB ( with 1024² used)
HASH = 16 Bytes
for 6000 000
=> 91.5 MB
Only to say: often, "high x very small" = "not too high"
(Sorry, I know it may not help a lot, and can have nothing to do with the real answer, but before I go to bed, I needed to make a last post
)
Last edited:
yes bot there are more than one billion malware and threats at all so this is bigNot to answer your question, but I have thought one thing when I read it :
About values :
SHA256 = 32 Bytes
32 Bytes x 6000 000 => 183 MB ( with 1024² used)
HASH = 16 Bytes
for 6000 000
=> 91.5 MB
Only to say: often, "high x very small" = "not too high"
(Sorry, I know it may not help a lot, and can have nothing to do with the real answer, but before I go to bed, I needed to make a last post
Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Hi @_CyberGhosT_
Thank you for the kind words. I am glad you like Crystal Security.
Hi @Mr.NoName,
Local database is limited. There is no plan to load millions of signatures in the memory. Thanks to Heuristic engine which is also local and Cloud engines, detection ratio should be quite good to detect any kind of malware.
Hi @DardiM,
Thanks bro.
Regards,
Kardo
@DardiM You mentioned here some extensions need to be added manually. I am trying the product now and would love to know what those extensions are and why they are not used by default(assuming you know why). Also is there any drawback from using the extra extensions?(Hopefully not more alerts).
Will really appreciate it if you have the time to enlighten me. Thanks in advance.
PC: SECURE - Vanduss's Security config
Will really appreciate it if you have the time to enlighten me. Thanks in advance.
PC: SECURE - Vanduss's Security config
@Kardo Kristal , the creator of this useful tool, could explain better than me.
I will try :
There are two extensions that I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file made Crystal security prompt an alert (you can imagine the number of .js file used by website :'( ), and excluding a folder was a problem because several sub temp folders was created by this Browser.
=> @Kardo Kristal resolved this in a update where excluding a folder also excludes the sub folders.
You can follow the discussion with @Kardo Kristal
- from this link Crystal Security 3.5
- to this link Crystal Security 3.5
(2) .bin
=> some malware sample (on some website) are with .bin extension (added at the end of real extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
Last edited:
OK thanks. WIll add bin for now and check what folder i need to whitelist for js to see if it's worth it. I control wscript with other ways and adding an exclusion might be a bad idea depending on set location.@Kardo Kristal , the creator of this useful tool could explain better than me.
There are two extension I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file make Crystal security prompt an alert (unknown files)
and excluding a folder was a prolem because sub temp folder was created by this Browser.
=> @Kardo Kristal resolve this in a update where exluding a folder exlude also the sub folders
(2) .bin
=> some malware sample are with .bin extension (ate the end the .exe extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
Thanks a lot for your quick reply.
I tested with Vivaldi, Firefox, Chrome, IE
=> the problem only appears with IE
This is what I posted :
"For people who want to do the same, don't forget that in the path
...\AppData\Local\Microsoft\Windows\INetCache\Low\IE
there are hidden / protected folders you must make "visible" before adding in Crystal Security.
AppData => choose : "show hidden file/folder or drive"
INetCache => Uncheck : "Hide protected system files"
And don't forget to reverse this changes after folder has been added in Whitelist
"
Last edited:
Oh cool, i thought it was for all browsers. I never open IE and use Chrome and Firefox so will add js. No reason not to do so it if no whitelist is required. Thanks again.I tested with Vivaldi Firefox chrome IE
=> the problem only appear with IE
This is what I posted :
"For people who want to do the same, don't forget that in the path
...\AppData\Local\Microsoft\Windows\INetCache\Low\IE
there are hidden / protected folders you must make "visible" before adding in Crystal Security.
AppData => choose : "show hidden file/folder or drive"
INetCache => Uncheck : "Hide protected system files"
And don't forget to reverse this changes after folder has been added in Whitelist
You are welcome
One more thing : don't make the same error that I've made the first time I used Crystal Security
Add you custom extension here :
Settings => Protection => File Types => Custom and don't forget to click on apply (I was certainly exhausted
)
Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Hi @SHvFl,
Thanks for the interest.
Additional extensions are optional. You can add any extension you like. It is possible that with new extensions, you may see more alerts (e.g. when detected file is unknown, suspicious or unsafe). It depends on your Settings.
By default only common executables are monitored.
There are two extension I added manually :
(1) .js
for scripting files which use wscript.exe to run script outside a Browser
=> the drawback I saw was that when Browsing with IE 11, all .js file made Crystal security prompt an alert (you can imagine the number of .js file used by website :'( ),
and excluding a folder was a problem because sub temp folder was created by this Browser.
=> @Kardo Kristal resolved this in a update where excluding a folder also exludes the sub folders
You can follow the discussion with @Kardo Kristal
from this link Crystal Security 3.5
to this link Crystal Security 3.5
(2) .bin
=> some malware sample are with .bin extension (added at the end of real extension) : secure way to analyse it by a scanner without risk of run it by miss clicking
@DardiM Thanks for the useful reply.
Regards,
Kardo
@Kardo Kristal
what news on my Norton problem, since hash changes each Norton local protection update
what news on my Norton problem, since hash changes each Norton local protection update
Last edited:
Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Hi @bjm_,
Thanks to sub-folders support your issue should be fixed.
Please white-list the following folder under Whitelist section: C:\ProgramData\Norton\
Regards,
Kardo
Aha, Okay. I'll try CS again and see what's new. Thanks!Hi @bjm_,
Thanks to sub-folders support your issue should be fixed.
Please white-list the following folder under Whitelist section: C:\ProgramData\Norton\
Regards, Kardo
_________________________________
FWIW ~this is as I see with FoxWebSecurity. http://s31.postimg.org/rzfpksl8b/screenshot.png
SafeWeb reports SAFE https://safeweb.norton.com/report/show?url=crystalsecurity
Default Policy-1 DNS IP's used by FoxWebSecurity may be over-reaching. IDK
Last edited:
Is there any settings like "trust all" when installing on clean PC?
I would like to reduce pop-up of Unknown file by Collective Cloud (I was just turn off that for a day).
I would like to reduce pop-up of Unknown file by Collective Cloud (I was just turn off that for a day).
Kardo Kristal
From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Forum Veteran
- Jul 12, 2014
- 1,143
- 7,365
- 2,079
- 33
Hi @bjm_,
Seems like Uptodown and Programosy sites are detected. Should be False Positives by filter.
Hi @Av Gurus,
Currently there is no such feature/setting. There is a plan to add Folder whitelisting option to notification so when unknown file is detected during the installation of new program then you can easily white-list whole directory. It should help to reduce unknown pop-ups.
Regards,
Kardo
- Status
You may also like...
-
Simple Steps to Secure Your Windows 11 PC- Started by Divergent
- Replies: 0
-
-
SHARPEN projects 3 professional
- Started by Brownie2019
- Replies: 0
-
Windows 11 24H2 KB5064081 August non security preview update- Started by Gandalf_The_Grey
- Replies: 3
-
Expired SwifDoo Christmas 2025: PDF 18 Software Programs for free
- Started by Brownie2019
- Replies: 1