Crystal Security 3.5

Status
Not open for further replies.

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
TjcOJt.png

does that option solve the first point? can't test cause the samples i have are instantly detected static.

ps: nevermind, it doesn't...
 
Last edited:

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
pretty impressive, VT is full clean, but the sample is malicious according to any.run
Crystal blocked it due to it's Dynamic engine
aVNHh7.png


i just can't figure out how to halt the process till decision is made...

ps: sorry for the spam, i'm just reporting interesting things while toying with it.

also got it to bug out with the sample submitting, had to restart it a few times, it stopped analyzing files or uploading them cause one file got stuck in queue and even removing it didn't help.

Stealth mode makes it a whitelist based anti-exe too :D

ps: It's an FP. dang it
 
Last edited:

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
I wanted to like this but I just can't.
the cloud uploading is buggy, it uploads files that shouldn't be uploaded, like password protected zips and then it never receives a VT result, the entry gets stuck in the UI
you can't stop an upload, you can remove it from a tab, but the tab still has it listed. for example removing it from unrecognized, overview will still have it

stuff like this is also pretty annoying, i guess its done like this to save performance and not having to wait for VT, but for example Voodooshield doesn't have this problem and gets VT results almost always instantly
oKHDGe.png


still, if someone doesn't want to use this as the primary defense layer, it's the lightest and in considering that, the best VT/sig scanner I have tried yet. if you don't mind the shortcomings.
 

Behold Eck

Level 15
Verified
Top Poster
Well-known
Jun 22, 2014
717
Good review mekelek. Some interesting points mentioned especially the silent mode pure whitelist anti-exe setting.

Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe:D ?)

Regards Eck:)
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Good review mekelek. Some interesting points mentioned especially the silent mode pure whitelist anti-exe setting.

Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe:D ?)

Regards Eck:)
I sent him an email i found on the site in case he doesn't visit MT, no response yet
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top