Crystal Security 3.7 BETA

S

Sr. Normal 2.0

Sonar (Norton) identifies Crystal Security as Threat in High Grade

upload_2017-2-14_15-44-9.png

SUD
 

bjm_

Level 14
Verified
Top Poster
Well-known
May 17, 2015
666
Resolution.png scale factor.png
btw ~ Zemana Portable was blacklisted and stripped to 0kb. Is there a restore from blacklist.
With Zemana Portable at 0kb with desktop Icon stripped. Only way I saw to restore Zemana was new download.

Crystal Security (something) was also blacklisted. Maybe, dynamic engine?

Analyze with Crystal Security (context menu) does not call CS or scan item as I can see.
btw ~ Analyze with Crystal Security needs CS Icon.

Quick & Advanced scans were 0 & 0. And other than cosmetic issue. CS felt okay for awhile.
Then after playing with CS Settings with close and open CS.
CS went aggressive on Zemana Portable.

Sorry, Zemana blacklist with desktop Icon stripped, happened so swift and unexpected, I did not capture screenshots.
I've deleted Crystal Security (for now).
 
Last edited:

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
btw ~ Zemana Portable was blacklisted and stripped to 0kb. Is there a restore from blacklist.
With Zemana Portable at 0kb with desktop Icon stripped. Only way I saw to restore Zemana was new download.

When something is blocked and moved to Blacklist then you can restore file with the following steps:
  1. Go to "Blacklist" section
  2. Right-click on black-listed file
  3. Choose "Restore Selected File"
If file is in quarantine then it should restore file to original location.
Crystal Security (something) was also blacklisted. Maybe, dynamic engine?

It was probably Shell integration file detection. It was also reported by @Petrovic. Will be fixed.
Analyze with Crystal Security does not call CS or scan item as I can see.

Bug confirmed and will be fixed.
CS went aggressive on Zemana.

I'll look into it.

I'll try to re-produce DPI scaling issue too.

Regards,
Kardo
 
Last edited:

bjm_

Level 14
Verified
Top Poster
Well-known
May 17, 2015
666
When something is blocked and moved to Blacklist then you can restore file with the following steps:
  1. Go to "Blacklist" section
  2. Right-click on black-listed file
  3. Choose "Restore Selected File"
If file is in quarantine then it should restore file to original location.
Well, I did not see quarantine. Just blacklist and whitelist.
Is there a quarantine window?



It was probably Shell integration file detection. It was also reported by @Petrovic. Will be fixed.


Bug confirmed and will be fixed.


Interesting issue. Never happened here.
I meant by 0 & 0 that no threats were found.


I'll look into it.

I'll try to re-produce DPI scaling issue too.

Regards,
Kardo
 

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
bjm_ said:
Well, I did not see quarantine. Just blacklist and whitelist.
Is there a quarantine window?

@bjm_ You can consider Blacklist as Quarantine. Quarantine files are stored under AppData directory.
You can restore files only via UI because all quarantined files are also encrypted.

I just tried to re-produce your DPI scaling issue. Changed DPI to 150%. After that I signed out and logged in.
I started Crystal Security and no problems here. I can only suggest to set DPI to 100% on your system.

Regards,
Kardo
 
Last edited:

bjm_

Level 14
Verified
Top Poster
Well-known
May 17, 2015
666
@bjm_ You can consider Blacklist as Quarantine. Quarantine files are stored under AppData directory.
You can restore files only via UI because all quarantined files are also encrypted.

I just tried to re-produce your DPI scaling issue. Changed DPI to 150%. After that I signed out and logged in.
I started Crystal Security and no problems here. I can only suggest to set DPI to 100% on your system.

Regards,
Kardo
Yeah, I was expecting and looking for a quarantine module within the CS user interface.
Guess, I'm used to programs that quarantine and restore from quarantine.
I'm used to NoVirusThanks ERP with Whitelist/Blacklist and Quarantine.
I'm used to Webroot with Block/Allow and Quarantine.

I just found (with your pointing) AppData > Roaming > Crystal Security > Quarantine. Quarantine folder is empty.

Since Crystal Security is only program showing cosmetic issue for me. I'll leave DPI as is.

Thanks
 
Last edited:

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
Hi @Petrovic,

Thank you for the feedback. :)
repeat - cerber3 cerber3.....etc | sage

Is it possible that you downloaded or copied "cerber3" file multiple times?

Double entries are currently allowed by default under Blacklist.

When you download or copy same file e.g. 2 times then it will be also listed under Blacklist 2 times (like double entries).

If you downloaded or copied "cerber3" file only once then it is possible bug.

Seems like a bug. I'll look into it.
Links to stable installers are down. Thinking of adding this to my security config.

@J Gamez065,

Thanks. Stable download links up again. :)

Regards,
Kardo
 

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Hello,

Crystal Security 3.7.0.4 BETA released

Changelog
  • Improved Dynamic engine (reduced False Positives)
  • Fixed bug in Digital signature verification (signature not detected)
  • Fixed several other minor bugs (user interface)
  • Updated rules set in Dynamic engine (balanced detection)

Two different types of downloads


Download installer version of Crystal Security 3.7.0.4
Download portable version of Crystal Security 3.7.0.4

Looking forward to your feedback. :)

Regards,
Kardo
Great work Kardo :)
 

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
Wonder how Crystal would do with wannacry ,anyone test that ? I am running Latest Crystal Security with Comodo Firewall

Hi @blueblackwow65,

Thank you for the interest. :)

Just performed some tests against following ransomwares:

1. Jaff - sample by @Solarquest

Engines: Collective and Dynamic
Threat Score: 87%

2. WannaCry - sample by @Der.Reisende

Engine: Collective
Threat Score: 87,7%

3. WannaCry v2 - sample by @Der.Reisende

Engine: Collective
Threat Score: 92,8%

4. Cradle - sample by @Amelith Nargothrond

Engines: Collective and Dynamic
Threat Score: 75,8%

5. Cerber - sample by @silversurfer

Engines: Collective and Dynamic
Threat Score: 27%

6. DoNotChange - sample by @Der.Reisende

Engines: Collective and Dynamic
Threat Score: 82,9%

Regards,
Kardo
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top