Crystal Security 3.7 BETA

S

Sr. Normal 2.0

Sonar (Norton) identifies Crystal Security as Threat in High Grade

upload_2017-2-14_15-44-9.png

SUD
 
  • Like
Reactions: vtqhtr413, Rengar, Winter Soldier and 5 others
bjm_

bjm_

Level 15
Verified
Top Poster
Well-known
May 17, 2015
705
Resolution.png scale factor.png
btw ~ Zemana Portable was blacklisted and stripped to 0kb. Is there a restore from blacklist.
With Zemana Portable at 0kb with desktop Icon stripped. Only way I saw to restore Zemana was new download.

Crystal Security (something) was also blacklisted. Maybe, dynamic engine?

Analyze with Crystal Security (context menu) does not call CS or scan item as I can see.
btw ~ Analyze with Crystal Security needs CS Icon.

Quick & Advanced scans were 0 & 0. And other than cosmetic issue. CS felt okay for awhile.
Then after playing with CS Settings with close and open CS.
CS went aggressive on Zemana Portable.

Sorry, Zemana blacklist with desktop Icon stripped, happened so swift and unexpected, I did not capture screenshots.
I've deleted Crystal Security (for now).
 
Last edited:
  • Like
Reactions: vtqhtr413, Kardo Kristal and ForgottenSeer
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
bjm_ said:
btw ~ Zemana Portable was blacklisted and stripped to 0kb. Is there a restore from blacklist.
With Zemana Portable at 0kb with desktop Icon stripped. Only way I saw to restore Zemana was new download.
Click to expand...

When something is blocked and moved to Blacklist then you can restore file with the following steps:
  1. Go to "Blacklist" section
  2. Right-click on black-listed file
  3. Choose "Restore Selected File"
If file is in quarantine then it should restore file to original location.
bjm_ said:
Crystal Security (something) was also blacklisted. Maybe, dynamic engine?
Click to expand...

It was probably Shell integration file detection. It was also reported by @Petrovic. Will be fixed.
bjm_ said:
Analyze with Crystal Security does not call CS or scan item as I can see.
Click to expand...

Bug confirmed and will be fixed.
bjm_ said:
CS went aggressive on Zemana.
Click to expand...

I'll look into it.

I'll try to re-produce DPI scaling issue too.

Regards,
Kardo
 
Last edited:
  • Like
Reactions: vtqhtr413, silversurfer and ForgottenSeer
bjm_

bjm_

Level 15
Verified
Top Poster
Well-known
May 17, 2015
705
Kardo Kristal said:
When something is blocked and moved to Blacklist then you can restore file with the following steps:
  1. Go to "Blacklist" section
  2. Right-click on black-listed file
  3. Choose "Restore Selected File"
If file is in quarantine then it should restore file to original location.
Well, I did not see quarantine. Just blacklist and whitelist.
Is there a quarantine window?


It was probably Shell integration file detection. It was also reported by @Petrovic. Will be fixed.


Bug confirmed and will be fixed.


Interesting issue. Never happened here.
I meant by 0 & 0 that no threats were found.


I'll look into it.

I'll try to re-produce DPI scaling issue too.

Regards,
Kardo
Click to expand...
 
  • Like
Reactions: vtqhtr413, Kardo Kristal and ForgottenSeer
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
bjm_ said:
Well, I did not see quarantine. Just blacklist and whitelist.
Is there a quarantine window?
Click to expand...

@bjm_ You can consider Blacklist as Quarantine. Quarantine files are stored under AppData directory.
You can restore files only via UI because all quarantined files are also encrypted.

I just tried to re-produce your DPI scaling issue. Changed DPI to 150%. After that I signed out and logged in.
I started Crystal Security and no problems here. I can only suggest to set DPI to 100% on your system.

Regards,
Kardo
 
Last edited:
  • Like
Reactions: vtqhtr413 and ForgottenSeer
bjm_

bjm_

Level 15
Verified
Top Poster
Well-known
May 17, 2015
705
Kardo Kristal said:
@bjm_ You can consider Blacklist as Quarantine. Quarantine files are stored under AppData directory.
You can restore files only via UI because all quarantined files are also encrypted.

I just tried to re-produce your DPI scaling issue. Changed DPI to 150%. After that I signed out and logged in.
I started Crystal Security and no problems here. I can only suggest to set DPI to 100% on your system.

Regards,
Kardo
Click to expand...
Yeah, I was expecting and looking for a quarantine module within the CS user interface.
Guess, I'm used to programs that quarantine and restore from quarantine.
I'm used to NoVirusThanks ERP with Whitelist/Blacklist and Quarantine.
I'm used to Webroot with Block/Allow and Quarantine.

I just found (with your pointing) AppData > Roaming > Crystal Security > Quarantine. Quarantine folder is empty.

Since Crystal Security is only program showing cosmetic issue for me. I'll leave DPI as is.

Thanks
 
Last edited:
  • Like
Reactions: Wave and Kardo Kristal
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
  • Like
Reactions: vtqhtr413, Andrew999, JM Safe and 13 others
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
Hi @Petrovic,

Thank you for the feedback. :)
Petrovic said:
repeat - cerber3 cerber3.....etc | sage
Click to expand...

Is it possible that you downloaded or copied "cerber3" file multiple times?

Double entries are currently allowed by default under Blacklist.

When you download or copy same file e.g. 2 times then it will be also listed under Blacklist 2 times (like double entries).

If you downloaded or copied "cerber3" file only once then it is possible bug.
Petrovic said:
cerber2
https://www.virustotal.com/en/file/...6f2fe9579e204100c7eabe0c5382f9c33a3/analysis/
13/57
not detected - first scan
re-scan
Click to expand...

Seems like a bug. I'll look into it.
J Gamez065 said:
Links to stable installers are down. Thinking of adding this to my security config.
Click to expand...

@J Gamez065,

Thanks. Stable download links up again. :)

Regards,
Kardo
 
  • Like
Reactions: vtqhtr413, Av Gurus, DJ Panda and 4 others
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
  • Like
Reactions: vtqhtr413, _CyberGhosT_, Rengar and 12 others
J

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Kardo Kristal said:
Hello,

Crystal Security 3.7.0.4 BETA released

Changelog
  • Improved Dynamic engine (reduced False Positives)
  • Fixed bug in Digital signature verification (signature not detected)
  • Fixed several other minor bugs (user interface)
  • Updated rules set in Dynamic engine (balanced detection)

Two different types of downloads

Download installer version of Crystal Security 3.7.0.4
Download portable version of Crystal Security 3.7.0.4

Looking forward to your feedback. :)

Regards,
Kardo
Click to expand...
Great work Kardo :)
 
  • Like
Reactions: vtqhtr413, Rengar, Sunshine-boy and 4 others
Kardo Kristal

Kardo Kristal

From Crystal Security
Thread author
Verified
Top Poster
Developer
Well-known
Jul 12, 2014
1,143
blueblackwow65 said:
Wonder how Crystal would do with wannacry ,anyone test that ? I am running Latest Crystal Security with Comodo Firewall
Click to expand...

Hi @blueblackwow65,

Thank you for the interest. :)

Just performed some tests against following ransomwares:

1. Jaff - sample by @Solarquest

Engines: Collective and Dynamic
Threat Score: 87%

2. WannaCry - sample by @Der.Reisende

Engine: Collective
Threat Score: 87,7%

3. WannaCry v2 - sample by @Der.Reisende

Engine: Collective
Threat Score: 92,8%

4. Cradle - sample by @Amelith Nargothrond

Engines: Collective and Dynamic
Threat Score: 75,8%

5. Cerber - sample by @silversurfer

Engines: Collective and Dynamic
Threat Score: 27%

6. DoNotChange - sample by @Der.Reisende

Engines: Collective and Dynamic
Threat Score: 82,9%

Regards,
Kardo
 
Last edited:
  • Like
Reactions: vtqhtr413, _CyberGhosT_, Mr.NoName and 12 others

Similar threads

Trident
    • +Reputation
    • Thanks
New Update Announcing End of Life for Kaspersky Engine in Harmony Endpoint
Replies
14
Views
1,252
Other security for Windows, Mac, Linux
Trident
Trident
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Eset Smart Security Premium v18
Replies
12
Views
1,157
Video Reviews - Security and Privacy
mlnevese
mlnevese
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,978
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top