Crystal Security - Discussion

Discussion in 'other anti-malware software' started by kardokristal, Jan 29, 2012.

  1. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    Hi
    i want to try the portable at work , but does it leave registry keys or file on the pc when i shut down crystal security ?
    thanks
     
  2. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @mantra,

    When you enable Shell integration feature under Settings then it will add registry key for right-click menu.

    Crystal Security stores data files under "AppData" directory: C:\Users\username\AppData\Roaming\Crystal Security

    Regards,
    Kardo
     
  3. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    ok thanks Kardo
    seeing i can't install program under my computer at work , i will not enable shell integration
    but how can it detect a malware ? i mean without drivers ?
    thanks really beautiful program , maybe in the future we could see an hips ?:thumb:
     
  4. colorado13

    colorado13 Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    117
    Location:
    Orihuela, Spain
    It's a very good and light program.
     
  5. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @mantra,

    Thanks for the interest. Sorry about late reply.
    It is possible to monitor files (without drivers) on your computer. e.g. when file is created, modified, launched.
    Thank you for the kind words. I am glad you like it. :)
    Hi @colorado13,

    Thanks. Your feedback is much appreciated. :)

    Regards,
    Kardo
     
  6. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    @kardokristal
    if the portable version doesn't leave behind registry keys or files outside
    ) , 1) might i add to some great freeware sites even porteble free sites?

    2)
    i haven't right now a clean machine to test it ,but without shell integration and "data", it doesn't leave files and registry keygs , doesn't it?

    3)
    maybe it could be a great idea if the program could store crystal security date in its own folder will be 100% portable and amazing , have a tool like it on a usbstick would be really a pure GEM

    thanks again for the beautiful software
     
  7. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @mantra,
    1. Crystal Security is listed on some websites as portable anti-malware tool.
    2. If you want to remove registry entries then disable "Shell integration" and "Start with Windows" under "Settings". Data files are located only in "AppData" directory. You can delete Crystal Security directory under AppData manually.
    3. Currently there is no plans to change it because it is better to use same location for installer and portable version.
    I hope it helps. :)

    Regards,
    Kardo
     
  8. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    Hi @kardokristal
    could be setup to scan the files downloaded from internet , i mean the chrome or firefox cache and block all form of Ransomware ?
    a simple hips would be great ,by the way
     
  9. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @mantra,

    Thank you for the interest. Sorry about late reply.

    If you want to monitor only some areas then please apply the following settings:

    Go to Settings => Protection => Monitoring
    1. Under "Scope" un-check following items: "All files", "Program files" and "System files"
    2. Check the following item: "Custom"
    3. Click on the bulb icon to edit "Scope"
    4. Now add custom location and click on "Protection" tab.
    After changes click on the "Apply". Now Crystal Security should analyze only custom locations.

    I hope it helps. :)

    Regards,
    Kardo
     
  10. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Is CS be banned from VirusTotal like SecureAPlus or is everything good for the future?
     
  11. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @Djigi,

    Thank you for the interest.
    I discussed with VirusTotal staff about VirusTotal usage in Crystal Security. Some changes are needed.
    1. VirusTotal references will be added into analysis. "VirusTotal" will be also mentioned in "Collective cloud" and "Uploads" descriptions.
    2. It should be clear to users that Crystal Security is a second-opinion tool and not replacement for AntiVirus suite.
    3. Crystal Security helps VirusTotal by submitting unknown executable files (already implemented). Possible to use as "VirusTotal Uploader"
    4. Users can decide what to do with each detected file (already implemented)
    All changes will be added in the next version. Everything should be good with VirusTotal usage. :)

    Regards,
    Kardo
     
    Last edited: Oct 31, 2016
  12. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Last edited: Dec 4, 2016
  13. guest

    guest Guest

    I have been testing it and it's a quite mature version. Everything works well.

    What are your plans for Crystal Security this year?
     
  14. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @guest,

    Thank you for the feedback.
    It is great to hear that. :)
    There is a plan to add new in-house engine which will be based on different rules set to determine if file is malicious or not. It will work in offline mode and there is no database or database updates. New engine improves over-time with new/improved rules set. There will be also sensitivity levels so user can configure it easily via Settings.

    New In-house engine will be also primary engine.There is no unknown result for this engine but if file is unknown to Collective cloud then it will be still uploaded and re-checked later to confirm file status.

    There will be also other improvements in next 3.7 Beta version.

    I wish everyone a Happy New Year! :)

    Regards,
    Kardo
     
    Last edited: Jan 5, 2017
  15. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,340
    Location:
    Québec, Canada
    Installed the portable version on my PC at work yesterday.
    Nice stuff!
    However, I found out that if left with Auto-decision at OFF, and went away from the PC a few minutes, when I went back, the popup was opened asking for my decision but I guess a few other alerts happened in the meantime and it became unresponsive.
    Maybe the scan should pause while a decision popup occurs?
    Just a guess on what happened though.

    Thanks!
     
  16. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @fblais,

    Thank you for the feedback.
    I am glad you like it. :)
    Interesting. I'll try to re-produce it.
    It already works this way.

    Please provide the following information:
    1. Operating System and architecture (32/64-bit)
    2. Any other security software
    Thanks in advance. :)

    Regards,
    Kardo
     
  17. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,340
    Location:
    Québec, Canada
    Thanks Kardo.
    Windows 7 professional, 64 bits.
    MSE realtime, Windows FW.
    MBAM 3.0.5 in free mode, so nothing in realtime, and didn't run a scan since your program is running.

    Regards,
    François
     
  18. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Thank you for the feedback François. :)

    If there is any other issue, suggestion or feedback then feel free to let me know anytime.

    Regards,
    Kardo
     
  19. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi,

    I looked at the statistics for the previous month and here are the results. :)

    The following statistics have been gathered from the cloud analysis.

    December (31 days):
    • Total queries: 288 735
    • 9 314 files per day
    • 388 analysis per hour
    • 6 analysis per minute
    It is great to see such results and statistics.

    Thank you to all the users. :)

    Regards,
    Kardo
     
  20. guest

    guest Guest

    Which options will you keep active to gain some performance without lossing too much protection?
    Analysis modes: created objects, modified objects, active processes and on access.
    I guess leaving alone on access and active processes will be optimal.
     
  21. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @guest,

    Thanks for the interest. :) Sorry about late reply.

    Currently there is a plan to keep enabled the following analysis modes:
    • Created objects
    • Modified objects
    • Active processes
    On-access mode (when enabled) may decrease performance and also may cause many issues.
    There will be many changes in the next Beta version (active protection, engines and so on).

    Regards,
    Kardo
     
  22. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hello,

    I am pleased to announce that a new BETA version of Crystal Security is available. :)

    What's new in Crystal Security 3.7

    Added new Dynamic Engine

    Dynamic engine is a new in-house engine. It is based on different rules set to determine if file is malicious or not.
    It works in offline mode and does not require any database or database updates.

    Added new Settings

    - Show result based on in-house engines -
    • When unknown file is detected by Collective engine then decision will be based on other in-house engines
    • No more unknown alerts (useful for average users)
    - Do not alert - wait for cloud response -
    • File will be uploaded to the cloud (without any alert/decision)
    • When analysis are done, then there will be known result for file by Collective engine
    Improved Shell integration

    When you start right-click scan then Crystal Security shows Overview section automatically which will help to keep an eye on analysis.

    Improved User Interface

    There are several changes under Settings (Protection and Behavior) section and also on notifications.

    Improved Performance and other features

    There are a lot of other changes and improvements in many features.

    Two different types of downloads

    Download installer version of Crystal Security 3.7.0.1
    Download portable version of Crystal Security 3.7.0.1

    Please uninstall any previous version completely to avoid conflicts.

    Notice: Dynamic engine is currently enabled only in Active protection.

    Looking forward to your feedback. :)

    Regards,
    Kardo
     
    Last edited: Feb 13, 2017
  23. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
  24. mWave

    mWave Guest

    Make sure you check if the task was removed or not when CS starts-up so you can repair it if gets removed when the setting is still enabled for start-up :)
     
  25. kardokristal

    kardokristal Developer

    Joined:
    Jan 6, 2012
    Posts:
    1,091
    Location:
    Estonia
    Hi @mWave,

    It already works this way. :)

    Regards,
    Kardo
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.