in my win10, in startup apps window it shows Cyberlock on or off -- in taskmanager running cyberlock.exe & cyberlockservice.exe and in its folder on ssd
C:\Program Files\CyberLock\CyberLockClient.exe @danb might need to explain the interactions between them although someone else might know.
Yes, it does, that is what is going to be the new GUI for standard users on servers and home computers with multiple accounts. If CyberLock.exe is running under your user, CyberLockClient.exe will exit immediately. I am still trying to figure out the best way to handle the interaction between CyberLock.exe and CyberLockClient.exe, so we might even be able to remove the CyberLockClient startup entry, but either way it is not going to hurt anything because it is super light and exits immediately if CyberLock is running.
Can you explain it a bit? I never had a startup entry with any versions of CyberLock.
The "analyzing" of files unknown to CyberLock never worked for me with any versions of CyberLock. Attached are the screenshots; I started the file and waited for 10 minutes.
Can you explain it a bit? I never had a startup entry with any versions of CyberLock.
The "analyzing" of files unknown to CyberLock never worked for me with any versions of CyberLock. Attached are the screenshots; I started the file and waited for 10 minutes.
Yes, it is because the CyberLockClient is a brand new feature, and we have to start it somehow . If I find a better way to start it, then we will certainly do so. Or if there is only one user on the computer, then we will skip creating the startup item If you are the only user on the computer, you can safely delete that startup item. Keep in mind that the CyberLockClient is a brand new feature, and I still have a lot of work to do on it. It is perfectly functional now for servers and for computers with multiple users. The 2 main things I need to finish up are the new super light gui and figure out how CyberLock.exe and CyberLockClient.exe are going to interact with each other.
I just installed System Informer and there were zero unexpected blocks, so it worked absolutely perfectly for me with 7.96beta. I see from your screenshot that System Informer is probably installed in your user directory? I am guessing because it is blurred out. So even though the default install of System Informer is in Program Files, I also copied the folder to my User folder and ran it from there, and it worked perfectly as well. I am guessing that one of your CyberLock Settings is creating the block... my best guess is that maybe you possibly disabled the one of the top two options on the Advanced tab in CyberLock settings?
I have CyberLock on Always ON mode with no other changes. I'm using the portable version of System Informer, which is in the portable apps folder in the C partition. The problem isn't with the alert or block, but with the analysis of unknown files, which never worked for me or completed/provided verdicts.
I have CyberLock on Always ON mode with no other changes. I'm using the portable version of System Informer, which is in the portable apps folder in the C partition. The problem isn't with the alert or block, but with the analysis of unknown files, which never worked for me or completed/provided verdicts.
Ohhhh, so it is not specific to System Informer, this is true with all CyberLock blocks? The first thing to check is to see if there is a firewall rule that is blocking CyberLock. Are you on a VPN?
Ohhhh, so it is not specific to System Informer, this is true with all CyberLock blocks? The first thing to check is to see if there is a firewall rule that is blocking CyberLock. Are you on a VPN?
CyberLock works well for me, except for its analyzing of unknown files. The analysis never returns a verdict, using a VPN or real connection. I use Windows Firewall, and there is no CyberLock rule. I just tried the current nightly version of VLC 4, waited for 20 minutes, and CyberLock was still analyzing the file. The WhitelistCloud website uploaded and produced a verdict within a minute. After uploading to the WhitelistCloud website, CyberLock provided a verdict when I executed the VLC installer.
I checked the DeveloperLog file; there is no WhitelistCloud or related entry. It has the following entry for VLC and a similar entry for System Informer.
File Insight: vlc-4.0.0-dev-win64-25b50ae6.exe | ProcessPath: c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe | CommandLine: "c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe" | ParentProcessPath: c:\windows\explorer.exe | File Type: 0 | IsProcessInCurrentSnapShot: 0
@simmerskool, Can you check if you have the following errors in the DeveloperLog and DeveloperServiceLog files in the CyberLock folder in Program Data? I don't know if these are normal or some issues with CyberLock or the system.
There are quite a few errors similar to the one below in the DeveloperLog file.
[ERROR] - Exception in SrvRequestDispatcher_HandleProcess1: Path: c:\windows\system32\smartscreen.exe CommandLine: C:\Windows\System32\smartscreen.exe -Embedding Parent: c:\windows\system32\svchost.exeObject reference not set to an instance of an object.. at CyberLock.NewProcessHandler.?.?(? ?)
at System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
at CyberLock.NewProcessHandler.?(? ?)
at CyberLock.SrvRequestDispatcher.HandleProcess(Object state)
There are quite a few errors similar to the one below in the DeveloperServiceLog file.
[ERROR] - Exception in CyberLockWCF_IsDigitalSignatureVoodooVerified: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached.. at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.Open()
at ?.?(String ?)
CyberLock works well for me, except for its analyzing of unknown files. The analysis never returns a verdict, using a VPN or real connection. I use Windows Firewall, and there is no CyberLock rule. I just tried the current nightly version of VLC 4, waited for 20 minutes, and CyberLock was still analyzing the file. The WhitelistCloud website uploaded and produced a verdict within a minute. After uploading to the WhitelistCloud website, CyberLock provided a verdict when I executed the VLC installer.
I checked the DeveloperLog file; there is no WhitelistCloud or related entry. It has the following entry for VLC and a similar entry for System Informer.
File Insight: vlc-4.0.0-dev-win64-25b50ae6.exe | ProcessPath: c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe | CommandLine: "c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe" | ParentProcessPath: c:\windows\explorer.exe | File Type: 0 | IsProcessInCurrentSnapShot: 0
@simmerskool, Can you check if you have the following errors in the DeveloperLog and DeveloperServiceLog files in the CyberLock folder in Program Data? I don't know if these are normal or some issues with CyberLock or the system.
There are quite a few errors similar to the one below in the DeveloperLog file.
[ERROR] - Exception in SrvRequestDispatcher_HandleProcess1: Path: c:\windows\system32\smartscreen.exe CommandLine: C:\Windows\System32\smartscreen.exe -Embedding Parent: c:\windows\system32\svchost.exeObject reference not set to an instance of an object.. at CyberLock.NewProcessHandler.?.?(? ?)
at System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
at CyberLock.NewProcessHandler.?(? ?)
at CyberLock.SrvRequestDispatcher.HandleProcess(Object state)
There are quite a few errors similar to the one below in the DeveloperServiceLog file.
[ERROR] - Exception in CyberLockWCF_IsDigitalSignatureVoodooVerified: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached.. at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.Open()
at ?.?(String ?)
I had just opened the DeveloperLog in Notepad++ the other day, it has 31700 lines, I searched for [ERROR] - Exception in SrvRequestDispatcher and it was not found... if that helps...
CyberLock works well for me, except for its analyzing of unknown files. The analysis never returns a verdict, using a VPN or real connection. I use Windows Firewall, and there is no CyberLock rule. I just tried the current nightly version of VLC 4, waited for 20 minutes, and CyberLock was still analyzing the file. The WhitelistCloud website uploaded and produced a verdict within a minute. After uploading to the WhitelistCloud website, CyberLock provided a verdict when I executed the VLC installer.
[ERROR] - Exception in CyberLockWCF_IsDigitalSignatureVoodooVerified: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached.. at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions,
I think the timeout might be a thing for very large files as with some I get further Not Safe File alerts for the same file if it's a larger size. Just uploading those to whitelistcloud.com made the process quicker. Perhaps @danb can let us know what the timeout rules are for CL. I occasionally get a short delay when there are multiple files being checked but they clear pretty quickly when they do start going. At least in my experience.
CyberLock works well for me, except for its analyzing of unknown files. The analysis never returns a verdict, using a VPN or real connection. I use Windows Firewall, and there is no CyberLock rule. I just tried the current nightly version of VLC 4, waited for 20 minutes, and CyberLock was still analyzing the file. The WhitelistCloud website uploaded and produced a verdict within a minute. After uploading to the WhitelistCloud website, CyberLock provided a verdict when I executed the VLC installer.
I checked the DeveloperLog file; there is no WhitelistCloud or related entry. It has the following entry for VLC and a similar entry for System Informer.
File Insight: vlc-4.0.0-dev-win64-25b50ae6.exe | ProcessPath: c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe | CommandLine: "c:\users\rashmi\downloads\vlc-4.0.0-dev-win64-25b50ae6.exe" | ParentProcessPath: c:\windows\explorer.exe | File Type: 0 | IsProcessInCurrentSnapShot: 0
@simmerskool, Can you check if you have the following errors in the DeveloperLog and DeveloperServiceLog files in the CyberLock folder in Program Data? I don't know if these are normal or some issues with CyberLock or the system.
There are quite a few errors similar to the one below in the DeveloperLog file.
[ERROR] - Exception in SrvRequestDispatcher_HandleProcess1: Path: c:\windows\system32\smartscreen.exe CommandLine: C:\Windows\System32\smartscreen.exe -Embedding Parent: c:\windows\system32\svchost.exeObject reference not set to an instance of an object.. at CyberLock.NewProcessHandler.?.?(? ?)
at System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
at CyberLock.NewProcessHandler.?(? ?)
at CyberLock.SrvRequestDispatcher.HandleProcess(Object state)
There are quite a few errors similar to the one below in the DeveloperServiceLog file.
[ERROR] - Exception in CyberLockWCF_IsDigitalSignatureVoodooVerified: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached.. at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.Open()
at ?.?(String ?)
Thank you, that helps... yes, it looks like it is timing out, which typically means for whatever reason CyberLock cannot connect to the internet on your system. In your case, for some reason it seams CyberLock / CyberLockService is not able to upload files to www.whitelistcloud.com. Can you please email me both of your logs? support at cyberlock.global
Thank you, that helps... yes, it looks like it is timing out, which typically means for whatever reason CyberLock cannot connect to the internet on your system. In your case, for some reason it seams CyberLock / CyberLockService is not able to upload files to www.whitelistcloud.com. Can you please email me both of your logs? support at cyberlock.global
Hehehe, thank you for catching that! I am actually going to take a break for about a week as soon as we fix this one last bug (rashmi's bug), and that will give us time to make sure it is ready to implement all of the code updates into DefenderUI Pro and WDAC Lockdown. That should go super fast, like less than a day. Once all of the code is updated and DefenderUI Pro and WDAC Lockdown are firing on all cylinders, I might even discontinue WDAC Lockdown... WDAC doesn't hold a candle to CyberLock or DefenderUI Pro. There is not one single advantage that WDAC has over CyberLock / DefenderUI Pro, but these two have tons of advantages over WDAC.
And then I am going to work on WhitelistCloud... it will be interesting to see what cool things we can add. It will also be interesting because I am not familiar with web development .
And then I am going to work on WhitelistCloud... it will be interesting to see what cool things we can add. It will also be interesting because I am not familiar with web development .
When CL spits out its results, could it also just show the virustotal score rather than asking "would you like a 2d opinion" or is there a restriction about that... I got hungup last night running sysinternals sigcheck with VT as there's a limit of 4 lookups per minute for my standard free API key. Just a suggestion
@danb
Is there a chance that you will finally implement some of the former Yugoslav languages in the new v8 version? It can be any of these three: Bosnian, Croatian or Serbian. These are languages spoken by at least 50 million people in the world. I can spare my time to help with translation and correcting mistakes.
