New Update CyberLock 8.0

[simmerskool]

I am running CL in Smart mode and do not notice this, but I am going to watch closely now.

seem here not seeing this slowdown.

 

[simmerskool]

Where do I send the log?

try support@voodooshield.com

 

[n8chavez]

It's very odd. I have a .bat file that executes at startup. In that .bat file is the below lines:

C:\ProgramData\Sonarr\bin\Sonarr.exe /icon
C:\Progra~1\POPPeeper\POPPeeper.exe -min
C:\Progra~1\SABnzbd\SABnzbd.exe

When Cyberlock 8.02 is running sometimes it'll launch the first app, sometimes not always. But the other two don't even launch. Immediately after exiting Cyberlock the other two launch. This is a repeatable outcome.

 

[pxxb1]

@danb

Are you aware of compatibility issues with Hasleo Backup Suite?

 

[n8chavez]

@danb

Are you aware of compatibility issues with Hasleo Backup Suite?

There are issues between cyberlock and HBS? I use both and I have not noticed any issues.

 

[pxxb1]

There are issues between cyberlock and HBS? I use both and I have not noticed any issues.

It was more of a question. Before version 8.02 there where issues, they got fixed with 8.02. I still had problems, which most likely was caused by another program, so i wondered if there where more issues?

 

[n8chavez]

Version 8.02 seems to be losing my preferences for not showing the whitelist icon. Every time I reboot the icon is back in the taskbar after turning it off every time. Can anyone else confirm?

 

[Digmor Crusher]

Version 8.02 seems to be losing my preferences for not showing the whitelist icon. Every time I reboot the icon is back in the taskbar after turning it off every time. Can anyone else confirm?

See posts 176-180 in this thread.

 

[n8chavez]

See posts 176-180 in this thread.

Thanks @Digmor Crusher! I'm a little weary of resetting everything. Since it's a known issue I'll just wait.

 

[Digmor Crusher]

Thanks @Digmor Crusher! I'm a little weary of resetting everything. Since it's a known issue I'll just wait.

No need to reset anything, see post 179, all you have to do is turn that setting off.

 

[n8chavez]

No need to reset anything, see post 179, all you have to do is turn that setting off.

It's already off for me though.

 

[ForgottenSeer 94738]

How will it actually affect CyberLock's functionality if Microsoft denies security programs access to the Windows kernel?

Technology - Microsoft is moving antivirus programs from running at kernel level

Antivirus software will soon be moved out of the kernel mode in Windows. This change is part of Microsoft's Windows Resiliency Initiative (WRI). Last year, millions of Windows PCs crashed with a blue screen due to a faulty update for Crowdstrike. In the aftermath of the incident, Microsoft held...

malwaretips.com

Or did I misunderstand something?

 

[Allego]

How will it actually affect CyberLock's functionality if Microsoft denies security programs access to the Windows kernel?

Technology - Microsoft is moving antivirus programs from running at kernel level

Antivirus software will soon be moved out of the kernel mode in Windows. This change is part of Microsoft's Windows Resiliency Initiative (WRI). Last year, millions of Windows PCs crashed with a blue screen due to a faulty update for Crowdstrike. In the aftermath of the incident, Microsoft held...

malwaretips.com

Or did I misunderstand something?

"Security vendors will be able to test their software, and request changes if required, to ensure that their antivirus products run fine in user mode. The Verge quotes David Weston, vice president of enterprise and OS security at Microsoft, who said that "We’re not here to tell them how the API should work, we’re here to listen and provide the security and reliability".

Instead of laying down the rules, Microsoft is collaborating with antivirus vendors to share feedback and co-engineer the system. It could take a while to get things sorted with the previews, but this is a nice approach."

We'll see what going to happen

 

[ForgottenSeer 94738]

In any case, the rights of security software should be restricted.

 

[danb]

How will it actually affect CyberLock's functionality if Microsoft denies security programs access to the Windows kernel?

Technology - Microsoft is moving antivirus programs from running at kernel level

Antivirus software will soon be moved out of the kernel mode in Windows. This change is part of Microsoft's Windows Resiliency Initiative (WRI). Last year, millions of Windows PCs crashed with a blue screen due to a faulty update for Crowdstrike. In the aftermath of the incident, Microsoft held...

malwaretips.com

Or did I misunderstand something?

Yeah, apparently Microsoft is trying to create a Windows Endpoint Security Platform (WESP) to replace kernel mode drivers. If they can get this to work, it might actually be a good thing, but there are several obstacles that are going to be difficult to overcome.

First, how are they going to protect the WESP from malware authors? Cybersecurity software has to be able to perform certain admin functions in order to operate properly, and if attackers are able to exploit the WESP, that is much worse than the current issues facing kernel mode drivers, since kernel mode drivers require signing from Microsoft. So maybe in order to access WESP, the binaries need to be signed by Microsoft.

Second, it is the kernel mode driver that provides self-protection, so the WESP will have to provide self-protection as well. And WESP will have to offer a way to intercept process creation so that the cybersecurity software can decide whether or not to let a new process execute or not.

Third, they are going to have to run Microsoft Defender under WESP as well. Think of all of the cybersecurity venders from the last 15-40 years that have provided protection to the Windows operating system, when Microsoft only started to become serious about endpoint security in the last 10 or so years. Also keep in mind, Microsoft does not only rely on Microsoft Defender to protect its own infrastructure, they use third party cybersecurity solutions as well, so I highly doubt they would allow WESP to limit functionality to third party vendors.

There are probably other obstacles, but these are the main ones that come to mind. But if done correctly, WESP might actually be a good thing, and still allow cybersecurity software to perform certain admin functions they need to operate properly.

If I had to guess, kernel mode drivers are going to be around for the foreseeable future, simply because all of these obstacles (and others I did not mention) will have to be resolved before KMDs will be replaced.

 

[pxxb1]

@danb

Are you aware of compatibility issues with Hasleo Backup Suite?

Well, @danb, are you!?

For me it shows as CL reverts all its settings back to standard.

 

[danb]

Well, @danb, are you!?

For me it shows as CL reverts all its settings back to standard.

There was a compatibility issue about a month ago, but that was fixed. Is there another issue? Let me know and I will look into it right away. Please send me your DeveloperLog if you think it will help, thank you!

 

[n8chavez]

I do not seem to be experiencing any issues between CL 8/02 and HBS. My settings for HBS do not revert.

 

[danb]

I do not seem to be experiencing any issues between CL 8/02 and HBS. My settings for HBS do not revert.

Are you guys saying that when you do a restore with HBS, that the CyberLock settings are not restored? I am just trying to figure out what issue some people are having.

 

[pxxb1]

There was a compatibility issue about a month ago, but that was fixed. Is there another issue? Let me know and I will look into it right away. Please send me your DeveloperLog if you think it will help, thank you!

I am not 100% sure but now and then all CL setting goes back to standard, aka dark etc. Last time was yesterday after an update of the program HBS.