.000314% = 0.00000314
Evidently, they mean only files force-quarantined and not those that their product rates as UNSAFE but still allows to run while reporting to VT as UNSAFE.
User says "... wut... ?"
Delete From Quarantine In Cylance?
- Thread starter Cortex
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
.000314% = 0.00000314
Evidently, they mean only files force-quarantined and not those that their product rates as UNSAFE but still allows to run while reporting to VT as UNSAFE.
User says "... wut... ?"
I've only had a couple files show up as possible false positives. To be honest, I couldn't verify they weren't some sort of update channel or back end compromised file so I simply allowed them to be quarantined and moved on from there. Better safe than sorry.
My oldest gamer son reports that a couple games got hit by Cylance. One was a Chinese game, the other a Russian game. I couldn't verify their integrity but they are known games - but knowing Russian/Chinese software prevalence for funny business I hesitantly whitelisted them. The only other thing snagged I can report are a suspicious Python file in Bleachbit (which oddly enough, didn't impact the function of the app but triggered other sandboxes) and some game my son tried to crack and Cylance (rightly so) hit off on the hacked registration modules as they varied from the known entity of the legitimate program.
Smooth sailing otherwise. No more or less false positives than any other product, maybe even slightly less.
My oldest gamer son reports that a couple games got hit by Cylance. One was a Chinese game, the other a Russian game. I couldn't verify their integrity but they are known games - but knowing Russian/Chinese software prevalence for funny business I hesitantly whitelisted them. The only other thing snagged I can report are a suspicious Python file in Bleachbit (which oddly enough, didn't impact the function of the app but triggered other sandboxes) and some game my son tried to crack and Cylance (rightly so) hit off on the hacked registration modules as they varied from the known entity of the legitimate program.
Smooth sailing otherwise. No more or less false positives than any other product, maybe even slightly less.
- May 26, 2014
- 1,339
In my case all files were force-quarantined and there is the bug that the Dashboard doesnt show the quarantined files.
Oh, the horror for the average user ...
- Aug 4, 2016
- 1,465
Do you think Alan Profazio had an argument with his partner that morning? 
- The files that were quarantined on my system bar one were very old & had been unused for years. I was meaning to have a clear out anyway.
- The files that were quarantined on my system bar one were very old & had been unused for years. I was meaning to have a clear out anyway.In that regard, Cylance is many, many.................many................ times better than Windows...
And Cylance is nowhere near as bad as some AVs\security softs. Not even remotely in the same class of annoyances and bugs.
The annoying thing is that there is so little for the user to interact with in Cylance, that when something like this does happen it is extremely glaring and annoying,
Cylance has known about these issues since 2016. Evidently the fixes aren't easy ones. Seemingly trivial things are not always easy to fix. But who knows why these things persist.
Is that... an Apple AV? Just works? (Except when it doesn't)
At least Cylance isn't the atrocious oinker that Windows Defender is... here piggy, piggy, piggy ! Oink, oink, oink !
So much for Microsoft's Watson Ai\ML... which by the way, as far as Microsoft is concerned, was created with the primary purpose as a money-maker, instead of making Windows Defender "Borg Gen-X Jedi Death Star Killer Star Date 2459.99." I just love when the fanboys and developers spin-doctor Watson to make it out to be a whole lot more than what it actually is. Wait... that's Cylance marketing ! It's funny how the original-original Cylance bashers during 2015\6 now use Cylance-style marketing and spin-doctoring to promote it as an adjunct. Better than a sordid, cheap 1930s cinematic drama. Here piggy, piggy... oink, oink ! :emoji_popcorn:
The only thing really decent about WD is that Microsoft implements fairly good secure code - or so says Tavis Ormandy.
Last edited by a moderator:
- Mar 29, 2018
- 7,612
OK, I've had exactly 2 files quarantined - the BleachBit Python file that Sly mentioned, and Hard_Configurator. Allowing was easily accomplished through the dashboard by clicking checkmark next to file. I filled in a description of the file, e.g. "This is a controller GUI app for WD..." in the "Allow" form in the interface and voila, both programs ran fine. Nada, nothing since in quarantine and it's running fine here. I read a little about the Advanced UI but haven't explored it because I didn't need to. I'll have to go back and read more stuff on their website. That's my experience so far and I've been satisfied with it. But I'm also OK with hardened WD which runs fine on my machine. I see much handwringing in threads about bugs in other AVs …
Edit: I must have a trouble-free setup because if something breaks, chances are I wouldn't know how to fix it! I'm kind of like the blind man tapping to find his way around an unfamiliar place.
Edit: I must have a trouble-free setup because if something breaks, chances are I wouldn't know how to fix it!
I'm kind of like the blind man tapping to find his way around an unfamiliar place.
Last edited:
The lowest-hassle solutions are always the best solutions. Unfortunately, there's only a handful. Ask people with lots of experience. Low-hassle solutions save sanity, result in lower blood pressure, and increase marital\relationship happiness.
- Jul 1, 2017
- 1,396
I propose a new term for these types of products: Consensual ransomware.
If they could charge you directly to whitelist files, then they certainly would. Let's say... $1 per file. Don't think that they haven't tried to think up up some "viable" way to do so.
- Aug 4, 2016
- 1,465
I had issues with Sophos in not being able to clear the detection & blocked log, (anything actually) so if you accidentally strayed onto a dodgy site such as 'unclotheredgirlswhoarenaughty.con' (not that I ever did of course) the blocked site would remain illuminated for all to see for all eternity & longer in the log.There must be some very pure & very good people working at Sophos. Cylance seem far better :emoji_innocent::emoji_innocent:
:emoji_innocent::emoji_innocent:
- Jul 1, 2017
- 1,396
Well if you are not paying for Cylance, can you still get your program whitelisted whether you are a user or a developer? Seems like extortion to me. And their false positives are ruining VirusTotal results across the board. Cylance and DrWeb need to be removed from VT for good.
The two areas Cylance needs to improve the most is the UI and the support. Support being the one I would address the most jarring of the two. I was really not impressed talking to their support crew.
- Mar 29, 2018
- 7,612
Did you actually talk to support? I called and was told that phone support was not part of Smart Antivirus, and was directed to website help page and email.
No it wasn't the phone support, and I did get the same guy twice in a row, so who knows, maybe just a single bad employee. But I've heard that complaint enough about their web support, that I think they need to hire some better support staff.
- May 16, 2018
- 1,363
Ok, sure enough, Cylance did quarantine a DNS utility I have.
I tried to figure out a way to remove it from quarantine without going into advanced mode with no luck.
It was not immediate, but eventually, the file showed up in the little pop-up used for updates. From there I was able to go to the dashboard and reinstate it without going into advanced mode.
The GUI is a little old-and-clunky feeling... it reminds me of the Revo Uninstaller GUI.
I'm still a little skeptical about Cylance.... but there is enough evidence that it's pretty good at its niche --- that I'll stick with it.
I tried to figure out a way to remove it from quarantine without going into advanced mode with no luck.
It was not immediate, but eventually, the file showed up in the little pop-up used for updates. From there I was able to go to the dashboard and reinstate it without going into advanced mode.
The GUI is a little old-and-clunky feeling... it reminds me of the Revo Uninstaller GUI.
I'm still a little skeptical about Cylance.... but there is enough evidence that it's pretty good at its niche --- that I'll stick with it.
I don't see the problem with allowing FP's all you do is go to your dashboard and click on your device = your computer name. It shows all quarantined files. click the checkbox next to the file you want to allow and click allow.
I found out today when clicking on some malware links posted here, that when you click on a download file, windows stars downloading it even before you click to download as a partial. Then if you click cancel, Cylance still quarantines the file.
I found out today when clicking on some malware links posted here, that when you click on a download file, windows stars downloading it even before you click to download as a partial. Then if you click cancel, Cylance still quarantines the file.
Well, I'd click the files if they appeared there.
And I don't want to be on call to whitelist FPs for my entire social circle with whom I share AV licenses.
Support is an entry-level, help-desk type position full of recent grads. Companies make people work their way up out of the pit.
That's how support works. And that is because nobody wants to pay for support and support is a high expense.
Pay me $50 per year for support, and if enough parties pay that amount, I will provide you with better support.
Cylance's support isn't going to improve. For the most part, it is the luck of the draw... the support tech that you get on the other end makes all the difference. And most goods ones get promoted up out of the pit.
It's a market reality thing instead of a Cylance thing.
Last edited by a moderator:
- Status
