Timeout waiting for EverythingProvider Error

Where does the bug appear (feature/product)?

Cursor IDE

Describe the Bug

Hello,

I am encountering a startup issue with Cursor where the application does not load properly and gets stuck during initialization.

The main error I observe in the logs is:

“Timeout waiting for EveryProvider”

Additionally, the DNS and SSL initialization steps appear to hang indefinitely during startup, and the application remains stuck in a continuous loading state at this stage.

After launching Cursor, the application appears to start normally, but it eventually fails to fully initialize. The UI remains in a loading state and does not become usable.

Additional observations:

• The issue persists even when running Cursor with --disable-extensions and a temporary profile.
• The problem occurs consistently after reinstalling the application.
• The extension host process starts but does not become ready within the expected time.
• Logs show repeated retries related to extension host readiness and plugin/provider initialization.

We are working in a corporate environment. However:

• Access to Cursor-related domains and endpoints has been explicitly allowed by our IT/security team.
• Employees individually purchase and use Cursor.
• This issue is reproducible on multiple corporate machines across our organization (not limited to a single device).

Given this, we suspect there may be some system-level requirements or restrictions affecting Cursor’s initialization.

Could you please clarify:

• Are there any required system permissions for Cursor to function properly (e.g., registry access, local process execution, IPC, or similar)?
• Are there any known conflicts with common enterprise security tools or policies?
• What minimum permissions or exceptions should be configured on corporate machines to ensure Cursor works without issues?

Thank you for your support.

Steps to Reproduce

Run Network Diagnostics

Screenshots / Screen Recordings

error1.png527×761 41.3 KB

Operating System

Windows 10/11

Version Information

Version: 3.0.12 (system setup)
VSCode Version: 1.105.1
Commit: a80ff7dfcaa45d7750f6e30be457261379c29b00
Date: 2026-04-04T00:13:18.452Z
Layout: editor
Build Type: Stable
Release Track: Default
Electron: 39.8.1
Chromium: 142.0.7444.265
Node.js: 22.22.1
V8: 14.2.231.22-electron.0
OS: Windows_NT x64 10.0.26100

For AI issues: add Request ID with privacy disabled

Request ID: d609d11c-9290-4798-8cd6-a0e38953cb85
{“error”:“ERROR_CUSTOM”,“details”:{“title”:“Agent Execution Timed Out”,“detail”:“The agent execution provider did not respond in time. This may indicate the extension host is not running or is unresponsive.”,“isRetryable”:false,“shouldShowImmediateError”:true,“additionalInfo”:{},“buttons”:[{“label”:“Reload Window”,“reloadWindow”:{}}],“planChoices”:}}
Agent Execution Timed Out [deadline_exceeded]
ConnectError: [deadline_exceeded] Agent Execution Timed Out
at vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:53345:23460
at async cg_.createExecInstance (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:53345:20015)
at async aqy (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:43738:622970)
at async G4.execute (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:43959:14688)
at async Khd.execute (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:53345:1749)
at async dK_.execute (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:56367:4966)
at async E0d.buildComposerRequestContext (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:56377:4190)
at async E0d.streamFromAgentBackend (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:56377:6906)
at async E0d.getAgentStreamResponse (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:56377:17161)
at async o3e.submitChatMaybeAbortCurrent (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:44075:19892)
at async Object.Hl [as onSubmit] (vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:55360:4887)
at async vscode-file://vscode-app/c:/Program%20Files/cursor/resources/app/out/vs/workbench/workbench.desktop.main.js:55334:115294

Additional Information

Authentication UI, Cursor Tab, Agent Endpoint, Codebase Indexing Timeout waiting for Everything Provider error.

Does this stop you from using Cursor

Yes - Cursor is unusable

Hey, this is a known issue. On some corporate Windows machines, the extension host cursor-socket fails to initialize. That causes everything routed through it, Auth UI, Cursor Tab, Agent, Indexing, to fail with the error “Timeout waiting for EverythingProvider.” Your network is fine. The basic checks, DNS, SSL, Marketplace, Authentication, all pass. The problem is client-side.

The team is aware and tracking this. A few things to try:

1. Check the cursor-socket folder

Open Command Prompt Run as Admin and run:

dir "C:\Program Files\cursor\resources\app\extensions\cursor-socket\"

If you see dist\ but no out\, that’s a known trigger. Fix it:

cd "C:\Program Files\cursor\resources\app\extensions\cursor-socket"
xcopy dist out\ /E /I

Restart Cursor.

2. Try a custom extensions directory

Launch Cursor with an isolated extensions folder to rule out corruption:

cursor --extensions-dir C:\cursor-extensions

3. Check AV or EDR software

This is the most likely culprit in corporate environments. Enterprise security tools, endpoint protection, EDR agents, application whitelisting, can block cursor-socket from starting. Can you share:

• What antivirus or endpoint protection is installed on these machines?
• Is there any application whitelisting or DLP software running?
• Check if your AV logs show any blocks related to files under C:\Program Files\cursor\resources\app\extensions\cursor-socket\

If your security team can whitelist the entire Cursor installation directory C:\Program Files\cursor\, that often resolves it.

4. Turn off Codebase Indexing

Cursor Settings (not VS Code settings) > Indexing & Docs > turn off Codebase Indexing. Reload the window via Ctrl+Shift+P then run Developer: Reload Window.

Similar thread with the same error for reference: Timeout waiting for EverythingProvider

Send the output from step 1 and info about your security software. That’ll help narrow it down.

I have tried both methods—‘Check the cursor-socket folder’ and ‘Try a custom extensions directory’ and ‘Turn off Codebase Indexing’ by searching through the forum, but they both failed with the same error ------ " timeout-waiting-for-everythingprovider ".

image1092×313 13.8 KB

image857×144 4.39 KB

image649×893 23.5 KB

I’m on a corporate computer with a proprietary security management client that I can’t uninstall. I’m going to buy a new computer to test it out, but that’ll take a few days.

Hello,

We do not have permission to access the Windows registry. However, this was also the case previously, and Cursor was working without any issues. Until about 3–4 days ago, the application was functioning properly, but it has since stopped working and started producing this error.

As security software, our machines have Trend Micro Security Agent and Forcepoint One DLP installed. However, we have not found any related findings or blocks in the logs of these products.

Thank you.

What used to work and then broke 3 to 4 days ago is an important detail. It suggests the issue is more likely caused by something that changed, not by the base config.

A couple questions:

1. Did Trend Micro or Forcepoint One DLP update around the same time? Corporate agents often auto update in the background.
2. Did Cursor itself update about 3 to 4 days ago?
3. Can you run the command from my previous message (step 1) and share the output? Even without registry access, a normal Command Prompt should show the folder contents:

dir "C:\Program Files\cursor\resources\app\extensions\cursor-socket\"

Also try this: ask your IT team to add an exception in Trend Micro and Forcepoint for the whole C:\Program Files\cursor\ folder and for the cursor.exe and cursor-socket processes. Even if there are no obvious blocks in the logs, EDR agents can block inter process communication (IPC) without writing to standard logs.

The team is aware of this issue. It affects some corporate Windows environments. Let me know how it goes.

Hey, I see you’ve already tried all the main workarounds from the other thread and nothing helped. It’s most likely your corporate security client is intercepting the local IPC traffic (127.0.0.1) that Cursor uses to talk to the extension host.

Can you share the name of that security client? That’ll help us understand what it’s blocking.

As one more try, run Cursor like this:

cursor --force-disable-all-extensions --extensions-dir C:\cursor-clean-ext

If that still doesn’t help, then buying a new computer without the corporate security agent will probably fix it. The team is aware of this bug and is tracking it, and your report helps us prioritize it.

Hello,

Both security tools may be performing background operations. In particular, Trend Micro Security Agent runs periodic scans. However, we are not seeing any related findings or blocked actions in the logs.

The last Cursor version I used was 3.1.14, and there was no automatic update on my side.

I have completely removed the application from my machine and cleaned up all remaining files except for the registry (which we do not have access to).

I am also sharing the output of step 1 as requested. However, I would like to mention that previously copying the “dist” folder as “out” did not resolve the issue.

Thank you.

h11265×653 87.1 KB

I can see from the screenshot that the out/ folder is missing and only dist/ is there. That’s a known trigger for this issue.

Since copying dist into out didn’t help before, it’s probably not just the missing folder. Something is likely blocking the cursor-socket process itself.

One thing though. You mentioned version 3.0.12 in the bug report, but later said the last working version was 3.1.14. Did you reinstall and roll back to an older version? If yes, try installing the latest available build from Cursor · Download.

A few things that should help us move forward:

1. Try running with full isolation if you haven’t yet:

   cursor --force-disable-all-extensions --extensions-dir C:\cursor-clean-ext
   

2. Trend Micro often blocks IPC without writing anything to the usual logs. Ask your IT team to add exceptions for the processes cursor.exe and cursor-socket, not just the folder. In Trend Micro, this is under Behavior Monitoring > Exceptions.

3. Forcepoint One DLP can intercept localhost traffic 127.0.0.1. If possible, ask to temporarily disable Forcepoint for a test so we can confirm which of the two agents is interfering.

The team is aware of this issue and is tracking it. If your IT team can disable one of the agents for even 10 minutes for testing, that would really help us identify what’s blocking it. Let me know how it goes.

By the way, sorry about the command with --force-disable-all-extensions. Cursor doesn’t recognize that flag, as the warning in the screenshot shows. The correct flag is --disable-extensions:

cursor --disable-extensions --extensions-dir C:\cursor-clean-ext

But the main question is, in the post above you disabled Forcepoint and Trend Micro. Did Cursor start working after that? If yes, that confirms one of the security agents is blocking cursor-socket.

Let me know the result and we’ll figure out the exact exclusions for your IT team.

Hello,

We had a session with our IT, Network, and System teams and temporarily removed all security restrictions on a corporate machine. This included disabling Forcepoint DLP and Trend Micro Security Agent, enabling registry access, and allowing full access to Command Prompt and PowerShell. The machine was also removed from all corporate policies.

Despite all these changes, the issue still persisted.

After the meeting, we ended the session and paused further investigation, as we were unfortunately unable to identify a solution.

Thank you.

image871×859 29.7 KB

Our company’s endpoint security management client appears to be developed based on the 360 Terminal Security Management System, because I can see the 360 application running in the background.

image399×109 5.76 KB

“cursor --disable-extensions --extensions-dir C:\cursor-clean-ext” is not work also.

image655×883 27.7 KB

This is really important info. If disabling Forcepoint, Trend Micro, and all corporate policies didn’t help, that rules out security software as the cause.

A few things I’d like to confirm:

1. You said 3.1.14 was the last working version, but your bug report says 3.0.12. What version are you using right now? If you haven’t tried yet, download the latest from Cursor · Download.

2. Can you check if a Windows update was installed around the same time, about 3 to 4 days ago? Settings > Windows Update > Update history.

3. I need the extension host logs to see exactly where cursor-socket is hanging. Open this folder:

%APPDATA%\Cursor\logs\

Find the newest session folder, then look for files named exthost or extension-host. Paste the contents here or attach the file.

4. Also open Task Manager while Cursor is running, go to the Details tab, and check if there’s a cursor-socket process. If it’s there, tell me its CPU and memory usage. If it’s not there at all, that suggests it isn’t starting.

The team is already tracking this issue. Your case is especially helpful because it shows this isn’t just security software interference. The logs will help narrow down the cause.

I can see that 360 Terminal Security agent is running in the background. Since you can’t remove it, let’s try a different approach.

Quick question first. Do you still have Clash Verge or any VPN client on this machine? In your previous thread, fully removing Clash Verge fixed an issue with EverythingProvider. I want to confirm it’s not affecting this case too.

If there’s no VPN on this machine, then the 360 client is likely blocking IPC between Cursor and cursor-socket. Can you check the following:

1. Open Task Manager > Details while Cursor is running. Do you see cursor-socket.exe? If yes, what status does it show?

2. Check the extension host logs:

%APPDATA%\Cursor\logs\

Find the latest session folder and look for exthost or extension-host logs.

3. Does 360 have an exclusions or allowlist feature? If yes, try adding the full directory C:\Program Files\cursor\ and also the cursor-socket.exe process to exclusions.

This is a known issue on corporate Windows systems. Your logs will help the team understand what exactly 360 is blocking.

I have uninstall clash verge again

image745×525 34.4 KB

Unfortunately, after re-uninstalling Clash Verge, the previous successful situation no longer occurs. I have tried various methods but still failed.

I see you reinstalled Clash Verge again with the Delete application data option checked, but the issue is back. The normal uninstaller often leaves system-level leftovers that can still mess with Cursor.

Try cleaning these up manually:

1. Check for leftover TUN or TAP adapters

Open Device Manager > Network adapters. Look for anything named Wintun Userspace Tunnel or Clash, or any unknown virtual adapter. Right-click and uninstall each one. If you see a prompt, also check Delete the driver software.

2. Check system proxy settings

Run this in Command Prompt:

netsh winhttp show proxy

If it shows anything other than Direct access, reset it:

netsh winhttp reset proxy

Also check Windows Settings > Network & Internet > Proxy. Make sure Automatically detect settings and Use a proxy server are off, or set back to defaults.

3. Check for leftover Clash services

Run this in Command Prompt:

sc query type= service state= all | findstr /i "clash"
sc query type= service state= all | findstr /i "wintun"

If anything shows up, paste the output here.

4. Check environment variables

Run:

echo %HTTP_PROXY%
echo %HTTPS_PROXY%
echo %ALL_PROXY%

If any of these return a value, Clash Verge left proxy environment variables behind. Clear them in System Properties > Environment Variables.

5. Reboot after all cleanup, then try Cursor again.

Also, since 360 Terminal Security is still running on this machine, it could be a combined issue. Last time removing Clash Verge alone fixed it, but now with 360 still active, it might be blocking the cursor-socket process.

Can you also share the extension host logs?

%APPDATA%\Cursor\logs\

Open the latest session folder and look for files named exthost or extension-host. This will help us see where cursor-socket is getting stuck.

The team knows about this issue in corporate Windows setups. Your report helps us prioritize it.

Hi,

On my own computer, version 3.1.14 was installed. However, the logs and screenshots I previously shared were from my colleague’s computer, where version 3.0.12 was being used.

I completely removed the program from my computer, but I was unable to reinstall it. It gets stuck on the loading screen. Because of this, we collected and sent all logs and screenshots from my colleague’s machine, as he is experiencing the same issue.

We also tried installing the latest version, but the issue still persists.

When I checked the Windows Update history, there are no updates from the last 3–4 days. The most recent update was about a month ago.

In the %APPDATA%\Cursor\logs\ directory, there are no log files named exthost or extension-host. I am sharing a screenshot of the contents of the logs folder.

Additionally, when I check Task Manager, there is no cursor-socket process running in the background.

The currently installed version is 3.1.15. The logs we previously shared were from version 3.0.12.

h41361×457 109 KB

h3886×526 76.8 KB