New Update VoodooShield CyberLock 7.0

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
@danb Re 7.65 Windows Sandbox & email -- pretend I am thick as a brick, it's easy, just ask my wife...
Went to UI Tweaks and enabled email feature (on my hardware win10 & Edge is default browser). I do NOT have (have not had) an email client for many months..., I read email from browser & leave email on the mail server. I open an email from coffee roaster who wants to sell me coffee that he did not sell before christmas. ok, in that email there is a link "Shop >>" opens a link which is initially blocked by ubo extension until I click "proceed" -- I click proceed, and the buy coffee page opens. Q? where does CL email fit into this, I am NOT seeing it, but concept is great (& why I open my email in VM see below)

Same situation as above, but this time I'm running VMware win10_vm -- does or, how does, Windows Sandbox work in VMware VM along with email feature. Perhaps unnecessary, so just asking.
Great christmas present, THANKS! :D
 
Last edited:

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
PS to above: on hardware win10, I did an Explorer right click CL scan, CL determined "safe" but I selected Sandbox anyway, and the Windows Sandbox opened immediately and ran the clicked exe in the Windows Sandbox. Very nice, very slick. But Question: is the Windows Sandbox running default MS Defender? Windows Security says Antivirus No providers, but the Windows firewall is running in the Windows Sandbox.
 
  • Like
Reactions: danb and Oldie1950

Acadia

Level 2
Sep 25, 2020
66
Dan, one thing that I do not understand. Did Microsoft change the Windows Sandbox so that it no longer needs to create the extra partition? Or did you work some more of your magic? ;)
Acadia
 
  • Like
Reactions: simmerskool

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
Does this work with web mail or email clients only? 🤔
so CL email feature seems not to be working with webmail viewed on Edge. But I can open the CL browser on hardware win10 which opens a browser in Windows Sandbox but I have no way, or no good way, to input my credentials to open webmail in WinSandbox. Also so far item 3 CL browser will NOT open a Windows Sandbox in a VMware virtual machine, but I was not expecting it to.
These seem like great features and I do expect they'll get refined.
 
F

ForgottenSeer 100397

Dan, one thing that I do not understand. Did Microsoft change the Windows Sandbox so that it no longer needs to create the extra partition? Or did you work some more of your magic? ;)
Acadia
Enabling and using Windows Sandbox did not create an extra partition under This PC or Disk Management.

I haven't installed CL 7.65, but I won't use Windows Sandbox because it takes 15-20 seconds for it to open and stabilize on my HDD system. The changes I made to the OS settings in WS didn't stay as I expected.
 
Last edited by a moderator:
  • Wow
Reactions: simmerskool

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
Enabling and using Windows Sandbox did not create an extra partition under This PC or Disk Management.

I haven't installed CL 7.65, but I won't use Windows Sandbox because it takes 15-20 seconds for it to open and stabilize on my HDD system. The changes I made to the OS settings didn't stay as I expected.
my win10 c:\ is ssd -- Windows Sandbox is loading briskly enough (for me) that I didn't even think to time it -- I did just time it, and it opened 12.5 seconds. Does not seem unreasonable to me... This hardware is strong but aging, so not the fastest cpu here.
@danb But mini-bug, after putting CL Safe Browser.exe link on desktop, I opened it, then pinned it to the taskbar. Then closed Windows Sandbox. When I tried to open CL Safe Browser from taskbar with one-click, it did not open?? but it does open with 2 clicks from desktop. Minor, but curious to me.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
@danb is MS Defender merely disabled in Window Sandbox? if so, looks like user can download and install Defender from MS Store. Any point to doing this since all the user needs to do is exit the WinSandbox to clear the pc... :unsure: I suppose with Defender running user would see its detection alerts. Or perhaps just add security extension(s) to browser... :unsure: Or download a file, upload it to VT...
Sidenote: on my win10, I hardly see any performance impact running WinSandbox, and I am also running VMware win10_VM at the same time. Resource usage seems minimal here.
 
  • Like
Reactions: Oldie1950

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
UPDATE: I open CL Safe Browser which opens in Windows Sandbox, downloaded and installed keepass to store the login info for a webmail I'm using and so now I "easily" check email in WinSandbox browser and any clicked links open in the sandbox. so ok :) sure if I close the sandbox, then I have to redo keepass again, but I often keep windows open for days+++ anyway, unless something requires a forced reboot. so playing with this. Meanwhile I do have VMware VM running and visible on 2d monitor.
@danb how SECURE is the Windows Sandbox?

Edit: update see link for short discussion with comments re Windows Sandbox security
 
Last edited:

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
Update CL Safe Browser (Windows Sandbox) I have a 3d-party antivirus registered on hardware win10, so MS Defender is not only not running in sandbox, the normal "virus & threat protection" option is not even listed. So the obvious solution to sandbox security: install CyberLock, but on Sandbox_CL the UI Tweaks Enable Sandbox button is OFF, as is "Launch email client links..." I do have WhitelistCloud enabled and WLC scan duration 0.00 seconds (or that's what it says!) Best christmas present (other than all the kiddos are home this year :D)
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
I am very average user when it comes to networks. I do have Proton vpn on win10. I connected win10 Proton vpn to Dallas and did a dns leak test at
the ip address for Dallas vpn does match in both win10 and in WinSandbox, but dns does NOT match. In sandbox it shows 3 servers: 2 in Sweden and 1 in Dallas with 3 different ISP...:unsure:
On win10 it shows 4 dns but all in Dallas with ip addresses that are more or less consecutive.

UPDATE with Proton vpn NOT connected the dns leak test shows identical for both win10 & its sandbox with 1 dns server.
 
Last edited:

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
@danb installing & running CL in Windows Sandbox, CL seems not have a desktop shield...:unsure:
and WLC is set to perform a scan every 5 minutes (last scan duration 0.13 seconds) BUT WLC is NOT scanning every 5 minutes as if NOT auto-scanning, but I can make it manually scan...
 
Last edited:
  • Like
Reactions: Oldie1950

Acadia

Level 2
Sep 25, 2020
66
Enabling and using Windows Sandbox did not create an extra partition under This PC or Disk Management.
I read somewhere that for some people, the extra partition will not always show up in Disk Management, but it is still there. I will try to re-find that article.
Acadia
 

Acadia

Level 2
Sep 25, 2020
66
Ok, I found this: From what it appears, the PortableBaseLayer drive is not supposed to be displayed in the Disk Management or Optimize Drives listing. And, in the Windows Insider build 18912, some users have reported that the drive is not listed in Disk Management.

found here: What is PortableBaseLayer Partition in Windows 10 Disk Management

But this is not the article that I am searching for, still looking ...
Acadia
 
  • Like
Reactions: Zartarra

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
@danb Any chance to get the fp fixed?
c5e8b40ddc8a4d143903362bf0842913b16ecb001683396927056e4345ea56be
e0b6bf0db15d97d022ba527f6b98e8820a5a12721c4ed2d671d4a7b78e33b840
Legit bought game. CL has signature problems with it while VT says it's valid.
Thank you for letting me know. This would typically mean that the publisher has not been added to the CyberLock trusted vendor list, but I double checked and that vendor has been added, so it is hard to say for sure. I was unable to find the files, so when you get a chance can you please send them to support at cyberlock.global, and I will take a look.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
PS to above: on hardware win10, I did an Explorer right click CL scan, CL determined "safe" but I selected Sandbox anyway, and the Windows Sandbox opened immediately and ran the clicked exe in the Windows Sandbox. Very nice, very slick. But Question: is the Windows Sandbox running default MS Defender? Windows Security says Antivirus No providers, but the Windows firewall is running in the Windows Sandbox.
I do not think Windows Sandbox has Microsoft Defender installed, probably because it does not need it and would just slow it down. It probably does not need any kind of AV. BTW, for now CyberLock and DefenderUI do not work in Windows Sandbox, there is a small bug between the gui and the service. It should be something simple and I will find a fix for it soon. Even after they are fixed, CyberLock should work fine in Windows Sandbox, but DefenderUI probably will not because I do not think Microsoft Defender is active in Windows Sandbox.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top