Intercept a process that loads a dll?

If it's not about a problem in the program
Post Reply
HikariWS
Posts: 49
Joined: Wed May 02, 2012 12:35 am

Intercept a process that loads a dll?

Post by HikariWS » Thu Feb 28, 2019 6:23 pm

Hello!

A few weeks ago I found out about Redshell and BuffPanel scandals. They are spywares that have been being installed by game publishers when their games are run, and they silently grab user behaviors data and send to their servers for marketing purposes. Many times it's done without warning the user, many times it starts only after users have already bought their games. There's no opt-in and up till now all we can do is find out domains that are used by these spywares and block them.

https://steamcommunity.com/app/366910/d ... 300190771/ and https://steamcommunity.com/app/366910/d ... 433716942/ had some debate about the matter and are now blocked from new posts, and https://steamcommunity.com/groups/steam ... 544219957/ has a list of known domains, games and publishers, and also says that redshell.dll is used.

So, of course I wanna use my loved Sandboxie to help me get protected from these spywares!

If I find out some .exe they use, I'll set it to be forced to be sandboxed. But I don't believe a dll can be sandboxed or at least intercepted by Sandboxie when loaded by a process. Do you have any idea on what can be done?

Special
Posts: 77
Joined: Sat Jun 22, 2013 5:07 pm

Re: Intercept a process that loads a dll?

Post by Special » Fri Mar 01, 2019 9:51 am

Even if you could, that data is still going to be sent to their servers, sandboxed or not, just block the connection with your firewall, or a host file.

Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests