I understand that Cryptowall now detects sandboxing, by detecting certain Sandboxie dll processes (SbieDll.dll)?
Would it be possible to allow for anonymizing of program names/processes in some way? If switched on, Sandboxie automatically changes the names of its processes and/or file names?
Hidden Sandboxie
-
- Sandboxie Support
- Posts: 3523
- Joined: Thu Jun 18, 2015 3:00 pm
- Location: DC Metro Area
- Contact:
Re: Hidden Sandboxie
It's been talked about in the past, the creator of SBIE said it wasn't worth it. And it can still be detected. You can read the posts here.... http://forums.sandboxie.com/phpBB3/view ... dll#p32059 And maybe get some hints on what other users attempted to do?
Re: Hidden Sandboxie
Thank you, Craig.
I hadn't seen that, it having gone back quite a few years. Reference was made to "LOG_API.dll" that had been developed to deal with this issue (to the extent it can be realistically dealt with). Does anyone still use this, does it work with current version?
I hadn't seen that, it having gone back quite a few years. Reference was made to "LOG_API.dll" that had been developed to deal with this issue (to the extent it can be realistically dealt with). Does anyone still use this, does it work with current version?
Who is online
Users browsing this forum: No registered users and 0 guests