Hi, I want to play one private server of a dead MMO and I don't trust some randoms from the internet, especially when said server is free-to-play and not pay-to-win, which is suspicious (how the hell they're maintaining it?). Unfortunately virustotal believes the game launcher may contain a trojan, which may be a false positive or not. I already played it in the past, but then decided to format all my drives and reinstall Windows from scratch and then changed any passwords I used after I installed the game, just to be safe.
So before that, before Windows reinstall, at first I tried to launch in under Sandboxie Plus for safety reasons, but it failed - the game launcher ran successfuly, but the game itself simply silently crashed without any errors. Launching it normally, however, resulted in launcher asking for permission to perform changes to the device, and if clicked no - nothing happened, while clicking yes resulted in successful game launch, so I played it, until I decided that it's too risky, since I also use this PC for other things, where I need to input e-mails, logins and passwords.
In other words: the game refuses to launch under Sandboxie and changes something every time it's launched.
Virustotal link:
Cuckoo Sandbox link:
So I have a few questions:
1) Is there a way to trick the game into thinking that it's not inside a sandbox or is there a way to somehow make copies of "Windows", "Program Files", "Program Files (x86)" and "Users" folders, as well as make a snapshot of processes, before launching the game, and after I played it - just revert everything? Or may be there are better ways of doing it? Basically create an alternative to a sandboxed environment without actually being a sandboxed environment by cancelling any changes to the system once I'm done playing?
2) How the process even detects the sandbox?
3) How to know what exactly changes the .exe wants to do to the system? How to know what files it writes into, what processes it starts, and detect any registry changes?
4) If I install 2 Windowses, 1 for the game and 2 for everything else, and one may be gets infected with a trojan, will 2nd Windows be safe? Can these 2 Windowses share the same drive or they must be in separate ones?
So before that, before Windows reinstall, at first I tried to launch in under Sandboxie Plus for safety reasons, but it failed - the game launcher ran successfuly, but the game itself simply silently crashed without any errors. Launching it normally, however, resulted in launcher asking for permission to perform changes to the device, and if clicked no - nothing happened, while clicking yes resulted in successful game launch, so I played it, until I decided that it's too risky, since I also use this PC for other things, where I need to input e-mails, logins and passwords.
In other words: the game refuses to launch under Sandboxie and changes something every time it's launched.
Virustotal link:
Cuckoo Sandbox link:
So I have a few questions:
1) Is there a way to trick the game into thinking that it's not inside a sandbox or is there a way to somehow make copies of "Windows", "Program Files", "Program Files (x86)" and "Users" folders, as well as make a snapshot of processes, before launching the game, and after I played it - just revert everything? Or may be there are better ways of doing it? Basically create an alternative to a sandboxed environment without actually being a sandboxed environment by cancelling any changes to the system once I'm done playing?
2) How the process even detects the sandbox?
3) How to know what exactly changes the .exe wants to do to the system? How to know what files it writes into, what processes it starts, and detect any registry changes?
4) If I install 2 Windowses, 1 for the game and 2 for everything else, and one may be gets infected with a trojan, will 2nd Windows be safe? Can these 2 Windowses share the same drive or they must be in separate ones?
