Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
Report this post
Your anti virus losing its mind is the problem
It seems you don't have a problem playing any games that are recording your keystrokes, accessing your documents or music folder, or injecting malicious processes in your RAM, or having cryptomining codes in the executable (so as you play game, your GPU is maybe used to mine some cryptocurrencies) etc. If you enjoy, then goodluck!
But yes, although I trust Steam, Steam is not an Antivirus to guarantee eliminating and filtering threats for us, if some developers decided to go rogue. As a result, I believe we can do our own precautions, so I wanted to try this method. Do you think I was wrong?
If you can identify such a game on Steam, I'm sure a lot of people would like to hear about it.
I can give names directly (if somebody from Valve asks), and I prefer not to share publicly (as this is a commercial matter for companies, I don't have energy for lawsuits.).
I even had reported some to Steam in my reasons for asking refunds in the past.
But you can also find by yourself, simply scan executable of games before you play them. Many are good and safe, but some are really unsafe.
When you scan a file on Virustotal, usually "Detection" tab is shown by default. After the scan is complete, open tab: "Behavior" (Most scan reports show it, rarely not shown).
There, check "MITRE ATT&CK Tactics and Techniques" section which you can see behaviors of these executables. I was very surprised to see Cryptocurrency Mining vectors in several of them too (Surely there are a lot of good & safe free games made with pure gaming reasons. But I suggest scanning free games firstly for this).
And check section on the below "Crowdsourced Sigma Rules" which some special oddities are listed about the scanned exe. Then, seeing processes on the below sections are giving additional insights such as how a file interacts with other dependencies, including what files were opened, written, and deleted, as well as registry actions.
All I shared here are my opinion. I have my own reasons to be skeptical or even practice paranoia, because I value the computer I play my games and do my jobs in it. And I trust nobody digitally, so it is best practising our own precautions. So I believe making use of Windows Sandbox with Steam can be really very helpful in the long term.
I didn't come here to criticize Steam for not taking action for my earlier reports. I respect they do a business, and they are not an Antivirus authority to eliminate risks. So we as consumers must take our own precautions at this point.
So here I came to look for an answer, how to setup my Steam library in Steam run at Windows Sandbox.
Also check "Behavior" tab and sections below it. Sometimes, "Detection" tab shows fully clean, but Behaviors of the exe look suspicious after sandbox reports (A lot of IP traffic, recording your keystrokes, memory injection, and other red flags, and so on).
And sometimes I don't blame developers for suspicious activities too (I wrote to various developers already too). Many use third-party engines and other compilers to build their game, and maybe sometimes a plugin they use taint their game. (For instance, there are different game executables from the same Unity (or Unreal) engine, one of them has strange behaviors and other is completely clean and innocent.)
So there are surely different parameters that may have influence on this, it is difficult to put the blame on anyone. So making use of this Windows Sandbox feature looks like a great alternative to me right now.
Playing the game in an isolated environment, then as you close the sandbox, any suspicious changes made in your system are rendered to be ineffective.
No clue how is the sandboxing system under w10+ as never tested/used it but i can talk you about one sandboxing tool i use under w7 in order to keep one instance of steam uptodate while using an old steam release as my main.
When i need to run my sandboxed new steam , i just right click on the steam icon on my screen and select "use it under a sandbox" , nothing easier.
if i need to update the sandboxed client, i have to made some little change on some steam files on the current one , like changing name of the steam.cfg else it won't update if some new release are pushed
Hi! It looks like really a nice and easy way to use Steam inside Sandbox. I have a clue which program you are using for that. I am on a new system, I didn't download it to not bloat my OS as Windows Sandbox already looked handy to me, but according to what you tell, it seems it really worths trying.
Thanks for sharing your experience!
https://sandboxie-plus.com/
it's useless if you are using w10 pro or any w10+ pro
There is "sandboxie-plus" for Win11, I found that it is recently updated. But for some reason, I won't be using it, which I saw some accusations if Sandboxie is running some Cryptomining software in GPU (found by unnecessary use of GPU). So I downloaded to give Qemu a try, still couldn't check yet.
(Below instructions are for those who can run and use Windows Sandbox):
1-Make sure steam installation folder and Steam library are in same partition (C or D or whatever drive) and under same folder that you will use as path.
2- On the below code, paste your Path to [PATH]. Path is like: "C:\Program Files (x86)\Steam" (without " ").
<Configuration>
<MappedFolders>
<MappedFolder>
<HostFolder>[PATH]</HostFolder>
<ReadOnly>false</ReadOnly>
</MappedFolder>
</MappedFolders>
</Configuration>
3-Copy & Paste the above Code to Notepad and save it with .wsb extention.
4-Run the Sandbox by clicking on this .wsb file. As the Sandbox opens, enter the folder you see on your Desktop. (Possibly with name "Steam" folder)
5-Run Steam exe & Play your games.
Note: I see that still some of the games may refuse to get played because of asking DirectX or .Net installation requirements. But I am able to run many games without problem now.
After playing, you may Save your game. Usually save folder is inside one of the folders in:
C:\Users\WDAGUtilityAccount\AppData
So you need to manually manage your Saving and Loading for each Sandbox session (Everytime you need to play your previous saves, make sure to backup your save folder outside Sandbox. Then, you paste it to Sandbox in Save position everytime you start Sandbox, because Sandbox will be in empty state.)