Well, not really. If you intercept the correct WinAPI before encryption you can still inspect and redirect it. Pretty much what you're doing in your DLL. Although I doubt that they would use raw sockets to implement TLS.

PS. I'd test your project but I need to install VS 2015. Why not use an earlier version of VS?

PS2. And good point that someone brought up above -- can you start a separate thread for this discussion and post a link here?


BTW. Don't use this NoFee executable. I reversed it, and the reason the author doesn't want to release the source code is because he is not upfront about what he's doing in it. Main reason is that he diverts the dev fee from Claymore to your wallet 9 out of 10 times. And then 1 out of 10 times he diverts it into his own wallet. @Millenium Falcon how about mentioning that, buddy?