VirtualProtect

Discussion in 'sandboxing & virtualization' started by Kees1958, Jul 7, 2009.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No posted on download.com in 2008
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    ah i see i check this one we never know maybe something good come out of it:D and maybe for free:thumb: is it free?thanks kees
     
  5. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    VirtualProtect :) Not really good position from the point of view of naming.
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    it doesnt look complete:D
     
  7. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Tried to DL it, no go.

    Quite frankly, if it was da bom i think we would have heard more about it by now. I'm guessing it's unfinished, so probably not wise to rely on it.
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    :thumb: virtual protection as in not real protection :argh:
     
  9. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Actually, Virtual Protect is VERY similar to Returnil or those in that category. And it's very light as well (between 250-415 Kbytes). From what I can tell so far it has one process running (btrsmtsv.exe) in Task Manager. You have to reboot when you engage or disengage it. I'm going to do a few things with here shortly like install an application or two and see if they're gone on a reboot.

    Later...
     
  10. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Trespasser

    Looking forward to that. If you have imaging etc, would you like some Malware to test it with ? let me know and i'll send you some, offsite of course !
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Trespasser,

    I'll endorse that, thanks in advance.

    Regards

    Kees
     
  12. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Thanks for the offer StevieO but I'm too much of a weenie to try anything like that. I'll leave that to the more adventurous souls...like you, or Kees, or Rmus for sure.

    It erased the few applications I installed while it was activated. So far so good. BTW, under the Tools heading there's a password listing...whatever you do don't click on it unless you intend to enter a password. I clicked on it just to have a look at it but from that point on whenever I tried to access the GUI it requested a password even though I hadn't entered one. Had to uninstall then reinstall it just to get back to square one.

    Later...
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thanks for trying anyway, appreciate that :thumb:

    How did it feel performance wise, any delay starting up browsers, booting?
     
  14. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Not that I could tell. Seems to run quite smooth.

    Later...
     
    Last edited: Jul 8, 2009
  15. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
  16. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    This version (if it is VirtualProtect) had two hits at VirusTotal by both McAfee and AntiVir as a TR/Dropper.Gen. The 1.62 version showed up as clean.

    I sent the creator an email yesterday evening asking if there's a more recent version available. Think I'll wait until I hear from him/her.

    Later....
     
  17. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
    I'm chatting with the developer on QQ. He states that there's no viruses in his program. So, its a false positive. Also, an English version should be out soon.
     
  18. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    I'm sure that's the case...but to be on the safe side I sent vp20n9.rar off to Avira to be analyzed as a possible false-positive. :).

    Actually I tried vp20n9 today before I re-imaged. It appears a bit more complex than version 1.62 but I couldn't make heads or tails of it since the text is in Chinese.

    BTW, I have two hard drives in my computer...VirtualProtect 1.62 offers to virtualize both or either one.

    Later...
     
  19. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Here's the results from Avira concerning VirtualProtect's latest (vp20n9.rar)...

    ************************
    We received the following archive files:
    File ID Filename Size (Byte) Result
    25394117 vp20n9.rar 179.71 KB OK

    A listing of files contained inside archives alongside their results can be found below:
    File ID Filename Size (Byte) Result
    25394118 vp20n9.exe 540 KB FALSE POSITIVE


    Please find a detailed report concerning each individual sample below:
    Filename Result
    vp20n9.exe FALSE POSITIVE

    The file 'vp20n9.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
    **********************************

    So I guess it's safe to use.

    Later.....
     
  20. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
  21. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thanks a lot :thumb:

    It says demo, is it a demo or a full functioning application?

    regards Kees
     
  23. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    I noticed on the version offered by Zero3K there's a section to register this copy by adding a serial number. That would suggest VirtualProtect will eventually become a paid version. Too bad.

    I do have to admit though that Ram usage is very low. After running for a while btrsmtsv.exe settles down to around 215 Kilobytes on my system. About a third that of Returnil. But I still prefer Returnil.

    Later...
     
  24. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
    Kees1958: I think its a fully functioning application.

    Trespasser: I think that's if you were to use it in a business setting.

    I'll ask the developer those two questions both of you gave me when he comes online ( he's on QQ with the user ID of 10408138 ).
     
  25. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    340
    Trespasser: Why do you still prefer Returnil?
     
Thread Status:
Not open for further replies.