VirtualProtect

Discussion in 'sandboxing & virtualization' started by Kees1958, Jul 7, 2009.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,890
    Location:
    Canada
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No posted on download.com in 2008
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,890
    Location:
    Canada
    ah i see i check this one we never know maybe something good come out of it:D and maybe for free:thumb: is it free?thanks kees
     
  5. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    VirtualProtect :) Not really good position from the point of view of naming.
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,890
    Location:
    Canada
    it doesnt look complete:D
     
  7. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Tried to DL it, no go.

    Quite frankly, if it was da bom i think we would have heard more about it by now. I'm guessing it's unfinished, so probably not wise to rely on it.
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    :thumb: virtual protection as in not real protection :argh:
     
  9. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    Actually, Virtual Protect is VERY similar to Returnil or those in that category. And it's very light as well (between 250-415 Kbytes). From what I can tell so far it has one process running (btrsmtsv.exe) in Task Manager. You have to reboot when you engage or disengage it. I'm going to do a few things with here shortly like install an application or two and see if they're gone on a reboot.

    Later...
     
  10. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Trespasser

    Looking forward to that. If you have imaging etc, would you like some Malware to test it with ? let me know and i'll send you some, offsite of course !
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Trespasser,

    I'll endorse that, thanks in advance.

    Regards

    Kees
     
  12. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    Thanks for the offer StevieO but I'm too much of a weenie to try anything like that. I'll leave that to the more adventurous souls...like you, or Kees, or Rmus for sure.

    It erased the few applications I installed while it was activated. So far so good. BTW, under the Tools heading there's a password listing...whatever you do don't click on it unless you intend to enter a password. I clicked on it just to have a look at it but from that point on whenever I tried to access the GUI it requested a password even though I hadn't entered one. Had to uninstall then reinstall it just to get back to square one.

    Later...
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thanks for trying anyway, appreciate that :thumb:

    How did it feel performance wise, any delay starting up browsers, booting?
     
  14. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    Not that I could tell. Seems to run quite smooth.

    Later...
     
    Last edited: Jul 8, 2009
  15. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
  16. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    This version (if it is VirtualProtect) had two hits at VirusTotal by both McAfee and AntiVir as a TR/Dropper.Gen. The 1.62 version showed up as clean.

    I sent the creator an email yesterday evening asking if there's a more recent version available. Think I'll wait until I hear from him/her.

    Later....
     
  17. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
    I'm chatting with the developer on QQ. He states that there's no viruses in his program. So, its a false positive. Also, an English version should be out soon.
     
  18. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    I'm sure that's the case...but to be on the safe side I sent vp20n9.rar off to Avira to be analyzed as a possible false-positive. :).

    Actually I tried vp20n9 today before I re-imaged. It appears a bit more complex than version 1.62 but I couldn't make heads or tails of it since the text is in Chinese.

    BTW, I have two hard drives in my computer...VirtualProtect 1.62 offers to virtualize both or either one.

    Later...
     
  19. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    Here's the results from Avira concerning VirtualProtect's latest (vp20n9.rar)...

    ************************
    We received the following archive files:
    File ID Filename Size (Byte) Result
    25394117 vp20n9.rar 179.71 KB OK

    A listing of files contained inside archives alongside their results can be found below:
    File ID Filename Size (Byte) Result
    25394118 vp20n9.exe 540 KB FALSE POSITIVE


    Please find a detailed report concerning each individual sample below:
    Filename Result
    vp20n9.exe FALSE POSITIVE

    The file 'vp20n9.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
    **********************************

    So I guess it's safe to use.

    Later.....
     
  20. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
  21. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thanks a lot :thumb:

    It says demo, is it a demo or a full functioning application?

    regards Kees
     
  23. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,202
    Location:
    Virginia - Appalachian Mtns
    I noticed on the version offered by Zero3K there's a section to register this copy by adding a serial number. That would suggest VirtualProtect will eventually become a paid version. Too bad.

    I do have to admit though that Ram usage is very low. After running for a while btrsmtsv.exe settles down to around 215 Kilobytes on my system. About a third that of Returnil. But I still prefer Returnil.

    Later...
     
  24. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
    Kees1958: I think its a fully functioning application.

    Trespasser: I think that's if you were to use it in a business setting.

    I'll ask the developer those two questions both of you gave me when he comes online ( he's on QQ with the user ID of 10408138 ).
     
  25. Zero3K

    Zero3K Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    361
    Location:
    Louisville, KY
    Trespasser: Why do you still prefer Returnil?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.