Skip to content

vmProtect 7 Folder Exclusion

vmProtect 7 supports folder exclusion which comes in handy when your VM’s are pretty big in terms of file size.
The handbook states that you simply name the folder to exclude and append a backslash, e.g. C:\Users\ which should exclude the Windows Users folder. When I tried this and checked the contents of the TIB file I saw that all excluded folders were still present.
So what went wrong?

Before going into details of the solution it is noteworthy that vmProtect comes in two flavors. Version 1 is a Windows agent which will be installed on a Windows machine, the other version is a virtual appliance which is installed on one of your ESXi hosts. The latter is a Linux machine which accesses the VMs filesystem via SAMBA.

While examining the contents of the TIB file I realized that the root partition was addressed with D:\ instead of C:\. C:\ on the other hand hosted two folders: Boot and System Restore. The partition recognized as C:\ is actually a Windows 7 and Windows 2008 special partition  of ~100MB which hosts the bootloader. The main reason behind this is the need for an external bootloader for encrypted filesystems. With Bitlocker you can encrypt entire partitions, even your root partition but in that case you need a small unencrypted partition which helps you to boot into Windows. This partition is not always created. Further details about the system restore partition and when it is created can be found here.

So, for every Windows VM that has a system restore partition you need to change the drive letter when defining exclusion folders. So instead of C:\Users\ you need to state D:\Users\.

 

P.S.: The virtual appliance of vmProtect 6 had issues with backslashes so you had to define your exclusion folders with slashes, e.g. C:/Users/. Apparently that issue has been addressed with vmProtect 7 but I still use the forward slashes when I define exclusion folders and it works.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*