Time Freezer v1.0 bypass test

View previous topic View next topic Go down

Time Freezer v1.0 bypass test

Post by Singlemature on 5/5/2010, 13:51

On Apr. 7th 2010,a guy with id=Username from bbs.kafan.cn tested Time Freezer v1.0 with several viruses which made for bypassing rollback software.
And here's the result:
protect successfully SysAnti
protect successfully Gohst's Shadow
protect failure I am virus
protect failure WYH Disk killer
protect failure passallpt
protect failure Pig head 3
protect failure BOOTICE



BOOTICE is MBR modify tool not a virus

Attention do not run these virus in real system.

here's the viruses used in the test,you guys could try it on your own.

Code:

hxxp://dl.dropbox.com/u/5748985/rollback%20killers.rar
Warning:These are really active and dangerous viruses,please don't spread them or run them casually.


And BTW Shadow Defender can defend all these breaching.

Singlemature
Valued Member
Valued Member

Posts : 31
Join date : 2010-04-22

View user profile

Back to top Go down

Re: Time Freezer v1.0 bypass test

Post by ssj100 on 5/5/2010, 14:01

Thanks mature. I'll look forward to testing them out at some stage.

And sounds like I'll be sticking with Shadow Defender for the forseeable future! Time Freeze was fun to play with in the VM anyway, and if they keep developing and improving, they will do well.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Time Freezer v1.0 bypass test

Post by ssj100 on 5/5/2010, 15:07

Not exactly sure how to test some of them (some are in Chinese), but Time Freezer is able to pass "BOOTICE" if you enable "Protect the boot sector of the primary hard drive when protection is enabled".

But I confirm that Time Freeze fails "WYH Disk killer", while Shadow Defender passes. Well done Shadow Defender!

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Time Freezer v1.0 bypass test

Post by Buster_BSA on 22/7/2010, 00:33

As we could see here:

http://www.wilderssecurity.com/showthread.php?t=276210

most rollback software fails to do its job with certain malwares.

Conclusion: rollback software can be good for preventing user changes in environments like schools, public libraries, etc, but it can not be used as the only one system protection.
avatar
Buster_BSA
Member
Member

Posts : 87
Join date : 2010-07-21

View user profile

Back to top Go down

Re: Time Freezer v1.0 bypass test

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum