G25r8cer
Active Member
Has any pro or mod here heard of Deep Freeze? It supposidly freezes your whole system and stops virus's.
http://www.faronics.com/html/deepfreeze.asp
http://www.faronics.com/html/deepfreeze.asp
Has anyone heard of this?
- Thread starter G25r8cer
- Start date
Yes I am very familiar with Deepfreeze. It makes an image of your system and freezes it. You can use it but anything you do is transparent. You can maul your OS, delete anything you want and just generally screw up the machine in every way possible. Very simple to get it back to normal. Just reboot. Very good program for educational instutions and that is where I use it. Not a program for everyday use on your home PC. Any data created while frozen will be gone when the computer is restarted. You may not like this.
This program has absolutely nothing to do with stopping viruses. That is misinformation.
For a complete read go to www.faronics.com.
If you do decide to use this program be careful as it can and will be frustrating until you get used to how it behaves.
This program has absolutely nothing to do with stopping viruses. That is misinformation.
For a complete read go to www.faronics.com.
If you do decide to use this program be careful as it can and will be frustrating until you get used to how it behaves.
Further info. It makes a snapshot of your system. This snapshot is used to restore your system to its original configuration. It works very well in this mode. I personally have not heard of any concept of virus prevention and I would need more info in that regard before commenting. At present I cannot see how that would work. The primary purpose of this software is to restore the PC to its original functionality after someone has butchered it. If you have ever had to follow students and attempt to rectify a computer that they have butchered you will bless Deepfreeze. If anything comes of this virus prevention thing please let me know as it could be interesting.
EDIT: Just spoke to Faronics Tech support. They do not recommend that this program be used in place of a good virus scanner. Everyone's situation is different and Deepfreeze in some instances will be helpful to combat viruses and in other instances will be useless in that capacity.
EDIT: Just spoke to Faronics Tech support. They do not recommend that this program be used in place of a good virus scanner. Everyone's situation is different and Deepfreeze in some instances will be helpful to combat viruses and in other instances will be useless in that capacity.
Last edited:
G25r8cer
Active Member
Basically the people would purposly download the newest virus's from certain sources (cent mention them here). And they would test their skills and their antivirus's with the virus's. And I guess if they cant figure it out they would use Deep Freeze. So technically it does prevent virus's. LOL
You don't need to train on your computer
That's why we have other people being victims
I think saying that it prevents viruses is a stretch. It will eliminate the virus by rebooting under certain circumstances only. As I said everyone situation is different. If you only have a C drive and contract a virus then a reboot will get rid of it. If you have a C & D drive with the D drive unfrozen then the virus gets into the D drive and you can reboot until the cows come home with no effect. The virus in your D drive has to be removed by other means.
This is one scenario that shows that Deepfreeze is not an adequate defender against viruses. It is totally dependant on your situation on yiur computer. No two seem to be the same. The best scenario is to employ a good AV and forget about Deepfreeze for this purpose. It seems to me that you are bent on using a piece of software for a purpose that it was not designed for. If you want more info on this simply call the Tech Support people at Faronics. As I said above, they do not recommend using Deepfreeze for virus prevention. There is other and better software out there for that purpose.
EDIT: Faronics 18009436422
This is one scenario that shows that Deepfreeze is not an adequate defender against viruses. It is totally dependant on your situation on yiur computer. No two seem to be the same. The best scenario is to employ a good AV and forget about Deepfreeze for this purpose. It seems to me that you are bent on using a piece of software for a purpose that it was not designed for. If you want more info on this simply call the Tech Support people at Faronics. As I said above, they do not recommend using Deepfreeze for virus prevention. There is other and better software out there for that purpose.
EDIT: Faronics 18009436422
G25r8cer
Active Member
Alright well thanks for all the info. I am prob gonna give it a go this weekend.
GameMaster
New Member
Nice program. My teacher's also using it -.-
Fortunately, there are a lot ways to evade the program.
Fortunately, there are a lot ways to evade the program.
M0LD0V4N
New Member
Yeah, I'm testing it out. I just launched W32.Crypto, and Midnight.Massacre
Description: W32.Crypto
[
The virus first infects the operating system file KERNEL32.DLL. Once infected, KERNEL32.DLL controls all access to other DLLs on the system and the virus encrypts all such accessed DLL files. While the virus is active in memory, it will automatically decrypt encrypted DLL files so they can be used. However, if the virus is not active in memory, the DLLs will not be decrypted and the system will fail to work. Unless the virus is active and running, all DLL files that have been encrypted will be inaccessible. This means that an infected system can only be cleaned by restoring all affected DLL files from backup copies, and deleting all infected executable files. Data files are not encrypted by this release of the virus. ]
I'll reboot and tell you all if its Gone.
Description: W32.Crypto
[
The virus first infects the operating system file KERNEL32.DLL. Once infected, KERNEL32.DLL controls all access to other DLLs on the system and the virus encrypts all such accessed DLL files. While the virus is active in memory, it will automatically decrypt encrypted DLL files so they can be used. However, if the virus is not active in memory, the DLLs will not be decrypted and the system will fail to work. Unless the virus is active and running, all DLL files that have been encrypted will be inaccessible. This means that an infected system can only be cleaned by restoring all affected DLL files from backup copies, and deleting all infected executable files. Data files are not encrypted by this release of the virus. ]
I'll reboot and tell you all if its Gone.
M0LD0V4N
New Member
REBOOTED CHECK THE LOG
Logfile of HijackThis v1.99.1
Scan saved at 1:56:09 PM, on 6/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Logfile of HijackThis v1.99.1
Scan saved at 1:56:09 PM, on 6/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
