Any security storage system needs to address at least three security issues: confidentiality, integrity and freshness. Of these, freshness is the most challenging problem. However, the traditional software-based solutions themselves are on the storage device, such as a hard disk. Hence, they can not solve the problem. The attacker can replay the whole disk data using an “out-of-date” image of hard disk. Thus, the only solution to this problem would be to employ some form of irreversible state change. In this paper, we analyze the problem of replay attacks upon storage, and propose a TPM-based solution to build virtual counters, in order to defend against replay attacks. In this solution, we build a virtual counter manager (VCM) with three mechanisms in TPM: TPM Counters, transport sessions and protection of private keys; and then we can create and manage lots of trusted virtual counters with VCM. Furthermore, an algorithm for checking malicious operations of VCM is presented in order to ensure the trust of it. Hence, the security of our solution just depends on the tamper-resistant module TPM. Finally, the performance of our solution is analyzed, and two changes are proposed to improve the performance in order to keep the solution of anti-replay attacks feasible.