VMWare ile birkaç tane özelleştirilmiş Windows sürümlerini güvenlik amaçlı test ediyorum ve testleri sizlerle paylaşıyorum.
Kurulan Sürüm: RekOS v0.4 (stable) Windows 10 Pro 1709 Build 16299.15 (Defender Olmayan Sürüm)
Sistem tamamen savunmasız. Herhangi bir kullanıcı veya uygulama, Windows veya Sistem gibi önemli klasörlerde herhangi bir dosyayı tek tıkla silebilir veya değiştirebilir.
İnternete bağlanmaya çalışan şüpheli bir işlem gözükmüyor.
ESET kapsamlı tarama (temiz)
ESET güvenlik duvarı (etkileşimli)
Kaspersky tam tarama.
VirusTotal'den tarattığımda 29 pozitif çıkıyor.
BitDefender tam tarama.
Malwarebytes ( temiz - mrt kapalı uyarısı)
Zemana antilogger.
Spyshelter antikeylogger.
Keyscrambler.
Bu sürümde başka bir antivirüs veya güvenlik testi isteğinizi yorumlarda iletebilirsiniz.
İncelememi istediğiniz başka bir özelleştirilmiş Windows sürümü varsa yorumlarda belirtebilirsiniz.
Kurulan Sürüm: RekOS v0.4 (stable) Windows 10 Pro 1709 Build 16299.15 (Defender Olmayan Sürüm)
Sistem tamamen savunmasız. Herhangi bir kullanıcı veya uygulama, Windows veya Sistem gibi önemli klasörlerde herhangi bir dosyayı tek tıkla silebilir veya değiştirebilir.
İnternete bağlanmaya çalışan şüpheli bir işlem gözükmüyor.
ESET kapsamlı tarama (temiz)
Log.
Scan log.
Version of detection Engine: 26299 (20221122)
Date: 23.11.2022 time: 01:58:58
Scanned disks, folders and files: Operating Memory; boot sectors/UEFI;WMI database; System registry; C:\boot sectors/UEFI;C:\
\Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD - unable to open [4]
\Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD.LOG - unable to open [4]
c:\windows\system32\windowspowershell\v1.0\powershell.exe - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\NTUSER.DAT - unable to open [4]
C:\documents and Settings\Asus\ntuser.dat.LOG1 - unable to open [4]
C:\documents and Settings\Asus\ntuser.dat.LOG2 - unable to open [4]
C:\system volume Information\MountPointManagerRemoteDatabase - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\Users\Asus\NTUSER.DAT - unable to open [4]
C:\Users\Asus\ntuser.dat.LOG1 - unable to open [4]
C:\Users\Asus\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\Resources\Themes\aero\VSCache\Aero.msstyles_1033_96_01.mss - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\System32\config\BBI - unable to open [4]
C:\Windows\System32\config\BBI.log1 - unable to open [4]
C:\Windows\System32\config\BBI.log2 - unable to open [4]
C:\Windows\System32\config\DEFAULT - unable to open [4]
C:\Windows\System32\config\RegBack\DEFAULT - unable to open [4]
C:\Windows\System32\config\RegBack\SAM - unable to open [4]
C:\Windows\System32\config\RegBack\SECURITY - unable to open [4]
C:\Windows\System32\config\RegBack\SOFTWARE - unable to open [4]
C:\Windows\System32\config\RegBack\SYSTEM - unable to open [4]
C:\Windows\System32\config\SAM - unable to open [4]
C:\Windows\System32\config\SAM.log1 - unable to open [4]
C:\Windows\System32\config\SAM.log2 - unable to open [4]
C:\Windows\System32\config\SECURITY - unable to open [4]
C:\Windows\System32\config\SECURITY.log1 - unable to open [4]
C:\Windows\System32\config\SECURITY.log2 - unable to open [4]
C:\Windows\System32\config\SOFTWARE - unable to open [4]
C:\Windows\System32\config\SOFTWARE.log1 - unable to open [4]
C:\Windows\System32\config\SOFTWARE.log2 - unable to open [4]
C:\Windows\System32\config\SYSTEM - unable to open [4]
C:\Windows\System32\config\SYSTEM.log1 - unable to open [4]
C:\Windows\System32\config\SYSTEM.log2 - unable to open [4]
C:\Windows\System32\config\default.LOG1 - unable to open [4]
C:\Windows\System32\config\default.LOG2 - unable to open [4]
C:\pagefile.sys - unable to open [4]
C:\swapfile.sys - unable to open [4]
Number of scanned objects: 142560.
Number of detections: 0
Time of completion: 02:12:20 Total scanning time: 802 sec (00:13:22)
Notes:
[4] object cannot be opened. It may be in use by another application or operating System.
Scan log.
Version of detection Engine: 26299 (20221122)
Date: 23.11.2022 time: 01:58:58
Scanned disks, folders and files: Operating Memory; boot sectors/UEFI;WMI database; System registry; C:\boot sectors/UEFI;C:\
\Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD - unable to open [4]
\Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD.LOG - unable to open [4]
c:\windows\system32\windowspowershell\v1.0\powershell.exe - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\documents and Settings\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\documents and Settings\Asus\NTUSER.DAT - unable to open [4]
C:\documents and Settings\Asus\ntuser.dat.LOG1 - unable to open [4]
C:\documents and Settings\Asus\ntuser.dat.LOG2 - unable to open [4]
C:\system volume Information\MountPointManagerRemoteDatabase - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - unable to open [4]
C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCacheLock.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\Users\Asus\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log1 - unable to open [4]
C:\Users\Asus\Local Settings\Microsoft\Windows\UsrClass.dat.log2 - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log1 - unable to open [4]
C:\Users\Asus\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.log2 - unable to open [4]
C:\Users\Asus\NTUSER.DAT - unable to open [4]
C:\Users\Asus\ntuser.dat.LOG1 - unable to open [4]
C:\Users\Asus\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\Resources\Themes\aero\VSCache\Aero.msstyles_1033_96_01.mss - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - unable to open [4]
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - unable to open [4]
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 - unable to open [4]
C:\Windows\System32\config\BBI - unable to open [4]
C:\Windows\System32\config\BBI.log1 - unable to open [4]
C:\Windows\System32\config\BBI.log2 - unable to open [4]
C:\Windows\System32\config\DEFAULT - unable to open [4]
C:\Windows\System32\config\RegBack\DEFAULT - unable to open [4]
C:\Windows\System32\config\RegBack\SAM - unable to open [4]
C:\Windows\System32\config\RegBack\SECURITY - unable to open [4]
C:\Windows\System32\config\RegBack\SOFTWARE - unable to open [4]
C:\Windows\System32\config\RegBack\SYSTEM - unable to open [4]
C:\Windows\System32\config\SAM - unable to open [4]
C:\Windows\System32\config\SAM.log1 - unable to open [4]
C:\Windows\System32\config\SAM.log2 - unable to open [4]
C:\Windows\System32\config\SECURITY - unable to open [4]
C:\Windows\System32\config\SECURITY.log1 - unable to open [4]
C:\Windows\System32\config\SECURITY.log2 - unable to open [4]
C:\Windows\System32\config\SOFTWARE - unable to open [4]
C:\Windows\System32\config\SOFTWARE.log1 - unable to open [4]
C:\Windows\System32\config\SOFTWARE.log2 - unable to open [4]
C:\Windows\System32\config\SYSTEM - unable to open [4]
C:\Windows\System32\config\SYSTEM.log1 - unable to open [4]
C:\Windows\System32\config\SYSTEM.log2 - unable to open [4]
C:\Windows\System32\config\default.LOG1 - unable to open [4]
C:\Windows\System32\config\default.LOG2 - unable to open [4]
C:\pagefile.sys - unable to open [4]
C:\swapfile.sys - unable to open [4]
Number of scanned objects: 142560.
Number of detections: 0
Time of completion: 02:12:20 Total scanning time: 802 sec (00:13:22)
Notes:
[4] object cannot be opened. It may be in use by another application or operating System.
ESET güvenlik duvarı (etkileşimli)
şüpheli işlem görülmedi
Kaspersky tam tarama.
ProcessHacker.exe dosyasını zararlı olarak tespit ediyor. processhacker-2.39-setup.exe dosyasını orijinal sitesinden indirip hash değerlerini karşılaştırdım. Değerler aynı çıktı ve Kaspersky bunun için de aynı uyarıları verdi. Yani sorun process hacker kaynaklı.
VirusTotal'den tarattığımda 29 pozitif çıkıyor.
BitDefender tam tarama.
C:\Users\Asus\Desktop\ProcessHacker.exe uygulaması potansiyel olarak istenmeyen bir uygulama olarak algılandı ve engellendi.
Algılama adı: Application. Processhacker. 1
Bu uygulamaya güvenmiyorsanız, karantinaya taşımayı seçebilirsiniz.
C:\Users\Asus\Desktop\processhacker-2.39-setup.exe uygulaması potansiyel olarak istenmeyen bir uygulama olarak algılandı ve engellendi.
Algılama adı: Application. Processhacker. 1
Bu uygulamaya güvenmiyorsanız, karantinaya taşımayı seçebilirsiniz.
Algılama adı: Application. Processhacker. 1
Bu uygulamaya güvenmiyorsanız, karantinaya taşımayı seçebilirsiniz.
C:\Users\Asus\Desktop\processhacker-2.39-setup.exe uygulaması potansiyel olarak istenmeyen bir uygulama olarak algılandı ve engellendi.
Algılama adı: Application. Processhacker. 1
Bu uygulamaya güvenmiyorsanız, karantinaya taşımayı seçebilirsiniz.
Malwarebytes ( temiz - mrt kapalı uyarısı)
pum. Optional. Disablemrt, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU
Zemana antilogger.
temiz - şüpheli işlem görülmedi
Spyshelter antikeylogger.
temiz - şüpheli işlem görülmedi
Keyscrambler.
temiz - şüpheli işlem görülmedi
Bu sürümde başka bir antivirüs veya güvenlik testi isteğinizi yorumlarda iletebilirsiniz.
İncelememi istediğiniz başka bir özelleştirilmiş Windows sürümü varsa yorumlarda belirtebilirsiniz.
Ghost Spectre Sürümü Güvenlik Testi
Son düzenleme:
