matousec.com (site map)

Poll

On Windows 7 (or Vista) I use

  unlimited administrator's account (58.03%)

  limited administrator's account (16.5%)

  common user's account (13.66%)

  nothing (I do not use Win 7/Vista) (14.07%)

more

results

Proactive Security Challenge

Testing levels





Proactive Security Challenge has been replaced with Proactive Security Challenge 64!



Contents:


Back to contents

Level 4

The product has to score at least 50% in the tests on this level to pass it.


Back to contents

Tests


Autorun14
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun14 checks whether a malicious software can ensure its code to be persistent in the system by installing itself into the system registry so that the malware is started every time the current user logs in.

Autorun17
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun17 checks whether a malicious software can ensure its code to be persistent in the system by changing the current user's registry settings of the Command Processor.

Autorun26
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun26 checks whether a malicious software can ensure its code to be persistent in the system by installing its DLL as a shell's hooking library.

Autorun36
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun36 checks whether a malicious software can ensure its code to be persistent in the system by changing the current user's screen saver settings.

Autorun37
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun37 checks whether a malicious software can ensure its code to be persistent in the system by installing itself as an application started early during the system boot process.

Autorun6
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun6 checks whether a malicious software can ensure its code to be persistent in the system by installing itself as the system wide default shell instead of Windows Explorer.

Autorun9
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun9 checks whether a malicious software can ensure its code to be persistent in the system by changing the default system application that initiates the users' environment when they log in.

CopyCat
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: CopyCat tests whether the tested product is able to block attempts to manipulate a running instance of the default browser in memory.

CPIL
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: CPIL finds out whether it is possible to bypass the tested product by infecting Windows Explorer with a malicious code that spawns a malicious copy of Internet Explorer.

CPILSuite1
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: CPILSuite1 checks whether the tested product protects a physical memory image from being accessed by malicious user mode applications.

FileRep2
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileRep2 checks whether the tested product protects its files against malicious replacing with hard links.

Inject2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Inject2 attempts to inject a DLL into Internet Explorer by creating the DLL in the browser's installation directory with a name of one of the system DLLs it depends on.

Inject3
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Inject3 attempts to inject a DLL into Internet Explorer by changing the environment variable and creating the DLL with a name of one of the system DLLs the browser depends on.

Kernel1b
Test type: System integrity test
Scoring: Driver is loaded - 0%; Driver is not loaded - 100%.
Description: Kernel1b checks whether malicious software can load driver to the operating system kernel if it does not touch the registry value "ImagePath", which is usually protected in order to prevent loading the drivers.

Keylog1
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog1 repeatedly tries to get the current status of key codes and thus obtain the information about keys pressed by the user.

Kill3e
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill3e checks whether the tested product can be terminated by an untrusted process through sending it a shutdown message.

Kill8
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill8 tests whether the tested product protects its processes against termination from within the critical system processes.

Kill9
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill9 tests whether the tested product protects itself against misuse of job objects.

SSS
Test type: Other
Scoring: Failure (an unwanted user logout or a system shutdown were not prevented) – 0%; Success – 100%.
Description: SSS attempts to log out currently logged on user.

Suspend2
Test type: Self-defense test
Scoring: At least one of the target processes or threads was suspended – 0%; Success – 100%.
Description: Suspend2 checks whether the tested product protects its processes from being suspended.


Back to contents

Result table

In the following table 100 represents the 100% result and 0 represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's score on this level and whether it passed this level or not.


 
Product I. Autorun26 I. Autorun6 I. CPIL I. Inject2 I. Keylog1 I. Kill9 ScoreResult
II. Autorun17 II. Autorun37 II. CopyCat II. FileRep2 II. Kernel1b II. Kill8 II. Suspend2
III. Autorun14 III. Autorun36 III. Autorun9 III. CPILSuite1 III. Inject3 III. Kill3e III. SSS
III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. -
BitDefender IS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 0 100 95%PASSED
CA ISS 2011 100 0 0 100 100 100 100 100 100 100 0 0 0 100 0 0 100 0 0 0 50%PASSED
CIS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Jetico v2 100 100 100 100 100 100 100 100 100 100 100 0 0 100 0 100 100 100 0 100 80%PASSED
KIS 2012 100 100 100 100 100 100 100 100 100 100 100 0 0 100 100 100 100 100 100 100 90%PASSED
Malware Defender 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
OSSS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Free 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Pro 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
PC Tools IS 100 100 100 100 100 100 100 100 100 100 0 100 100 100 100 100 100 100 100 100 95%PASSED
Privatefirewall 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Rising IS 100 0 100 0 100 100 100 100 100 100 0 0 0 100 0 0 100 0 100 0 55%PASSED
ZoneAlarm ES 100 100 100 100 100 100 100 100 100 100 0 100 100 100 100 100 100 100 0 100 90%PASSED

Back to contents

Levels