Poll
Should software vendors reward independent researchers for finding vulnerabilities in their software?
Proactive Security Challenge
- Introduction
- Results and comments
- Testing levels
- List of products
- Archive of results
- My leaks
- Frequently asked questions
Testing levels
Contents:
Level 5
The product has to score at least 50% in the tests on this level to pass it.
Tests
Autorun15
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun15 checks whether a malicious software can ensure its code to be persistent in the system by installing itself into the system registry so that the malware is started every time the current user logs in.
Autorun18
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun18 checks whether a malicious software can ensure its code to be persistent in the system by changing the machine wide Windows Explorer's policy.
Autorun21
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun21 checks whether a malicious software can ensure its code to be persistent in the system by installing its DLL as a machine wide shell service object.
Autorun28
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun28 checks whether a malicious software can ensure its code to be persistent in the system by defining itself as a boot verification program.
Autorun5
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun5 checks whether a malicious software can ensure its code to be persistent in the system by installing itself into the system registry so that it is started every time an executable binary is started.
Breakout1
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Breakout1 checks whether the tested product protects Internet Explorer from being manipulated by malicious program using windows messages.
CPILSuite2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: CPILSuite2 finds out whether it is possible to inject a malicious DLL into Windows Explorer using the events hook mechanism.
Crash1
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash1 checks whether the tested product allows a malicious application to invalidate contexts of its threads.
Crash2
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash2 finds out whether the tested product can be crashed by invalidating its memory pages.
Crash3
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash3 checks whether the tested product allows a malicious process to rewrite memory of the product's processes.
Crash4
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash4 checks whether malicious software can crash the tested product by reserving out all of its free memory.
FileWri1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileWri1 checks whether the tested product protects its files against malicious corruption of their data.
Kernel2
Test type: System integrity test
Scoring: Driver is loaded - 0%; Driver is not loaded - 100%.
Description: Kernel2 checks whether malicious software can load driver using Service Control Manager.
Kernel3
Test type: System integrity test
Scoring: Driver is loaded - 0%; Driver is not loaded - 100%.
Description: Kernel3 checks whether malicious software can load driver using a special undocumented API function.
Keylog2
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog2 repeatedly tries to get the previous status of key codes and thus obtain the information about keys pressed by the user.
Kill3c
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill3 checks whether the tested product can be terminated by an untrusted process through sending it a shutdown message.
Kill3d
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill3d uses yet another technique to send the shutdown message to the the tested product's processes.
RegDel2
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: RegDel2 checks whether the tested product protects its registry keys and values against malicious deletion using a special registry restoring technique.
Svckill
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: Svckill checks whether the tested product protects its services and drivers against malicious manipulation.
VBStest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: VBStest tests whether the tested product protection can be bypassed through the system Visual Basic script interpret.
Result table
In the following table 
represents the 100% result and 
represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's
score on this level and whether it passed this level or not.
| Product | I. Autorun21 | I. Breakout1 | I. Crash2 | I. FileWri1 | I. Keylog2 | I. RegDel2 | – – | Score | Result | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| II. Autorun18 | II. Autorun5 | II. Crash1 | II. Crash4 | II. Kernel3 | II. Kill3d | II. VBStest | |||||||||||||||||
| III. Autorun15 | III. Autorun28 | III. CPILSuite2 | III. Crash3 | III. Kernel2 | III. Kill3c | III. Svckill | |||||||||||||||||
| III. | II. | I. | III. | II. | I. | III. | II. | I. | III. | II. | I. | III. | II. | I. | III. | II. | I. | III. | II. | - | |||
| Comodo IS | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 100% | PASSED |
| Jetico v2 | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 0 | 100 | 100 | N/A | N/A | 100 | – | 92% | PASSED |
| KIS | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 100% | PASSED |
| Lavasoft | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 50 | N/A | 0 | 100 | 0 | 100 | 100 | N/A | N/A | 100 | – | 79% | PASSED |
| Malware Defender | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 100% | PASSED |
| Netchina | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 0 | 100 | 0 | 100 | 100 | N/A | N/A | 100 | – | 83% | PASSED |
| Norton | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 0 | 0 | 100 | 100 | 100 | N/A | N/A | 100 | – | 83% | PASSED |
| OA Free | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 0 | 100 | 100 | N/A | N/A | 100 | – | 92% | PASSED |
| OA Premium | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 100% | PASSED |
| Outpost Free | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 0 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 92% | PASSED |
| Outpost Suite | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 0 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 92% | PASSED |
| PC Tools | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 100 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 100% | PASSED |
| Privatefirewall | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 50 | 50 | 50 | 50 | N/A | 0 | 100 | 100 | 100 | 100 | N/A | N/A | 100 | – | 75% | PASSED |
| TrendMicro | N/A | N/A | N/A | N/A | N/A | 0 | 0 | 0 | 0 | 100 | 0 | N/A | 0 | 100 | 100 | 0 | 0 | N/A | N/A | 0 | – | 25% | FAILED |
| Webroot | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 50 | 50 | 50 | 50 | N/A | 0 | 0 | 0 | 100 | 100 | N/A | N/A | 100 | – | 58% | PASSED |
| ZoneAlarm Pro | N/A | N/A | N/A | N/A | N/A | 100 | 100 | 100 | 100 | 100 | 100 | N/A | 0 | 100 | 0 | 100 | 100 | N/A | N/A | 100 | – | 83% | PASSED |
Levels
- Level 1 – Autorun1, Autorun3, Breakout2, Coat, ECHOtest, FileDel2, Kill1, Kill2, Leaktest, Tooleaky, Wallbreaker1, Yalta
- Level 2 – Autorun12, Autorun2, Autorun20, Autorun30, AWFT1, DNStest, FileMov2, Ghost, HostsBlock, Jumper, Kill3, Kill3b, Kill6, RegDel1, Wallbreaker3, Wallbreaker4
- Level 3 – Autorun16, Autorun24, Autorun31, Autorun4, AWFT3, AWFT4, DNStester, FileRep1, Kernel1, Kill3f, Kill4, Kill7, RegSet1, SSS2, Suspend1, Thermite, Wallbreaker2
- Level 4 – Autorun14, Autorun17, Autorun26, Autorun36, Autorun37, Autorun6, Autorun9, CopyCat, CPIL, CPILSuite1, FileRep2, Inject2, Inject3, Kernel1b, Keylog1, Kill3e, Kill8, Kill9, SSS, Suspend2
- Level 5 – Autorun15, Autorun18, Autorun21, Autorun28, Autorun5, Breakout1, CPILSuite2, Crash1, Crash2, Crash3, Crash4, FileWri1, Kernel2, Kernel3, Keylog2, Kill3c, Kill3d, RegDel2, Svckill, VBStest
- Level 6 – Autorun22, Autorun25, Autorun27, Autorun29, Autorun32, Autorun7, CPILSuite3, Crash5, Crash6, DDEtest, ECHOtest2, FileWri2, FireHole, Flank, Kernel4, Keylog3, Keylog4, Kill10, Kill11, Runner
- Level 7 – Autorun10, Autorun19, Autorun33, Autorun35, Autorun8, BITStest, Crash4b, FileDel1, FileMov1, FileWri3, FireHole2, Inject1, Keylog5, Keylog6, Kill12, OSfwbypass, RegAcc1, Runner2, Schedtest, SSS3
- Level 8 – Autorun11, Autorun13, Autorun23, Autorun34, FileDel3, FileOpn1, FileOpn2, Kernel4b, Kernel5, Kernel5b, Keylog7, Kill5, NewClass, Schedtest2, SockSnif, SSS4
- Level 9 – Crash7, Driver Verifier, FileAcc1, FileCtl1, FileWri4
- Level 10 – BSODhook, ShadowHook