matousec.com (site map)

Poll

On Windows 7 (or Vista) I use

  unlimited administrator's account (58.11%)

  limited administrator's account (16.5%)

  common user's account (13.65%)

  nothing (I do not use Win 7/Vista) (14.02%)

more

results

Proactive Security Challenge

Testing levels





Proactive Security Challenge has been replaced with Proactive Security Challenge 64!



Contents:


Back to contents

Level 6

The product has to score at least 50% in the tests on this level to pass it.


Back to contents

Tests


Autorun22
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun22 checks whether a malicious software can ensure its code to be persistent in the system by installing its DLL as current user's shell service object.

Autorun25
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun25 checks whether a malicious software can ensure its code to be persistent in the system by replacing the handler of HTML documents in the registry.

Autorun27
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun27 checks whether a malicious software can ensure its code to be persistent in the system by changing settings of system Winlogon service.

Autorun29
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun29 checks whether a malicious software can ensure its code to be persistent in the system by changing the system startup group policy scripts settings in the registry.

Autorun32
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun32 checks whether a malicious software can ensure its code to be persistent in the system by registering its DLL as a local security authority authentication package.

Autorun7
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun7 checks whether a malicious software can ensure its code to be persistent in the system by installing itself as the current user's default shell instead of Windows Explorer.

CPILSuite3
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: CPILSuite3 finds out whether it is possible to inject a malicious DLL into Windows Explorer using the events hook mechanism.

Crash5
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Crash5 checks whether malicious software can crash the tested product by closing all its handles remotely.

Crash6
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Crash6 checks whether malicious software can crash the tested product by flooding its handle table remotely.

DDEtest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: DDEtest checks whether the tested product protects Internet Explorer from being manipulated by a malicious application via DDE protocol.

ECHOtest2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: ECHOtest2 finds out whether the tested product filters ICMP traffic.

FileWri2
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileWri2 checks whether the tested product protects its files against malicious corruption of their data by setting their end of file positions to zero offsets.

FireHole
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: FireHole finds out whether it is possible to inject a malicious DLL into the default browser using windows hook mechanism.

Flank
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Flank tests whether the tested product protects Internet Explorer against manipulation performed through Web Browser COM interface.

Kernel4
Test type: System integrity test
Scoring: Driver is loaded - 0%; Driver is not loaded - 100%.
Description: Kernel4 checks whether it is possible to change information about existing driver so that a malicious driver is loaded instead after the reboot.

Keylog3
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog3 uses a documented windows hook mechanism to install a low level keyboard input monitor callback to the system.

Keylog4
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog4 uses a documented windows hook mechanism to install a hook procedure that records input messages posted to the system message queue.

Kill10
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill10 checks whether the tested product allows to inject a DLL into its processes using the windows hook mechanism.

Kill11
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill11 is similar to Kill10, it just uses the events hook mechanism.

Runner
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Runner tests if the tested product allows a malicious application to replace the default browser's executable and launch it. If the tested product fails the test, it means that it does not perform a proper identification of the trusted applications.


Back to contents

Result table

In the following table 100 represents the 100% result and 0 represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's score on this level and whether it passed this level or not.


 
Product I. Autorun27 I. Autorun7 I. Crash6 I. FileWri2 I. Kernel4 I. Kill10 ScoreResult
II. Autorun25 II. Autorun32 II. Crash5 II. ECHOtest2 II. Flank II. Keylog4 II. Runner
III. Autorun22 III. Autorun29 III. CPILSuite3 III. DDEtest III. FireHole III. Keylog3 III. Kill11
III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. -
BitDefender IS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
CIS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Jetico v2 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
KIS 2012 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Malware Defender 100 100 100 100 100 100 100 100 100 100 0 100 100 0 100 100 100 100 100 100 90%PASSED
OSSS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Free 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Pro 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
PC Tools IS 100 100 100 100 100 100 100 100 100 100 100 0 100 100 100 100 100 100 100 100 95%PASSED
Privatefirewall 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
ZoneAlarm ES 100 0 100 100 100 100 100 100 0 100 100 0 100 100 100 100 100 100 100 100 85%PASSED

Back to contents

Levels