matousec.com (site map)

Poll

On Windows 7 (or Vista) I use

  unlimited administrator's account (58.11%)

  limited administrator's account (16.5%)

  common user's account (13.65%)

  nothing (I do not use Win 7/Vista) (14.02%)

more

results

Proactive Security Challenge

Testing levels





Proactive Security Challenge has been replaced with Proactive Security Challenge 64!



Contents:


Back to contents

Level 7

The product has to score at least 50% in the tests on this level to pass it.


Back to contents

Tests


Autorun10
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun10 checks whether a malicious software can ensure its code to be persistent in the system by changing the debugger settings of the default system application, which initiates users' environment when they log in.

Autorun19
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun19 checks whether a malicious software can ensure its code to be persistent in the system by changing the current user's Windows Explorer's policy.

Autorun33
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun33 checks whether a malicious software can ensure its code to be persistent in the system by registering its DLL as a local security authority notification package.

Autorun35
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun35 checks whether a malicious software can ensure its code to be persistent in the system by replacing the default graphical identification and authentication library with its own DLL.

Autorun8
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun8 checks whether a malicious software can ensure its code to be persistent in the system by changing the current user's shell policy.

BITStest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: BITStest checks if it is possible to bypass the tested product by using Background Intelligent Transfer Service (BITS) through Background Copy Manager COM interface.

Crash4b
Test type: Self-defense test
Scoring: At least one of the target processes or threads was crashed – 0%; Success – 100%.
Description: Crash4b checks whether malicious software can crash the tested product by reserving out all of its free memory using file mapping.

FileDel1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileDel1 checks whether the tested product protects its files and directories against malicious deletion.

FileMov1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileMov1 checks whether the tested product protects its files and directories against malicious renaming.

FileWri3
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileWri3 checks whether the tested product protects its files against malicious corruption of their data using file mappings.

FireHole2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: FireHole2 finds out whether it is possible to inject a malicious DLL into the default browser using the advanced DLL injection method.

Inject1
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Inject1 attempts to inject a DLL into Internet Explorer by creating a special section for one of the DLLs the browser's application depends on.

Keylog5
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog5 repeatedly attaches the keyboard input of the foreground windows' process to be able to sniff the user's input of that process.

Keylog6
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog6 registers a raw input device to be able to monitor user's keystrokes.

Kill12
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill12 checks whether malware can terminate the tested product using the system APC mechanism.

OSfwbypass
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: OSfwbypass tests whether the tested product is able to deny an attempt to display and execute contents of a malicious HTML page. This attempt is performed by a special API.

RegAcc1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: RegAcc1 checks whether the tested product protects its registry keys against malicious manipulation of their security descriptors.

Runner2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Runner2 tests whether the tested product protects a binary image of the default browser.

Schedtest
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Schedtest checks whether the tested product allows a malicious application to schedule a task through Task Scheduler COM interface.

SSS3
Test type: Other
Scoring: Failure (an unwanted user logout or a system shutdown were not prevented) – 0%; Success – 100%.
Description: SSS3 attempts to reboot the system using special API.


Back to contents

Result table

In the following table 100 represents the 100% result and 0 represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's score on this level and whether it passed this level or not.


 
Product I. Autorun33 I. BITStest I. FileMov1 I. Inject1 I. Kill12 I. Runner2 ScoreResult
II. Autorun19 II. Autorun8 II. FileDel1 II. FireHole2 II. Keylog6 II. RegAcc1 II. SSS3
III. Autorun10 III. Autorun35 III. Crash4b III. FileWri3 III. Keylog5 III. OSfwbypass III. Schedtest
III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. II. -
BitDefender IS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
CIS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Jetico v2 100 100 100 100 100 100 100 100 100 100 100 0 0 0 100 100 0 0 100 100 75%PASSED
KIS 2012 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Malware Defender 100 100 100 100 100 0 100 100 100 100 100 0 100 100 100 0 100 100 100 0 80%PASSED
OSSS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Free 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Pro 100 100 100 100 100 100 100 100 0 100 100 100 100 100 100 100 0 100 100 100 90%PASSED
PC Tools IS 100 100 100 100 100 100 100 0 0 0 100 100 100 100 100 100 100 100 100 100 85%PASSED
Privatefirewall 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
ZoneAlarm ES 100 100 100 100 0 0 100 0 0 0 100 100 100 100 100 100 100 100 0 0 65%PASSED

Back to contents

Levels