matousec.com (site map)

Poll

On Windows 7 (or Vista) I use

  unlimited administrator's account (58.1%)

  limited administrator's account (16.49%)

  common user's account (13.65%)

  nothing (I do not use Win 7/Vista) (14.05%)

more

results

Proactive Security Challenge

Testing levels





Proactive Security Challenge has been replaced with Proactive Security Challenge 64!



Contents:


Back to contents

Level 8

The product has to score at least 50% in the tests on this level to pass it.


Back to contents

Tests


Autorun11
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun11 checks whether a malicious software can ensure its code to be persistent in the system by changing the location of the crucial registry key.

Autorun13
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun13 checks whether a malicious software can ensure its code to be persistent in the system by installing a Winlogon's notification.

Autorun23
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun23 checks whether a malicious software can ensure its code to be persistent in the system by replacing one of the DLLs that WinSock2 service depends on.

Autorun34
Test type: Autorun test
Scoring: Failure – 0%; Success – 100%.
Description: Autorun34 checks whether a malicious software can ensure its code to be persistent in the system by registering its DLL as a local security authority security package.

FileDel3
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileDel3 checks whether the tested product protects its files and directories against malicious deletion using a special file opening flag.

FileOpn1
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileOpn1 checks whether the tested product protects its files against malicious corruption using a special file opening flag.

FileOpn2
Test type: Self-defense test
Scoring: At least one of the tested product's processes or components is not loaded, is damaged, is limited to do its job, or does not work properly after the reboot – 0%; Success – 100%.
Description: FileOpn2 checks whether the tested product protects its files against malicious corruption using a special file opening flag.

Kernel4b
Test type: System integrity test
Scoring: Driver is loaded - 0%; Driver is not loaded - 100%.
Description: Kernel4b checks whether it is possible to change information about existing driver so that a malicious driver is loaded instead after the reboot. The change itself is made using special registry API functions.

Kernel5
Test type: System integrity test
Scoring: Malicious code was executed in the kernel mode - 0%; Malicious code was not executed in the kernel mode - 100%.
Description: Kernel5 checks whether it is possible for malware to exploit the system debugging functions in order to execute code in the privileged kernel mode.

Kernel5b
Test type: System integrity test
Scoring: Malicious code was executed in the kernel mode - 0%; Malicious code was not executed in the kernel mode - 100%.
Description: Kernel5b attempst to inject its DLL into Print Spooler service and from within its context it tries to exploit the system debugging functions in order to execute code in the privileged kernel mode.

Keylog7
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: Keylog7 uses a DirectX method of receiving the keyboard input to monitor user's keystrokes.

Kill5
Test type: Self-defense test
Scoring: At least one of the target processes or threads was terminated – 0%; Success – 100%.
Description: Kill5 finds out whether the tested product can be terminated using a standard way to terminate application.

NewClass
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: NewClass checks whether the tested product deals with the OLE objects properly.

Schedtest2
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: Schedtest2 checks whether the tested product allows attempts to use the system scheduler to create a malicious instance of Internet Explorer.

SockSnif
Test type: Spying test
Scoring: Failure – 0%; Success – 100%.
Description: SockSnif binds to a local network interface and enables promiscuous mode on it. This allows SockSnif to spy on all the network traffic that goes through the given interface.

SSS4
Test type: Leak-test
Scoring: Failure – 0%; Success – 100%.
Description: SSS4 waits for a system shutdown and then it checks whether the tested product protects your system until all untrusted applications are terminated.


Back to contents

Result table

In the following table 100 represents the 100% result and 0 represents the 0% result. Other values are displayed as rounded whole numbers. The last two columns summarize the product's score on this level and whether it passed this level or not.


 
Product I. Autorun23 I. FileOpn1 I. Kernel5 I. Kill5 I. SockSnif ScoreResult
II. Autorun13 II. FileDel3 II. Kernel4b II. Keylog7 II. Schedtest2
III. Autorun11 III. Autorun34 III. FileOpn2 III. Kernel5b III. NewClass III. SSS4
III. II. I. III. II. I. III. II. I. III. II. I. III. II. I. III. - -
BitDefender IS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
CIS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Jetico v2 100 100 100 100 100 100 100 100 100 0 100 100 100 0 100 100 88%PASSED
KIS 2012 100 100 100 100 0 0 0 100 100 100 100 100 100 100 100 100 81%PASSED
Malware Defender 100 100 100 100 100 100 100 100 100 0 100 100 100 0 0 100 81%PASSED
OSSS 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
Outpost SS Free 100 100 100 100 100 100 100 100 100 0 100 100 100 100 100 100 94%PASSED
Outpost SS Pro 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
PC Tools IS 100 100 100 100 0 0 0 100 100 100 100 100 100 100 100 100 81%PASSED
Privatefirewall 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100%PASSED
ZoneAlarm ES 100 100 100 0 0 0 0 100 100 0 100 100 0 0 0 100 50%PASSED

Back to contents

Levels