In this test we examine the self-protection capabilities of TOP-20 most popular Internet Security antivirus products against 33 cases of possible malware attacks aimed to override or disrupt operation of the antivirus protection. This was the first time we tested the antivirus self-protection under Windows 7 x64.
Social engineering techniques make it easy to entice users to download and launch malicious programs as yet unknown by antivirus solutions. In such cases, in order to gain complete and uninterrupted control over the system, malicious programs search for an antivirus program, firewall or other protective solution in order to disrupt its operation.
Consequently, contemporary antivirus products should be able to resist such attempts, that is, they should include self-protection functionality. This helps them to resist even the most complicated attacks, such as when malicious programs use a variety of methods to disable protection, and remove the infection using standard tools after receiving the appropriate antivirus database updates.
Comparative testing of 21 popular firewalls to check the quality of protection from attacks, coming from inside the system. In the test we checked the protection on 64 specially developed utilities, checking the protection of processes from quitting, protection from standard outbound attacks, protection from non-standard leaks and protection from non-standard techniques of penetration inside the kernel-mode.