NOD32 stops one of Spycars tests

I don't know if this has been discussed in this forum. But I was running Spycar to test my antispyware the other day. I thought that Spyware Doctor stopped this test, but it ended up being NOD32 that was protecting me. I didn't notuice until I checked the threat log this morning.

Time Module Object Name Threat Action User Information
12/16/2006 19:37:45 PM AMON file C:\Documents and Settings\Owner\Application Data\Spycar\SpywareDoctor\HKLM_RunOnceEx-Target.exe Win32/Hoax.SpyWare.C application quarantined - deleted - error while cleaning - operation unavailable for this type of object GMPASSOCIATES\Owner Event occurred on a new file created by the application: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\HLPF271P\HKLM_RunOnceEx[1].exe. The file was moved to quarantine. You may close this window.

 

nice How about the other tests?

 

Unfortunately, NOD and Spyware Dcotor let all the other tests run. However, this test was really designed more for HIPS/antispyware applications. It tests whether your defense will allow a registry change, a browser hijack, etc.

 

yes, that's right. It's not important to be detected by signatures... maybe heuristically somehow, but that is definetly not a test for AVs.

 

Yea the other test would pass if you had a good software firewall such as comodo

 

Check http://eset.com/threat-center/blog/?p=26 for more information.