The Spycar Project
Results 1 to 9 of 9

Thread: The Spycar Project

  1. #1
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564

    The Spycar Project

    For those of you, who are interested to see if the Antispyware Application you use, is working...

    What is Spycar?
    Spycar is a suite of tools designed to mimic spyware-like behavior, but in a benign form. Intelguardians created Spycar so anyone could test the behavior-based defenses of an anti-spyware tool. Spycar runs only on Windows, the same platform most targeted by spyware developers.

    Why did you create Spycar?
    Many anti-spyware tools put all of their eggs in the signature basket. That is, the vendor detects spyware by including thousands of signatures looking for specific sequences of bits on your hard drive or in memory. Behavior-based detection, another approach, lets anti-spyware stop malicious software based on its actions, not a specific set of signatures. We wanted to see how anti-spyware tools could cope with new spyware for which they didnít have a signature. In our own laboratory, we tested a bunch of enterprise anti-spyware tools, and found that their behavior-based defenses were seriously lacking. As long as no signature has been defined for a given piece of spyware, a lot of anti-spyware tools offer virtually no protection. We wanted to give you a chance to evaluate your own anti-spyware tool, so we released Spycar.
    Spycar test
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  2. #2
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Googd info thanks!
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    nihil is not going to like this. Ewido failed miserably against the spycar tests.

    //me going to the internet looking for a new freebie anti-spyware.

  4. #4
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    Good link Dalek I bookmarked it.
    Git R Dun - Ty
    A tribe is wanted

  5. #5
    Senior Member
    Join Date
    Dec 2002
    Posts
    129

    wow

    Just curious anything hold up against this yet (spycar)?

  6. #6
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    Well, I just put Windows Defender on and ran SpyCar against it. Yes, it does what it is supposed to do. It holds the activity until you get a chance to approve or disapprove it. The trick is testing the IE stuff. I'm having problems since the Black Tuesday patch getting IE to go anywhere reliably. I may have to get the IE7 beta.

  7. #7
    Senior Member
    Join Date
    Dec 2002
    Posts
    129
    thanks rapier57, i'll try that

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hi Rapier57 ,

    I haven't tested them all yet. Ewido killed the first two...........try this:

    http://winpooch.free.fr/home/index.php

    Winpooch is a free, open source application...............it nailed the second two

    I will test the rest later. Please remember that you need to have the interactive EWIDO running...........it is an orange icon in the system tray. Once the trial is over, EWIDO reverts to an on demand scanner only.

    So far nothing has got through to WinPatrol, RegistryProt, SpyDefense, Spyware Blaster etc.

    I will report the full results later.............got to go to my cactus society meeting
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    OK, I tried to run them all.

    EWIDO is "aware" of Spycar, and reports it as "not a virus".............it prevented the tests running, with the exceptions of the ones you had to create a test profile for, and those were killed by WinPooch.

    EWIDO stuck the tests into quarantine, and Spycar did not even know that I had run them It did detect that WinPooch had blocked the 4 it dealt with.

    Nothing got through.........................
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides