Tenebril's new anti-spyware app casts a wide net in order to catch malware on your system.
Tenebril Inc.'s SpyCatcher 2006 takes an unusual approach to looking for possible nastyware on your system. It garners a great many possible hits by incorporating what the company calls "contextual analysis" to "shield PCs from next-generation, mutating spyware." It's an interesting-sounding approach. However, the SpyCatcher method, which casts a wide net, ends up dumping a lot of fish on the deck, some of which may be perfectly healthy.
Spycatcher offers a list of suspicious files; users can click on the file name for online info. (Click on image to expand.)
SpyCatcher begins with a configuration wizard that takes users through preferences, beginning with a first spyware scan option. You can choose Quick, Deep, or Custom methods (the Custom method lets you check Memory, Registry, or Disks). You can also decide whether and when to schedule automatic scans, and what level of protection to choose. Tenebril recommends Medium protection, because High will quarantine suspicious applications you may want to run without asking you.
Spycatcher depends more on the user's judgment about whether a tagged app is a piece of malware or not than other anti-spyware programs do. For example, in its initial run on my system, SpyCatcher easily picked up a file called NTInvisible, which is part of SpyAnywhere from SpytechSoftware. However, SpyCatcher's pop-up said that it didn't know whether it was spyware or not, and asked me to decide whether to allow or exclude it. In comparison, Spybot Search & Destroy offered an immediate identification and description of the possible malware, including an URL for the associated company.
If you don't know what to do concerning the pop-up, SpyCatcher offers a wizard with questions to jog your memory about whether you remember the file, and an invitation to go online by clicking a link to Tenebril's online encyclopedia. Unfortunately, as was too often the case, most of the fields on its info list for NTInvisible had only the word "unknown," though it had 250 detections reported by users. There was also a message, "There is no data on this file currently. It does not match any of the files we know to be safe, nor does it match any file names in our spyware database." Tenebril does offer a link for the user to search the Web via Google; the first page brought up info about NTInvisible from sites by Symantec, Computer Associates, EarthLink, and others.
The same problem occurs after a manual hard-drive scan. Spycatcher's list of scan results includes file name, category (such as "Suspicious file" or "Spyware"), and a suggested action: Allow, Ask Me (in which case, the user will be asked about the software each time it runs), Quarantine, or Remove. To get more information about the possible malware, you have to click on the file name, which again brings up the online encyclopedia, and the same lack of real advice.
Spyware is a hot topic these days, and a new anti-spyware application is not a bad thing. However, Tenebril will have to do a bit more research before its product is truly ready for prime time.
SpyCatcher 2006 Tenebril, Inc.
www.tenebril.com Price: $29.95 (one-year of updates)
Summary: SpyCatcher does trap a great deal of potential malware, but doesn't give users enough information to make it effective.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.