Tenebril's new anti-spyware app casts a wide net in order to catch malware on your system.
Tenebril Inc.'s SpyCatcher 2006 takes an unusual approach to looking for possible nastyware on your system. It garners a great many possible hits by incorporating what the company calls "contextual analysis" to "shield PCs from next-generation, mutating spyware." It's an interesting-sounding approach. However, the SpyCatcher method, which casts a wide net, ends up dumping a lot of fish on the deck, some of which may be perfectly healthy.
Spycatcher offers a list of suspicious files; users can click on the file name for online info. (Click on image to expand.)
SpyCatcher begins with a configuration wizard that takes users through preferences, beginning with a first spyware scan option. You can choose Quick, Deep, or Custom methods (the Custom method lets you check Memory, Registry, or Disks). You can also decide whether and when to schedule automatic scans, and what level of protection to choose. Tenebril recommends Medium protection, because High will quarantine suspicious applications you may want to run without asking you.
Spycatcher depends more on the user's judgment about whether a tagged app is a piece of malware or not than other anti-spyware programs do. For example, in its initial run on my system, SpyCatcher easily picked up a file called NTInvisible, which is part of SpyAnywhere from SpytechSoftware. However, SpyCatcher's pop-up said that it didn't know whether it was spyware or not, and asked me to decide whether to allow or exclude it. In comparison, Spybot Search & Destroy offered an immediate identification and description of the possible malware, including an URL for the associated company.
If you don't know what to do concerning the pop-up, SpyCatcher offers a wizard with questions to jog your memory about whether you remember the file, and an invitation to go online by clicking a link to Tenebril's online encyclopedia. Unfortunately, as was too often the case, most of the fields on its info list for NTInvisible had only the word "unknown," though it had 250 detections reported by users. There was also a message, "There is no data on this file currently. It does not match any of the files we know to be safe, nor does it match any file names in our spyware database." Tenebril does offer a link for the user to search the Web via Google; the first page brought up info about NTInvisible from sites by Symantec, Computer Associates, EarthLink, and others.
The same problem occurs after a manual hard-drive scan. Spycatcher's list of scan results includes file name, category (such as "Suspicious file" or "Spyware"), and a suggested action: Allow, Ask Me (in which case, the user will be asked about the software each time it runs), Quarantine, or Remove. To get more information about the possible malware, you have to click on the file name, which again brings up the online encyclopedia, and the same lack of real advice.
Spyware is a hot topic these days, and a new anti-spyware application is not a bad thing. However, Tenebril will have to do a bit more research before its product is truly ready for prime time.
SpyCatcher 2006 Tenebril, Inc.
www.tenebril.com Price: $29.95 (one-year of updates)
Summary: SpyCatcher does trap a great deal of potential malware, but doesn't give users enough information to make it effective.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.