Security

PRODUCT REVIEW

Spycatcher Deadly to Spyware – But Watch Out

The recent release of Tenebril’s SpyCatcher 3.5 packs several high-powered features. Its sophisticated detection engine requires less memory to scan a computer and its components, resulting in scans up to 300 percent faster than earlier versions and most competitive products.

SpyCatcher brings more intrusion-fighting features to consumers and enterprise customers than are found in other anti-spyware products. It eliminates spyware, adware, trojans and other malicious software.

While most, if not all, other anti-spyware software finds and removes intrusive programs while they are active, when you reboot the computer, the newest pesky critter codes resurrect themselves from deep within the Windows Registry, hidden folders, and already-deleted files.

Spyware Reinstallation Prevented

Also, when you visit the same Internet havens for secret spyware infections, the removed spyware easily reinfests your computer. This makes spyware chasing an ever-present maintenance task.

Not so with SpyCatcher 3.5. It goes one big step further. It prevents spyware from re-installing.

SpyCatcher also adds other new features that provide further protection. These include Anti-Phishing Capability, Parachute recovery Feature, and Host File Analyzer.

But use it carefully, because it packs a big punch against some files it deems suspicious.

SpyCatcher’s Protector feature warns users when an illegitimate Web page is phishing, or posing as a bank or other official source in order to steal information. This patent-pending method compares the content of a Web page visited to the content of the real Web page.

Identity theft works largely because consumers are duped through phishing into clicking an innocent-looking link to a friendly Web site. The real URL, however, is cleverly concealed so the computer user ends up at a fake Web site that captures innocently entered personal data.

Spycatcher provides an instant warning if the contents of the Web page match even approximately, yet the proper domain name is not indicated. This makes consumers practically fool-proof safe from being tricked into giving up bank account numbers and passwords.

Parachute Safety

One of the most notorious tricks built into some spyware is the ability to activate itself from the moment that the Windows operating system starts up. The Parachute Feature defeats this stealth attack.

SpyCatcher runs ahead of the computer’s boot routine. If it detects spyware loading at startup, the Parachute component boots the computer in Safe Mode, deletes the spyware, then restarts the computer.

What makes this feature even more innovative is the notification system. SpyCatcher immediately issues an alert so the user can tell which sites are generating the illicit activity.

To ensure changes can be undone if desired, the software tracks changes in a work history log.

SpyCatcher 3.5 monitors every part of the user’s PC, including memory, registry, network drives, hard disks and removable or optical drives, ensuring complete protection.

Hijackers Nixed

Another area of concern is that computers maintain a host file to tell Internet Explorer and other browsers where to look when instructed to visit a Web site. Spyware writers can cleverly redirect the computer’s attention while rogue programs rewrite the entries.

SpyCatcher compares the host file with what the Internet says the Web site URL should be. Thus, SpyCatcher can block re-writing of the file and redirecting of users to unwanted sites.

“If spyware never changed, it would be easy to stop. Unfortunately it continually evolves, escaping detection,” Joshua Blanchfield, chief executive officer of Tenebril, told TechNewsWorld. “Just as spyware, adware and phishing scams have become more insidious and sophisticated, SpyCatcher has adapted as well.”

Resources Trimmed

By requiring less memory to complete its tasks, this latest version of SpyCatcher has a speedier scanning engine. This redefined engine, according to Tenebril’s engineers, uses a partial-matching search algorithm that catches a much wider range of programs.

This trimmed down engine is more adept at catching spyware “mutations” that might only have parts of a spyware fingerprint in place.

The auto-update feature adds to the improved resources. The update feature is linked to Tenebril’s constantly updated anti-spyware research database. The program doesn’t wait for users to manually check for spyware signature updates. Instead, automatic updates ensure that new defenses are added on a regular basis.

Bridging the Gap

Tenebril’s CEO Blanchfield is quick to admit that SpyCatcher won’t wipe out the spyware threat.

“This isn’t a silver bullet,” he told TechNewsWorld. “Companies pushing spyware are money driven, so they will be back with newer and better tactics.”

Blanchfield noted that spyware authors are very creative and adapt their strategies quickly.

“It’s hard to say if we’ve caught up with them. But today we are ahead,” he said.

Use Caution

On a personal note, in testing this latest release of SpyCatcher, I was both helped and hindered slightly. So take my advice and use this program very carefully — but use it.

I’m not criticizing the program’s performance. I found that it measures up to Tenebril’s claims very well.

However, unlike any other anti-spyware product I have tested or use regularly, SpyCatcher needs your undivided attention when removing spyware traces.

I failed to follow an old program reviewer’s golden rule. I installed it late at night and was caught off guard when the search engine finished scouring the hard drive all-too-soon.

SpyCatcher found more than one dozen incidents of spyware components on a system that I had earlier in the day checked with three other products and gotten an all clear. These anti-spyware packages where all up-to-date.

It was late. I got careless. SpyCatcher removed the majority of spyware fast and clean. However, I wanted more. So I told it “yes” when quizzed about removing some dozen suspicious files. Yes, I was sure!

Overzealous Removal

However, I should not have been so anxious. If I had taken the time to actually study the list of targeted file names in the suspicious list, I would have recognized some “don’t go there” file names.

Sure, there were suspicious files in that list. However, there also were a few rather significant legitimate files. One was a configuration control for the video driver. Another was the software for my flat screen’s pivot feature. A third was the OCX file from the Windows Registry associated with another intrusion protection service that I use regularly.

What happened next should be all too obvious. When I rebooted the computer, the monitor was decorated with numerous messages about configuration errors and missing program components. All were from legitimate programs that lived on the hard drive before spyware was invented.

Oh yes, the screen resolution was locked into the lowest possible resolution setting.

It took me hours to reinstall and reconfigure the damage I had done by my carelessness. SpyCatcher is so thorough that I could not undo my mistakes easily. Windows had no record of any system changes, so I could not simply go back to an earlier checkpoint.

The Moral

SpyCatcher is a powerful, innovative anti-spyware package. It does what Tenebril says it will do. It found spyware and related trace elements that other “innovative” anti-spyware programs on my hard drive never saw or could not see.

Those culprits have not reinstalled themselves. Nothing new has slipped past SpyCatcher, either.

And I haven’t admitted to the program that I am sure about removing all suspicious files since my initial disastrous encounter.

Pricing and Availability

SpyCatcher 3.5 is available for a one-time fee of US$29.95 including free auto-updates. It is offered as a free upgrade to current users of SpyCatcher 3.0. The product may be purchased via Tenebril’s Web site as well as through all major computer electronics stores in the U.S. and the UK, both online and retail.


Read More Reviews…


1 Comment

  • Spycatcher may be a legitimate anti-spyware program and it may do everything this article claims. I AM skeptical of the validity of this article, however, and therefore AM not about to rush out and buy this item.
    Why? simply because of the way it was written. I do not believe this is a real news article or objective review of a product but a blantant promotional advertisement for it. Yes, there is a caution added that may or may not be perceived as a negative by the "reviewer" or "reporter". Yes, the author did spend much of the last third of the article covering this side of the product. However, it was quickly pointed out as "user error" and not necessarily a flaw of the product itself, which could easily be simply a disclaimer imbedded in a purely promotional piece to cover liability against its claims of superior performance.
    The first half of this article is written as if it came right off a sales slick. In fact, the first paragraph jumps right into a glowing statement of the product’s capabilities as if they were simple facts, rather than a reviewer’s opinions or conjecture.
    It may very well be that everything this reviewer said is, in fact, true and this was written entirely in his own words. But it reads too much like a free (or paid) plug scripted by Tenebril’s marketing department than an actual review. For this reason I will not go out and buy this product, at least until I’ve read some real reviews written by real users who did not write them for a "news" agency.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Security

Technewsworld Channels