CounterSpy v2.0

Discussion in 'other anti-malware software' started by DVD+R, Nov 18, 2006.

Thread Status:
Not open for further replies.
  1. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    I just tried this CounterSpy v2.0 BETA as it is at the moment, and at first I didnt notice much (If Any) difference at all, that is except for the download size 40MB compared with the 1.5.82 version 13MB. but what I did really notice is in Add/Remove Programs, the total installation size for CounterSpy 2.0 is 176MB :eek: "GOOD LORD" can someone explain why it has to be this size? surely to god that is a rather large size for a AntiSpyware program :ninja:
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Have you manually downloaded and installed any updates?That would do it.
    The update process is something that Sunbelt is working on in this beta.It's got a lot to do with the large size of CS 2.0.
     
  3. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    No not manually, the updates were incremented and applied by CounterSpy Autoupdater when I first installed the program, It said it was downloading and applying signatures.
     
  4. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    If you haven't yet,I would visit the Sunbelt beta forum.
    There's always a lot of info over there and assistance if you need it.
     
  5. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    The large installation size is due to the definition database SBTEDef.idx, which is 168MB for Definition #449.

    You can download the definition file separately, since the beta has a problem in merging the incremental defintions for some users.
     
  6. Rickster100

    Rickster100 Registered Member

    Joined:
    Sep 29, 2005
    Posts:
    152
    Location:
    United Kingdom
    Hello DVD+R,

    The CS 2.0 Beta is coming along rather nicely, I think its a great improvement over 1.5 even in its current form. Theres still a lot of work to be done on it, but they are continually fixing the bugs and issuing new prog updates a couple of times a month. Once they can get the bugs sorted it will definately be worth a look when its released, but it will probably not be until early next year at this stage. You will no doubt be a good addition to the Beta Testers team, looking forward to seeing you on the Beta Test Forum! ;) :thumb:

    Richie
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    Yes I also saw that the download size is 40 MB, what´s up with this, will this be changed or what? Because I refuse to load such a big file, I mean normally (unless super advanced), a security tool shouldn´t be this big. :cautious:
     
    Last edited: Nov 18, 2006
  8. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    The beta is big.No doubt about that.That doesn't mean that the final version of 2.0 will be anywhere near as big once it is all sorted out.;)
     
  9. alexeck

    alexeck Registered Member

    Joined:
    Dec 1, 2004
    Posts:
    33
    I agree, it is a large file. One major reason is an extensive whitelist that we include with CounterSpy to cut down on false positives. The result is that CounterSpy is quite good about false positives. Unfortunately, this means we have to ship a large dataset with the application.

    However, with that being said, we are on a mission to make the size significantly smaller. Many of the reductions will require optimization of both the engine and the database, and I don't see these changes occurring in the 2.0 release (doing that much code change so close to release is not the best idea). However, size optimization will make it in a follow-on release.

    Note that the size should not affect speed or general performance. The database is structured not to take excessive memory itself. It's largely an issue of bandwidth usage and size on disk.

    Economics works in your favor here btw-- it's quite costly for us to serve large. We're all on the same page here.

    With regard to the beta, we could use all the help we can get to thoroughly test the product. We've worked really hard to make a very powerful antimalware scanner and I would like as much feedback as possible. http://beta.sunbelt-software.com has the download link.

    As always, you can always email directly at alexe(at)sunbelt-software.com.

    Alex Eckelberry
    Sunbelt Software
     
  10. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I always was wondering about the size increase of the signature files for my AV programs. It takes longer to download the updates and each replacement is always larger than the earlier files because they add new signatures and don't remove any of the older ones even if they are not that commonly used by hackers. Eventually will you get a 100GB signature file that covers trillions of type of viruses, trojans, bots, etc.?:eek: :gack: o_O
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    @ ccsito, yeah I wondered about the same thing I mean all these signature files will eventually take a lot of diskspace, I assume? :blink:

    On topic: I decided to check out CS and on my virtual machine it really didn´t feel less light (resources) than the previous version, plus the active protection didn´t work correctly, it couldn´t spot changes to the "Winlogon section". And I´ve just read an review that it doesn´t really perform well when trying to remove malware. Overall I´m not really impressed at the moment. :rolleyes:
     
  12. alexeck

    alexeck Registered Member

    Joined:
    Dec 1, 2004
    Posts:
    33
    Rasheed, if you're not having good results, I'd like to hear more. It's still in beta and we can still fix things. You can email me directly at alexe(at)sunbelt-software.com or post on the beta forum (beta.sunbelt-software.com).

    Regarding performance, if you compare the memory footprint under TaskManager, the new version is _significantly_ smaller and more lightweight. There is always an overhead for the UI, which is also something we are going to be doing quite a bit of optimization to in the future.

    Regarding changes in WinLogon, we have done quite a bit to reduce the amount of chattiness in the Active Protection, to avoid users getting "pop-up fatigue". Instead, the default ("Cautious mode") is designed to look for dangerous behavior as well as signature-based detection. It would catch, for example, a bad program changing WinLogon, but perhaps not every single activity with WinLogon. As an example of the new Active Protection, go to Zango.com and download something with the Active Protection set to Cautious. It should immediately stop the install before it even executes.

    However, there is a Paranoid mode in Active Protection (under settings) which is quite a bit more aggressive and looks for everything. Feel free to play with that. The new Active Protection is all kernel based and we see everything that goes on in the OS. However, you can drive a user insane with pop-ups, so there is a balance in our implementation. It’s constantly being fine-tuned though, so if you have any ideas, let us know!
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    Well, I might as well admit that ´m just not into CounterSpy, I´m sure other people will love it but everyone is different. I´m not really happy with the whole look and feel, and even in paranoid mode it does not detect everything. Yes, you already explained why, but I like to be alerted about every possible malicious behavior even by "trusted apps", know what I mean? So good luck with v2, but it´s just not for me. ;)
     
Thread Status:
Not open for further replies.