It has been a busy few months on the Anti-Spyware team, and I have learned a lot about the product while supporting millions of users in a newsgroup format. Here is a cool feature I ran into the other day…executing antispyware with switches through the command line!

To do this, open up a command prompt and change to the c:\program files\microsoft antispyware directory. Then use the switches below:

GIANTAntiSpywareMain.exe [-parameters] [-parameters]

-update : start an update check

-scan : scan [-optional scan parameters]

Optional scan parameters:   [-withMainUI]
                            [-schedule]
                            [-withUI]
                            [-withResultUI]

Here is an example: “GIANTAntiSpywareMain.exe -scan –withui -withresultsui -schedule ”

Feel free to play with the switches and let me know if it is beneficial to be able to do this.

Just a few minutes ago, we released the latest build of Windows Antispyware to the public. This build will resolve issues which will make using this product better for users. Starting today, users will start to see the automatic update mechanism fire off and advise users know they have a new update available. Some of the big improvements are:

1)      Software expiration will be extended to December 31, 2005.

2)      Alerts Moving Quickly Across the Screen : Messages which move quickly off the screen when the start bar is not docked horizontally are also fixed. Users who dock their start bar on the sides of their screen will now be able to read messages generated from Microsoft Windows AntiSpyware (beta).

This issue is what we dubbed the “Flying Toast Issue” and one which I was passionate about getting fixed in this refresh build.

3)      Support for Long Descriptions:  Users of older builds only have access to the short descriptions which ship as part of the signatures. These short descriptions only provide limited information about potentially unwanted software. Long descriptions in build 613 will help users by giving them more information about the potentially unwanted software detected on their PCs.

4)      Improved Winsock LSP removal mechanism:  In some cases, removing spyware LSPs, or can disrupt network functionality. Through enhancements made in this beta refresh, we’ve lessened the chance that this problem will occur.

This is a very exciting release, and one which will greatly improve the user experience on this excellent product.

-steve

Today when I came in to the office, I was made aware of an issue which stated that a Microsoft Representative was quoted as saying Windows AntiSpyware would no longer be available for free.

The statement quoted in many forums is not true.

As we have been saying since day one, Microsoft Windows AntiSpyware will be available at no charge to licensed users of Windows. Users who validate their Windows install through WGA will be allowed to download the AntiSpyware beta, as well as the full standalone version of AntiSpyware when it releases to the web. This has not changed since Bill Gates announced this information at the RSA conference in February. The enterprise version of Windows AntiSpyware is targeted to companies who want to centrally manage their Windows AntiSpyware infrastructure. The enterprise version of Windows AntiSpyware will be available for a cost (which has not been determined yet).  For users who want more services including AntiVirus, computer backup, and AntiSpyware we will be offering Windows OneCare live. Windows OneCare Live is currently in beta, but when it releases to the web it will be available to users with a cost.

There are many exciting security offerings coming from Microsoft over the next year and I am just glad they let me blog about these exciting things happening at Microsoft!

As a user of many anti-spyware applications over the years, one item has always bothered me when removed by antispyware applications. That item is "tracking" cookies. Many people in the industry know what cookies are, and how they can be used, but I do not think my parents would know anything about cookies. In my opinion, the industry has created a scare tactic in order to make a "problem" seem worse than it really is. I see this a lot when people are reporting that one program is better than another in respect to cookies. I really do not see how someone can make that argument. I can write a program which deletes n+1 files if I want until I reach a point where there are no more files to delete.

So why is this a problem?? Users do not know what files are good or bad, and therefore rely on the application to determine this for them. But if I am the programmer for another application, I could delete all good and bad files and then say... " We delete more files than Product X." The end user then says... "Of course..I want the other product...more is better!!" These users will then end up losing some settings which were never malicious in the first place. This leads me to the last thought...

Cookies by themselves are not malicious; they are text files with settings. Cookies can be a part of some application which calls on the text file in order to send information to a 3rd party, but end the end, they are only text files. In order for "tracking" cookies to be of use, a corresponding application needs to be running in the background and grab information off this file. I think this is where anti-spyware applications need to be focusing their efforts - removal of the application which uses these text files instead of blowing away all good and bad cookies.

I think the cookie argument will go on for a while, but as long as the end user cannot discern what is good versus what is bad, the industry needs to work on improving the logic of removing applications as opposed to deleting all cookies.