The new method TeaTimer uses to inform the user about its actions has caused some controversy recently, so we thought some kind of explanation would be useful.

The decision to use balloon tooltips to display the progress was made because they're a Windows standard for informing the user, and following standards is in general regarded as making things easier for the user. Informing about scanned processes was also kind of important for people who did not understand what TeaTimer was doing on startup.

The tray icon also allows to disable any future balloons from its context menu, so they were purely optional. Sadly, so far many users did not look for this option, but came asking for a way to get rid of them, so we feel a change to make it more evident might be necessary.

We also did not expect the combination of an unlucky implementation of balloons in Windows 2000 with users who haven't dealed with tooltips yet. On Windows XP, these balloons contain a visible X than can be clicked to close them. On Windows 2000, you can simple click the balloon itself anywhere to close it, which is not as evident, and the reaction takes some time while TeaTimer is scanning.

Balloons also vanish after a specified amount of time, which we have set to a small value to work immediately. Again, Windows 2000 is a bit unlucky there because is does not count this time down when the user is not actively using the computer. Nice thought, but not fully compatible with the intention behind the TeaTimer messages.

While we prepare a workaround that makes balloon messages easier to understand and get rid of for Windows 2000 users, TeaTimer and main application updates are disabled. Expect an update within a week.

With the release of Spybot-S&D 1.6, our detectives have spent some hard time implementing some of the new technologies to improve Virtumonde detections, increasing our detection range by more than 40% to now more than quarter of a million detection patterns to identify more than one million fingerprints.

Virtumonde (also known as the Vundo Trojan) is a Trojan horse that is known to cause popups and advertising for rogue antispyware programs. It also causes other misbehavior, including performance degredation and denial of service with some websites including Google. It attaches to the system using bogus BHO's (Browser Helper Objects) and DLL files attached to Winlogon and Windows Explorer.

To profit from these improvements, we recommend that you update to Spybot - Search & Destroy 1.6, which will be available through the update function integrated into the application as well starting today, as soon as possible.

And, if you still have any problems regarding Virtumonde please feel free to visit our forum or e-mail our detections department.

Time for an update! To keep up with the latest threats, and solve some issues and feature requests users had, we're proud to announce Spybot-S&D version 1.6. Some of the features include:

Improved Scan Speed

Reported a few weeks ago as one of the big issues users face, Spybot-S&D 1.6 integrates parts of the future 2.0 file scanning engine to speed up the on-demand scan.

Up-to-date browser support

Both immunization and the on-demand scan are able to access a dozen different browsers, which now include the latest revisions of the most popular ones, Firefox and Opera.

Easier On-Access Use

Until now, our on-access part was able to block bad entries, but at the same time, confused many novice users by asking for confirmation on changes of other monitored system entries as well. While this is a great feature for all experienced users who want full control over their systems, we decided that we need to make this easier for the average user, and integrated automated decisions based on the system entry database built through our RunAlyzer, containing more than quarter of a million decisions.

OpenSBI

Safer Networking also announces OpenSBI, our attempt at opening up the fight against malware to anyone who wants to participate. OpenSBI means we've published documentation and tools that anyone can use to create their own malware detection patterns for use with Spybot-S&D, and share those with other Spybot-S&D users.

• Diversity - everyone can create detection templates for any software, without depending on a central authority to acknowledge its threat.
• Neutrality - we cannot be bought to remove detections from our database, but if you do not believe us, you can simply publish your own rules against some malware.
• Continuity - OpenSBI ensures that you'll get updates as long as someone is interested in updating the database (which does not mean we intend to do less work in adding new detections).
• Flexibility - as a system administrator using the network edition, you can make sure that working time is not wasted by employees playing the latest Moorhuhn clone if you add your own detection for it. Keep in mind that some relaxation is said to even improve work results.

And quite a lot more bug fixes and new features, which can be found on bug tracker.