Aw dawg, this is just my whateva-whateva site.

Every second Tuesday of each month an update of the Windows Malicious Software Removal Tool (aka MSRT) is released.

It is a very useful little tool that can detect and remove a growing number of viruses, worms, trojans and rootkits. And the best part of it is that is free. ‘Free?’ I hear you say, ‘from Microsoft?’ And the answer is, perhaps surprisingly, ‘Yes, it is!’

According to Microsoft the tool has been used a staggering 2.7 billion times and in doing so it detected and removed 16 million instances of malware from 5.7 million infected computers. In most cases the Windows Malicious Software Removal Tool removed just one single malware variant from a computer but in some cases it has removed dozens and even hundreds of malware variants from computers. This last number can be easily explained by the fact that a backdoor can download lots of other malicious programs.

How do they know, you wonder? Well, just like the error reports you voluntarily should send to Microsoft when your computer experiences a serious problem and has to shut down, the Microsoft Malicious Software Removal Tool will send a report to Microsoft with just the basic information about the malware it detected and removed. And just like you should never disable the error reporting service, you should never stop this tool from reporting its findings to Microsoft. Both send no identifiable personal info about you or your computer to Microsoft.

Using this information Microsoft recently published a report in which some interesting points are made.

It transpired that instances of an infection dramatically fell after a particular infection was added to the Microsoft Malicious Removal Tool. Some families of malware experienced decreases greater than 75%. Well, they would, wouldn’t they? Because people only use this program if and when their computers were infected.

Microsoft doesn’t make any comments about how it is possible that all that malware wasn’t blocked, detected or removed in the first place by an up-to-date anti-virus and anti-spyware product. Even now, after so much publicity and crashed computers, people are still strangely complacent about their security and privacy.

Vista build 5728 publicly released

Since 0.57.7 is incapable of reporting Win32 errors, has no logging facility, and has various bugs (Win2k 'version.dll' access violation, etc), it has been deprecated in favor of the latest v0.60 beta until Dial-a-fix v1.0 is finalized (which will take me forever to finish). Please visit the Dial-a-fix v0.60 Wiki article and download Dial-a-fix there.

I have redirected the download locations for all forms of v0.57.7 to this post.

I have also updated Dial-a-fix v0.60 to v0.60.0.16 to bring it up to speed a little bit (and remove the Repair permissions bug where it has the potential to remove limited user accounts from the Windows XP welcome screen — they still existed as users, however).

Do not use Dial-a-fix v0.57.7.

Thank you.

You can now request a free Windows Vista RC1 product key, and then download the Windows Vista DVD ISO. A valid Passport account is required. The evaluation version of Windows Vista is good until June 1st, 2007, which is months after Vista makes it to retail stores. Each product key is good for 10 computers.

The type of browser you use depends usually more on your personal preferences than, say, issues of security. Internet Explorer is widely credited with design flaws that constantly need patching. Switching to Firefox is an obvious move because that is less prone to malicious attacks. The problem is that Firefox is technically still in beta and some people don't want to experience the faults that are inherent to beta products.

And so others move in. One of the new players is a browser called Browzar.

Browzar claims to eliminate all traces of your web activities and it has taken a lot of flak over that very bold claim and other issues.

A test by SpywareInfo revealed that the first claim is not entirely correct. SpywareInfo was able to find a copy of the last page visited in the browser cache. They also found some cached objects, saved by the Java plug-in. It did not save cookies or URL history, as far as they could tell.

See the entire article here.

Another problem are persistent claims that Browzar itself is spyware. This is not quite true but it does open to a hard-coded start page and that start page is a pay-per-click search engine.
SpywareInfo writes that there is no way to change that start page to a different address or, for that matter, any other options. It also has a search bar that uses the same search engine.

Roger Karlsson (creator of Bazooka and Koffix Blocker) has found a solution for the above problem by using a Hex editor. Take a look at his solution for changing Browzar's start page.

I suggest that any remaining people using Dial-a-fix v0.57.7 should migrate to the current v0.60 beta until I have a public build of v1.0. No one should really be using v0.57.7 any more. There are issues with v0.57.7 that have already been resolved (such as Access Violations in version.dll/the mscoree.dll hang) and they are listed on the wiki in the Known Issues section. Please be familiar with this.

I'm going to redesign the log pane again – it looks neat as it is, but it is not productive enough for my tastes, and it takes up a lot of space in the code. I'm going to be adding Unicode capabilities and translation capabilities as well, and those are going to add even more to the code.

After all is said and done, I expect Dial-a-fix v1.0 to be over 2 megabytes (!). Since Dial-a-fix contains no shared code, and the only other penalty (that I know of – unless I'm mistaken) for PE compression is a slower start up time, I'm going to continue to use UPX to pack Dial-a-fix's .exe. I expect this to cut the size down more than half.