There are a few other versions of this error doing the rounds, such as:

• 'svchost' has been built with an evaluation version of {smartassembly}, which has expired on Wednesday, 20 January 2010. You need to purchase a license of {smartassembly}.
• This application has been built with an evaluation version of {smartassembly}.
• Etc.

The dates vary, and aren't always reported in English, although that very much depends upon where you are, but the message probably appeared in a dialog box looking a bit like the one in Figure 1 below:

Figure 1. The error dialog showing that there's trouble at mill.

You've probably already worked out by now that this isn't a good thing, but first, let me assure you that you, as an end-user, most certainly do not need to buy {smartassembly}. We make it and we ought to know.

The bad news is that this means that your computer is infected with some sort of malware. How do I know this? Because svchost is a part of the Windows operating system; it's a common system process and, because of this, some malware will try to disguise itself by using the process name "svchost". For various technical reasons I also know for a fact that Microsoft don't use {smartassembly} on it. If you want to know a little more, take a look at this Wikipedia article:

http://en.wikipedia.org/wiki/Svchost

The individual or group who wrote the malware now residing on your computer were, not surprisingly, too cheap to pay for a license for {smartassembly}, and too inept to spot that using the evaluation version would pop up this message and thus conveniently blow their cover. Hmm. why is it that criminals are besmirched with this reputation for stupidity? Oh, it's just too taxing. I might need to go for a lie down in a darkened room whilst I ruminate on this terrifying conundrum. Yes, and bring me a cup of tea, would you please?

OK, end of rant. The great news here is that it should be pretty straightforward to fix, unless you've got some really exotic brand of malware, which seems unlikely given that the criminals involved couldn't even be bothered with the most basic testing before they unleashed their creation upon the world. right, sorry, I'm really going to stop that now.

In most cases all you need to do is download and run a spyware removal tool. You should also make sure you've got some top quality, up to date antivirus software installed. For simplicity's sake, I'd just go for a big name like Norton, Symantec, or ESET NOD32, which is what we use (and it's been great). There are free and open source alternatives but, frankly, if you consider yourself a novice user, or you simply don't want to be bored with the details, just shell out for something big, well-known, and well-trusted.

Anyway, back to the spyware removal tool. I'd recommend Spybot Search and Destory (Spybot from here in), which is free, pretty easy to use, and has always served me well. I have tried others, such as AdAware, in the past, but Spybot has always seemed to do the best job of getting rid of even the most tenacious infestations.

I'm not going to give you detailed instructions on how to use Spybot to clean up your computer, partly because I'm a bit short on time right now, but mainly because the product comes with plenty of its own documentation. I will give you a quick outline of the process.

But first I'm going to give you fairly detailed instructions on how to safely download the thing because, be warned, there are hacked versions and lookalikes out there that will cheerfully infect your computer with even more (probably much nastier) malware, so you need to be sure you download and install the real thing.

So.

The only safe place to download this tool is from the Safer Networking site at:

http://www.safer-networking.org/index2.html

Do not, I repeat DO NOT, download this tool from anywhere that isn't a file hosting mirror directly linked from this site. Definitely do not even think about using bittorrent or any other p2p network to download this software. If you do download it from anywhere else, as I've already said, your computer is practically guaranteed to be infected with more (probably much nastier) malware.

Once you've gone to the Safer Networking homepage, just click on one of the links on the right for a page in your preferred language (figure 2).

Figure 2. Choose a page in the language of your choice.

Now click the Download link at the top right of the page (has an icon that looks like a 3.5 inch floppy disk above it - figure 3).

Figure 3. Here are the links at the top right of the Spybot main page.

Now, scroll down past the donation and "Important Information" sections, to the "Download" section. Now click the Download link for the latest version of Spybot, which should be the first link in the list (figure 4).

Figure 4. Click the link to download the product itself - don't worry about the detection updates, because you can get Spybot to download them itself later.

Now you need to pick a mirror using one of the "Download here" buttons on the right of the page (figure 5), but be warned: it's an unfortunate fact that most of these sites carry adverts from companies who are just about unscrupulous enough to try to trick you into downloading the wrong piece of software. It's very annoying so don't be too hasty about clicking any download links, once you're past the list of mirrors, but if you read the page content carefully you should be able to figure out which is the right link easily enough. To illustrate the problem I'm talking about, take a look at figure 6, which is a shot of the download page on the fileforum.betanews.com mirror.

Figure 5. Pick a mirror site from which to download Spybot. You can pick one of the main mirrors, or scroll down the page for other mirror sites. Whichever site you choose, from this point onwards, proceed with caution.

Figure 6. A typical download page for Spybot S&D on one of the mirror sites. Don't get me wrong, I'm not saying there's anything wrong with "Advanced Registry Optimizer" as a piece of software, and I'm definitely not going to even imply that it contains malware but, even if I were being charitable, I might use a phrase like "more than a little bit cheeky" to describe the fact that they've made their ad look like it contains a download button for the software you're really interested in. If I were to be less charitable, I might just get a little bit Bill Hicks about their marketing department. Don't be fooled.

OK, once you click this download link the file should actually start to download. I know, a bit of a voyage, right? If there'll usually be some text on the page that says something like, "Downloading spybotsd162.exe. If your download does not start soon, click here." Give it a few moments, but if it doesn't kick off automatically you can safely click that link - watch out for even more unscrupulous ads on this page though.

Now you've safely downloaded it, this is where the detailed instructions end. What you need to do next is:

• Install the software you've just downloaded by running spybotsd162.exe. You'll probably get one or more security warnings, but it's fine to continue.
• Run Spybot, either by starting it directly after installation, or via the Start menu.
• Have Spybot update itself.
• Now have it make a backup of your registry just in case something goes wrong (don't worry, it probably won't - if it does you can restore the registry backup and all should be hunky dory again).
• Get it to run a scan.
• Once it's done, you can choose the problems you want to fix - generally I just choose to fix everything.
• It'll probably need you to restart your machine to fix some of the problems. Do this. You'll be asked if you're happy for Spybot to run again on start-up.
• Restart your computer.
• Spybot will run another scan and fix any other problems you choose.
• Congratulations! Your computer should be clean.

A couple of things. Firstly, if you're in any doubt about how to use Spybot, start it up, then just read the Help until you're sure. It's not difficult to use, but it's better to be safe than sorry. Secondly, Spybot is not absolutely guaranteed to find and fix all problems, so you might want somebody who knows what they're doing to take a look at your PC anyway.

Hopefully you're now spyware free, and the {smartassembly} evaluation version message has disappeared.

Earlier today we released {smartassembly} 4.2. You can download it from:

http://www.smartassembly.com/download/index.aspx

This release, which has been available as a private build for a while, contains support for .NET 4.0 beta 2, and XNA 3.1.

We've also made a few changes to the smartassembly.com website, mainly to try to make it easier for you to find product documentation. The most notable is the addition of links on the support homepage to all of the PDF documentation for the product:

http://www.smartassembly.com/support/index.aspx

The most recent data I've received from our support team shows that a lot of people were struggling to find the information they needed about the product on the website, so I hope that in the short term this will help.

In the longer term, we'll be bringing {smartassembly} onto the main Red Gate website, and fully integrating the business into Red Gate. This includes all documentation and support functions. Whilst we're still pulling together the project team for this, work has already begun, and we aim to have the process completed in Q2 this year. As part of this release, we're also aiming to fix a large number of the bugs that have been reported by you over the past four months, and improve the usability of the product based on the results of the tests we've been doing.

If you're already a {smartassembly} customer you should find the transition relatively painless, and we'll obviously keep you abreast of developments in the meantime.

In the meantime, if you'd be willing to talk to us about your experience with the product, please email me directly at bart.read@red-gate.com.

2009 was a busy year for us: yet another complete rewrite with ANTS Memory Profiler 5, a new profiling mode in ANTS Performance Profiler 5, the {smartassembly} acquisition, most of the work done for .NET Reflector 6 and .NET Reflector Pro, which allows you to debug into third party code just as if it were your own - we're now into heavy pre-release bug-fixing - and starting work on ANTS Performance Profiler 6, including a brand new, and very fast, sampling mode. On top of this we released a new version of Exception Hunter, including a brand new source code view showing exactly where exceptions are thrown, and an option to only include documented exceptions. We also kicked out several patch releases of the performance profiler which we used to make significant improvements to IIS and ASP.NET profiling support - our next big focus related to this is Sharepoint, so look for this in ANTS Performance Profiler 6.

Both .NET Reflector 6/.NET Reflector Pro, and ANTS Performance Profiler 6 are already available to try in the form of early access builds. If you haven't taken the time to look at them yet I'd highly recommend you do so. You can get them from:

http://bit.ly/5UveA7

and

http://bit.ly/8G5FYQ

respectively.

.NET Reflector will be released late in February, with ANTS Performance Profiler 6 following later in the year. We want to include .NET 4.0 and Silverlight 4 support with ANTS Performance Profiler 6, so we're rather tied to Microsoft's release schedule unfortunately. One of the other great things about this release is that we'll finally offer support for attaching the profiler to a running process in sampling mode, which is often a must for profiling production systems, and is something a lot of you have been rightly clamouring for.

Going back to .NET Reflector 6, we intend to continue supporting the Mono runtime, however we've run into "a bit of a glitch", which has temporarily derailed our plans. I won't go into details here, because I've talked about this on the Mono forums at http://bit.ly/7sbB77, but the short version is that until we've fixed this problem with v6 we will continue to provide 5.1.x builds that run on Mono. It's all a bit of a pain, but not the end of the world. In the meantime, let me apologise for any hassle it might cause you.

In addition, we're starting work on a new major release of {smartassembly} which will pull the product more in line with the rest of our product range, allow us to fix a raft of problems reported by customers, and include support for the final release of .NET 4.0. As with our other tools we'll be conducting remote usability trials of new builds so, if you're interested, please drop an email to usability@red-gate.com.

ANTS Memory Profiler 5 has gone down a storm, and we're already looking at how we can improve the tool further to make it even easier to track down memory problems in .NET code. Please keep the feedback coming - we really do need it to make our tools solve the problems that you encounter on a day to day basis. Please post any comments you have on the forum at http://bit.ly/8hOjyT.

I said at the beginning that 2009 was busy, but I think 2010 will be busier, with major releases of .NET Reflector, {smartassembly}, and ANTS Performance Profiler on the cards just within the first few months of the year.

Finally, and on a slightly tangential note, Red Gate is currently hiring: if you're a talented software developer looking for a new job and you'd like to work for an exciting company developing cool software then we're looking for you. Take a look here to find out more: http://bit.ly/5SL6g7.

Happy New Year!

Yes, you can. There are two possible approaches, both of which utilise add-ins to .NET Reflector.

The first, assuming that you've lost the source code, is to decompile back to source, edit the source code you need to change, and then recompile. If this is what you want to do, please refer to the information at:

http://www.simple-talk.com/community/blogs/bart/archive/2009/07/30/74199.aspx

Bear in mind that .NET Reflector's decompilation support isn't perfect-see http://www.simple-talk.com/community/blogs/bart/archive/2009/07/30/74203.aspx for more information-so you'll probably have to do some, and possibly quite a lot of, spade work to get the code to recompile successfully.

The second, and possibly better, approach is to use Sebastien Lebreton's Reflexil add-in, which you can find at:

http://sebastien.lebreton.free.fr/reflexil/

Reflexil supports direct editing of the IL, as well as injection of C# and VB code on the fly.

Yes, it absolutely is, but you'll need to install Jason Haley's AssemblyCollection.Sort add-in. You can find this on Jason's site here:

http://jasonhaley.com/addins/

If you're unsure how to go about installing add-ins, please refer to Andrew Clarke's article on using .NET Reflector add-ins at:

http://www.simple-talk.com/dotnet/.net-tools/using-.net-reflector-add-ins/

Many methods in .NET code are overloaded. For example, the PipeStream method on the StreamPiper class, in figure 1, has four overloads.

Figure 1. The .NET Reflector browser, showing overloads of the PipeStream method on the StreamPiper class.

So, when you find one of these methods used in the decompiled source code, how do you know which overload is being called, other than by guessing, perhaps by looking at the number of parameters passed to the method?

Fortunately, this is fairly straightforward: just hover your mouse cursor over the method invocation, and .NET Reflector will pop up a tooltip telling you which overload is being called, as shown in figure 2, below.

Figure 2. Decompiled source in the Disassembler pane with a tooltip showing which overload of the PipeStream method is being called. This example shows C#, however this also works for other languages.

Occasionally people ask us if we can further annotate invocations to overloaded methods, however there are a couple of problems with this. The first is that, unless we annotated with comments, there would be no chance of the code compiling, which would be a problem if you were trying to recover it. The second follows on from the first: any annotations would seriously interfere with the readability of the generated source code, simply because of the number of overloaded methods in most .NET code.

The best way to report a bug in an add-in is to contact the add-in author directly. Andrew Clarke maintains a list of add-ins, along with links to their homepages here:

http://www.simple-talk.com/dotnet/.net-tools/using-.net-reflector-add-ins/

You should be able to contact add-in authors via the homepages for their add-ins. If the add-in is hosted on CodePlex, you can contact them directly via the CodePlex site. The .NET Reflector add-ins on CodePlex are all available via this page:

http://www.codeplex.com/reflectoraddins

Andrew Clarke has written an excellent article describing how to install .NET Reflector add-ins, as well as listing many of the available add-ins, along with the functionality they offer. You can find it here:

http://www.simple-talk.com/dotnet/.net-tools/using-.net-reflector-add-ins/