No Zytrons In Range

I have no idea why I visit or post to Slashdot.

There was an article up a couple days ago about a new open source multiplayer FPS game. I like multiplayer FPS games, and I like free things, so I thought I’d give it a try. Big mistake.

After one of the game developers (“qreeves”) received a lot of negative comments about the game, he posted a plea for fair treatment. So here it is.

The game was actually not that bad, but the website was abysmal. Anyway, after struggling for over 15 minutes just to figure out how to download the game, there was the following exchange:

My Challenge to Slashdot Users (Score:2, Insightful)
by qreeves (1363277) Alter Relationship on 09:31 AM February 26th, 2009 (#27000285) Homepage

I’ve noticed quite alot of misinformation and negativity from the users of Slashdot, and I must say that I am quite disappointed by it. Geeks are supposed to be intelligent people with thought out answers and responses, and it seems to me everyone who comments either did not bother to try the game at all, or find some other off-topic fault to complain about.

I have worked in Open Source for a decade now, and this is the reason most developers become jaded and rude to their users – nothing else. You all want Free and Open Source Software, but where is your empathy? What do we get out of it other than an earful of crap? Please wake up to yourselves and do something to benefit the community for once, rather than idly making rude remarks to inflate your own sense of ego.

My challenge to you all is this: Actually play the game and come up with some constructive criticism. Otherwise, please just ignore this post and move along.

Re:My Challenge to Slashdot Users (Score:2)
by Blakey Rat (99501) on 12:12 PM February 26th, 2009 (#27002825)

The download link on the website doesn’t work. It took me 15 minutes to find how to download the game, and that’s only because I was deconstructing how terrible the website actually was (so I could talk about it to some co-workers.)

In short, what did you expect would happen? You couldn’t be bothered to test whether your own website works, and it’s *our* fault you’re seeing negativity.

Re:My Challenge to Slashdot Users (Score:1)
by qreeves (1363277) Alter Relationship on 06:46 PM February 26th, 2009 (#27007683) Homepage

You’re still not providing any useful feedback. I can only test it on so many configurations considering my limited access to everything under the sun.

Re:My Challenge to Slashdot Users (Score:2)
by Blakey Rat (99501) on 08:40 PM February 26th, 2009 (#27008305)

Dude.

The download link, on the website, does not work. The website. It’s HTML, it’s the same for every platform. It doesn’t work. Does. Not. Work. Clicking it does not begin a download, instead it takes you to the release notes. Every platform’s download link does this. If you think the download link works, you’re living in some bizarre fantasy-land full of flowers and daisies. How is that not useful feedback?

It took me something like 15 minutes to figure out how to download the game. But since I did, WTF, here we go:

1) Is the name of the game “Blood Frontier” or “BloodFrontier?” The website has it one way, my Windows Start menu the other way.
2) On first startup, the game sets the resolution of my main monitor to … something, and also blanks out my secondary monitor for no reason whatsoever. Despite changing the resolution, it still runs in a letterbox, which prompts me to ask what the hell the point of changing the resolution was. Kudos on it correctly handling Alt-Tab, however.
3) When I’m typing in my username, and I press shift to capitalize a letter, my “character” seems to duck down, even though I’m typing in a username and not actually playing… WTF?
4) When I’m done typing in my username, nothing happens? I think I’m in a game, but there’s no other players, and no way of figuring out how to get to the menu. (Turns out escape, or walking up to the bank of monitors, does it. If I were new to the world of FPS games, I’d have no idea either of those two options existed.)
5) The font used for menus is almost unreadable on my monitor. It has some kind of shadow effect, and it’s really tiny.
6) Turning off “fullscreen” in options/display does nothing. (Although the option stays unchecked.)
7) Changing the game resolution in options/”gfx” does nothing. The resolution you check doesn’t even stay checked. Some quality settings are in “gfx”, others are in “display” with no apparent rhyme or reason.
9) You can’t simply set all options to “slow and pretty” by clicking the text that says “slow and pretty” in options/”gfx”. That would be too easy. So would auto-detecting what my hardware is capable of, apparently, since it’s running at 120+ FPS in the default configuration.
10) The radio buttons in options/mouse are backwards. For some reason, the COLUMNS are labeled “fixed, panned, free” yet the rows are labeled as the specific mouse mode you’re setting. Actually, this might make sense if it were presented as a single table of radios instead of three columns next to each other, but as-is it’s pretty unusable. (You also have to ask: how many people will change this? Seriously? I doubt it’s enough to warrant the code to support it.)
11) While speaking about options, the tabs at the top don’t give any sort of mouse “grace period”, therefore it takes very deliberate mouse movements (vertically straight down, then left) to interact with the options. If you move your mouse quickly, like a normal rational person does, the tab will be accidentally changed before your mouse pointer reaches the option you want to change.
12) Also, there’s no tooltip telling me what the hell some of these options are. “Absolute mouse?” “Mumble positional audio?” “stencil bits?” … uh, WTF are those? “Yes, please, I’d like the positional audio to mumble. I hate it when it’s too clear.”
13) Autoexec.cfg? Seriously? Did I go back in time 15 years to when this crap was acceptable?
14) To start a bot match, I go to “Game” and click “Vote?” WTF.
15) And why is there a “mystery map” in the middle of the maps list? Does this mean randomly select a map? If so, why is there a text field next to it? What do I type in the text field? “Yes, I would like a random map please!” was my guess, but it did nothing.
16) The “Get online support” option under “Help” does… some… confusing… thing. I suppose this is the IRC interface? (It’s hard to tell because I can’t read the damned font.)
17) It says “if you do not agree please part now.” Part what? Do you mean DEpart? Also, how do I do that? There’s no X button or any visible way of closing the IRC window. (Although escape seemed to work. For all I know, that just hides it and doesn’t exit it.) … Oh wait, I’m still seeing people’s chat, presumably in IRC, so I guess “escape” didn’t exit it.
18) My game is still in the intro/menu level, and the message says: “Please Wait, Ready to respawn.” Ok, but how? Left-clicking does nothing. Right-clicking does nothing. Space does nothing. What would be the point of respawning in an empty map anyway, except to walk up to the monitors to see the menu again? (Also, how did I die on an empty map with no enemies?)
19) While I’m in observer mode, I can pass the camera though solid objects. (Possibly intentional, but it looks like crap on screen because of the clipping.) If you’re going to let the camera pass through solid objects, follow the example of most games and make the object translucent proportionally to how close the camera is, then entirely transparent when the camera “enters” it.
20) While I’m in observer mode, the menu no longer opens when I bring the camera close to the monitors.
21) Opening the “Servers” menu doesn’t ping the servers by default. What the hell else are people going to open this menu for? It should just do it.
22) Of the 5 servers running, one is me. One is labelled “v156 != v157″ which I assume is a version mismatch error, but who the hell knows. 3 are empty.
23) 1 player. The server has 1 player, and that’s it. And it’s me. Hard to play-test a multiplayer game when there’s nobody playing! Shadowrun has a more active community, and it sucks.
24) So I join an empty server, other than my own. There’s a map marker named “base” which is off-screen, apparently. No matter which way I turn, it’s always stuck against the top or bottom of the screen.
25) Grenades fly in a straight line, apparently not subject to gravity.

There, 25 pieces of feedback, and I didn’t even play against an actual human. Happy?

Re:My Challenge to Slashdot Users (Score:1)
by qreeves (1363277) Alter Relationship on 12:21 AM February 27th, 2009 (#27009313) Homepage

14:17.19 * Blakeyrat (n=Blakeyra@pool-71-113-17-244.sttlwa.dsl-w.verizon.net) joined
14:24.31 [+bfbot] Blakeyrat has joined the game
14:28.36 [+bfbot] Blakeyrat has left the game
14:28.36 * Blakeyrat (n=Blakeyra@pool-71-113-17-244.sttlwa.dsl-w.verizon.net) quit (“Blood Frontier, It’s bloody fun! www.bloodfrontier.com”)

Yeah buddy, you really gave it a chance.. So no, I am not happy; your feedback is done with malice and spite. While you make valid points; for a beta you are just nitpicking. You made no attempt to talk to us or work out how to do things, you’re just too self involved to care. I’m not afraid to say these truthful things either; people like you, we do not need – people who are helpful; they’re more than welcome.

Re:My Challenge to Slashdot Users (Score:2)
by Blakey Rat (99501) on 06:14 AM February 27th, 2009 (#27011083)

Wait, I played, according to your IRC log, 11 minutes on an EMPTY SERVER (a server with NO OTHER PLAYERS), and I didn’t give it a chance? What’s the typical user behavior when joining empty servers? Sticking around for an hour? Three hours? What’s the cutoff for me having “given it a chance?”

Look, I’m trying to test a multiplayer game, there’s no players. It took me 15 minutes to figure out how to download the damned thing. As pointed out in the issues I brought up, which you apparently don’t care about despite (most of them) being valid bugs, the usability of your game is abysmal. Arguably the two most important functions for a game (changing to Windowed mode, and changing the game resolution) simply *do not work.* The menu text is impossible to read. Maybe I’m an old fogey with bad eyes, but it’s impossible to read.

We’re talking about a game that is, supposedly, in beta and you don’t even know what the NAME of it is. (“BloodFrontier?” or “Blood Frontier?”)

I think I’ve jumped through about a dozen more hoops than anybody should EVER have to jump through to test a beta product, and you just come back with: “oh well you only played for 11 minutes.” Dude, 11 minutes of this shitty game with no players is an ETERNITY.

Oh well, just like every experience with open source, it just encourages me to never, ever help open source programmers. You simply do not give a crap about the quality of your product. Someone points out tons of low-hanging-fruit bugs, and you just reply with “oh well you weren’t serious.” Screw that.

Do I come across as a jerk? Yah. I am a jerk most of the time. But that list of bugs, they’re all valid. And people who will get Slashdot to post an article to thousands of people before even checking that their own website works, those people piss me off. What a colossal waste of time.

I did a Google search for the acronym “FFA” today to figure out what it means other than Future Farmers of America, and I noticed something really weird about the results.

Take a look at page 3 of the results:

Notice the bottom-most entry on page 3 is Football Federation Australia. Fair enough. But when I kept clicking on, I noticed that Football Federation Australia was also the bottom-most result on page 4, and 5, and 6, and 7, and 10:

and 20:

and 29:

but not 30:

The bottom-most result on every page of results from page 3 to page 29 is Football Federation Australia.

What’s going on here? Is the bottom-most entry on each page actually a sponsored link? (It’s not labeled as one on the page at all, if so!) Is this some weird bug having to do with the SearchWiki feature? Or maybe it’s a plain ol’ bug that’s been around for ages.

Behold: the Bacon Explosion.

Here’s the changes I made from the recipe:

• I substituted Mexican chorizo for Italian sausage.
• I used pre-cooked bacon pieces from the grocery store for the center of the explosion, instead of cooking my own bacon. Due to lazy.

The ingredients! I didn’t end up using the BBQ sauce, since the chorizo didn’t lend itself to BBQ-ing up.

My first ever bacon weave.

Bacon weave with seasoning.

And covered in chorizo sausage.

Then the layer of bacon pieces in the middle.

The sausage rolled-up.

And the bacon rolled around it.

In my little baking sheet. Note to self: use bigger sheet next time.

Thermometer to make sure I don’t kill myself and others with bacteria. (The alarm was set to 175 degrees, not the 132 shown in the photo!)

The explosion lying in a giant pool of chorizo grease.

The left end cut off and put on a bun. I had to eat a slice right away, as it didn’t fit on the plate otherwise. The end piece in the photo is 80% bacon.

How’d it come out? Let’s just say: mistakes were made. The bacon isn’t weaved tight enough, the chorizo is too spicy and overpowers the bacon taste, and it never really solidified the way I’d have liked.

But, hey, nothing’s perfect on the first attempt, and it’s more than edible on a bun. And it’s without a doubt the most fattening and disgusting thing I’ve ever put in my oven. So that’s a bonus. And the bacon was on sale.

I won’t gush on and on about what a genius, mind-bending, ahead-of-its-time series Patrick McGoohan’s “The Prisoner” was. It’s available on the web, please watch it if you haven’t before, it’s truly amazing and deserves your attention.

Patrick McGoohan’s death is a tremendous loss. Be seeing you, Number Six.

Much like Sonic the Hedgehog in 2007, Prince of Persia shares a name with the 20-year-old original. I suppose that means it’s a “reboot” of the series although (full disclosure here) I haven’t played any Prince of Persia games since Sands of Time on the old school Xbox. (That said, I have played both of the original 2D games, so I got street cred.) It’s not just a reboot, it seems to actively taunt the player by actually making fun of Sands of Time—Farah is a donkey in this game! Bastards.

Prince of Persia also discards Sands of Time’s “rewind” mechanic in exchange for a pretty interesting variation: you can’t die. Whenever the Prince falls off a ledge, or gets struck too many times in combat, Eilka restores him back to life as good as new. When jumping and climbing, this means you’re reset to the last piece of solid ground you were standing on before you died. If you were in combat, you and the enemy reset back to your original positions and the enemy regains some health.
Oh, in addition to not being able to die, there’s no health meter in the game. Instead, powerful hits from enemies will make you vulnerable for a short period of time, indicated by a red glow on the edges of the screen. If you’re hit while you’re vulnerable, that’s when the combat resets.

These two factors lead to an extremely uncluttered appearance to the game: there’s no UI at all to ruin your immersion. With only one huge, huge, exception. Some of the bosses spit what I can only assume is tobacco juice, not at the Prince, but at the camera of the game. This obscures the camera, making it hard to see what the hell’s going on, which I suppose was the point. More to the point, though, it makes the player aware of the camera, effectively breaking the fourth wall. Boo.

(Back in “the day” when 3D games were still a pretty new and crazy invention, one of the selling features of many games was that their graphics were so good, the game engine would actually render lens flares when the camera was aimed at a bright light source. It’s a great graphics demo; lens flares require multiple transparent layers and lots of math to draw correctly. And, if you don’t think too hard about it, it makes the scene look more “real.” The problem is that if you do think about it, it doesn’t make the scene more “real” at all; it just makes it look as if it’s being recorded by some non-existent lens in some non-existent camera. In fact, the programmers of these game engines were expending massive effort simulating something that actual photographers try to avoid. Crazy.)

Gameplay consists of 70% running, jumping, climbing, etc. about 20% fighting stuff with a sword and about 10% solving moronic puzzles you’ve solved 500 times before in every game you’ve ever played. Environments consist of a lot of cliffs, columns, hooks, magical rocket-y things that I think they stole from Sonic the Hedgehog, and ladders. And of course, no floors. This Prince has more moves than the Sands of Time one, including one where he can run upside-down along a roof which makes no goddamned sense at all. Oh and he has some claw thing on his hand he can use to slide safely down vertical surfaces.

Combat consists of four basic moves: sword, gauntlet, acrobatic, and magic (performed by Elika), which can be used in various combinations to defeat enemies. The general tactic harks back to the original 2D Prince of Persia, where you block the opponent’s attacks until you have an opening to hit him, then string together as many moves as you can. The gauntlet can be used to toss enemies in the air, allowing you to hit them with another type of attack on the way down. In addition to attacking monsters directly, you can force them off platforms and laugh manically as they fall to their deaths, which frankly is a real time-saver.

The puzzles are moronic, and you’ve solved them 500 times before in every game you’ve ever played.

Prince of Persia takes place in an open map, and you have more-or-less complete freedom to go where you like in it. There are a bunch of fertile grounds, which can be tackled in (almost) any order, so if you’re stuck on one boss, just take off and move to another one. You can also fast-travel between fertile grounds you’ve completed. The one exception is that some of the fertile grounds are “locked” until you collect enough glowy-things for Elika to magically unlock them, but you’ll come across more than enough glowy-things during normal play and you shouldn’t have to spend any time grinding for them.

Now to the story: it sucks on toast. The Prince sounds like a total douche, partly because his voice was recorded by a total douche (or at least a voice actor who is very good at emulating a total douche), but mostly because his dialog was written by a total douche. And to make things worse, he jabbers on constantly. Not only that, but the game nags you if you don’t trigger the horrible dialog on a regular basis. Supposedly, listening to Prince Douchebag can reveal tricks or tactics to use on the next boss, but in practice you’ll either purposefully never trigger the dialog, or you’ll be too busy shoving scissors in your ear canal Uzumaki-style to listen. Even his scarf pisses me off.

(The voice actress who does Elika’s voice is fine. No offense intended towards her.)

If you’ve been exposed to virtually any media whatsoever, you already know the story of the game. An ancient evil who’s been snoozing for a thousand years wakes up and starts… well, he doesn’t really do anything I guess, except send minions to guard strategic points. The main character, a thief who is obviously a Prince because although the narration doesn’t say so we’ve all read the title of the goddamned game you idiots, teams up with the attractive young female magic-user who happens to also be a Princess because it’s always a goddamned Princess in any fantasy book, movie, or game ever written ever. Also, it’s always a thousand years, never like 570 years or 834 years.

I’m only about half done with the game, but I can confidently predict the following:

• There will be a big reveal in which it turns out, gasp, shock, amaze, that the thief is actually a prince.
• Elika, because she has recently-gained magic abilities, will be possessed by the vaguely evil entity and the Prince will have to fight and defeat her.
• Even though the entire point of the story is “healing the fertile grounds” as to prevent the vaguely evil thing from waking up from its slumber, you’ll fail towards the end and thus be forced to fight against the vaguely evil thing itself. Because otherwise where the hell would the end boss come from?
• James Schend will get very bored of this cliche-ridden crap and skip every dialog option possible to skip.

Anyway, to summarize: medium-to-good game, bad story.

Take a quick look at Steam’s Holiday Sale. I’m sure that link would be good for long, so here’s the screenshot:

(Click to enlarge)

Nice. I’ve been looking to buy Colonization for a long time, and it’s a 2K game. Let’s go ahead and click the 2K games icon that says, quite clearly:

25-75% OFF ALL TITLES

And we get the list of 2K games:

(Click to enlarge)

So, uh… last time I checked, Steam, 25% off $29.99 would be $22.50. Not the price you have listed, $26.99.

I’ve been wary of the entire Steam concept since the first time I installed it. It didn’t help that the first Steam experience was spending hours downloading Half-Life 2, and then even more hours “activating” it. Things like my Dark Messiah install haven’t exactly increased my confidence. And now I find out that they can’t even get basic pricing right.

Well, the sale’s over, and Steam never answered my support request. Feh.

I’ve been inspired by LiveJournal’s Virtual Gift Store, but I think I can do them one better. I’ll make you a deal, for a limited time only, you can be the proud owner of this icon:

Yes, you’re seeing it correctly. That’s over four thousand pixels available at a single low price. Not only is each pixel painstakingly selected from one of over 16 million individual colors, but this lovely showpiece even includes transparent pixels. Transparency not available for most icons at twice the price!

But wait, there’s more! In addition to the normal sized icon, you’ll also receive, not one, not two, but five (5) small wallet-size icons! Use on your iPod, Zune, Cellphone, or any electronic device– perfect for showing off your icon while on-the-go!

    

What, you ask, is the price for this tremendous collection of beautiful hand-crafted butterfly icons? You might want to sit down for this:

That’s less than two dollars, less than your morning coffee! But I still don’t think that’s a good enough bargain, so let’s sweeten the deal. Order in the next 10 minutes and you’ll also receive the versatile large icon:

This large icon is perfect for those formal occasions, when not just any icon will do. Your friends will be amazed at the detail and clarity!

Call now, operators are standing by.

P.S. Yes, Firefox 3 apparently does support the blink tag. Go figure.

Another one of those things that I have a love-hate relationship with is World of Warcraft. The good news is that Blizzard actually makes an effort at Vista compatibility. (Unlike, for example, Valve who doesn’t even try.) The bad news is that Blizzard has no fucking clue how to actually make their product compatible with Vista.

WOW was built with the assumption that it would be able to read and write files from the Program Files folder at will. This assumption was wrong when it was built, and it’s especially wrong now that Vista is out. Windows 2000, BTW, has the exact same limitations for regular users as Vista does for administrative users, so it’s not as if this is new or anything. WOW has simply always been broken on Windows 2000, XP, and Vista.

The solution before was always just “well, run as administrator.” To this I reply: screw you. I’m sick of video games, which pretty much by definition never do any administrative tasks, relying on administrator permissions. WOW does nothing but shove tons of data through the Internet, both directions. With administrator permissions, that means WOW can, at the instruction of some random Internet server, completely fuck with any file on my system. The same applies to any other Internet-aware video game, and I’m sick of it.

Security aside, using the wrong folders also breaks the multi-user model of Windows. It’s impossible for WOW to have different settings for different computer users, because they only have one copy of the settings file. It’s also impossible for different users to run different sets of Add-Ins, because there’s only one folder that Add-Ins can be put in.

Game developers: Windows 98 was a long, long time ago. Please spend a few seconds to learn how NT permissions work before releasing a game to the unsuspecting public! You’re doing nothing but adding security holes to people’s computers and breaking OS built-in multi-user features. Stop it.

So back to WOW. WOW decides to store its configuration data in a “WTF” folder (no kidding, Blizzard!) inside its Program Files folder. This is wrong; that data should be stored in “Users/[User]/AppData”. Additionally, Blizzard puts interface add-ins in the Program Files folder. This is wrong; that data should be somewhere like “Users/[User]/WOW Add-Ins”. (For those reading closely, in this paragraph I’ve just outlined exactly what changes Blizzard needs to make for full Vista compatibility.)

Obviously Blizzard knew their way was wrong, because they tried to fix it. How? In the most half-assed way possible, of course.

Blizzard moved their entire install to “Users/Public” (or presumably “Users/All Users” in XP.)

That user account is supposed to be used for files you want to share among all users on a computer, for instance, custom desktop backgrounds or maybe a music library. (You’ll note that’s where Vista puts all its sample media, so all users can access it.) It’s not intended for programs. In fact, nothing in the “Users” folder is intended for programs! Wrong, wrong, wrong!

And even worse, apparently Blizzard didn’t even bother to test if this would fix their issues. It doesn’t, it makes them worse! The problem they were trying to fix their auto-updater getting blocked by UAC prompts, what they ended up with is a situation where WOW is silently prevented from saving its own configuration files, and so it appears to be working just fine, except every time you log out, WOW forgets everything it ever knew. This includes making you agree to the EULAs over and over and over again.

Are you trying to tell me that nobody at World of Warcraft knows how NT permissions work? A 15-year-old system? At least Valve can use the excuse that they don’t even bother to try.

Blizzard, you’ve really earned this:

P.S. And whenever you see issues like this and look into the forums, people are always blaming Vista. As if Microsoft did something wrong by making their OS more secure. It’s almost enough to get me to break out that crazy pills image again.

Ok, so MS SQL Server has the worst installer in history. And Visual Studio 2008 has the second-worst installer in history. That’s a given. But when the two installers attempt to interact with each other, you’re left with an experience only slightly more pleasant than a lifetime of burning in hellish torment.

If you work with these two products, you’ll probably see the following dialog box when trying to install MS SQL Server 2008 SQL Server Management Studio (say that one three times fast!):

Rule “Previous releases of Microsoft Visual Studio 2008″ failed.

A previous release of Microsoft Visual Studio 2008 is installed on this computer. Upgrade Microsoft Visual Studio 2008 to the SP1 before installing SQL Server 2008.

(Yes, the grammatical error is in the original.)

It sounds simple enough, but true evil is always subtle in its workings. Once you receive this message, you do the only rational response, open up Visual Studio 2008 and select “Check for Updates” in its Help menu. This takes you to Windows Update which, lo and behold, actually has a download available for Visual Studio 2008 SP1! So you spend the next hour and a half (no kidding) installing the service pack from Windows Update.

So far this is the most easily-overcome obstacle I’ve ever encountered with one of these horrible installers! Or it would be if it worked, but of course it doesn’t. Despite the Windows update installer claiming to update Visual Studio 2008 to SP1, it doesn’t appear to actually do anything at all. Even after you reboot. At least, the version number for Visual Studio doesn’t change and SQL Server’s installer still barfs all over it.

Crap.

After a long Google search, I found a lengthy explanation of the problem, and if you spend the requisite 3 hours trying to understand the gibberish, you’ll realize where you went wrong. You can’t update Visual Studio using the update link that comes built-in to Visual Studio, you fool! You must instead use the one available at this website!

I write this in the hope, probably futile, that it’ll rise in the Google rankings and help the next pour soul who receives that poorly-written error message with no clue how to resolve it. And with the hopes that somebody who works on Microsoft’s SQL Server or Visual Studio teams will read this and fix their goddamned installers already! (but I’m not holding my breath on that one.)

Edit: I should have anticipated this!

Of course, after writing instructions on how to remove a common virus, I should have realized my content-sensitive Google ads on the left side of the page would all instantly turn into scam anti-virus tools.

Please, please don’t attempt to use any of those advertisers’ products to fix your computer if that’s what you came here to do. In fact, don’t click them at all. They won’t work, and you’ll just have more crap on your computer. Remember, despite anything Google might tell you, they don’t personally vet ads before letting them loose on their network and they don’t bother removing bad ads until somebody complains.

Sorry.

I managed to infect my work machine with this little bastard, and it took me several hours but I finally figured out how to get rid of it. Despite the name on the Wikipedia page, Vundo isn’t a trojan, it’s a plain ol’ virus, which managed to gain a foothold on my computer through Sun’s Java plug-in.

Lesson 1: Java is by far more trouble than it’s worth; uninstall it.

Anyway, I seem to have gotten a brand new variant of Vundo that slipped under Symantec’s radar, and the existing removal instructions and tools simply didn’t work for me at all. The most useful existing tutorial is on this seemingly nameless page, and the instructions on McAfee’s guide, which got me 75% of the way to the solution, and from there I found my own way to finishing the job.

To remove Vundo:

1. These instructions assume you are running Windows XP and have Administrator privileges. This shouldn’t be an issue, as if you didn’t run as Administrator, or were using Vista, you probably wouldn’t have been infected in the first place.
2. Follow the instructions on the seemingly nameless page linked above for identifying the DLL files used by the virus, up to the “Remove the Infection” header. (These instructions outline using ListDLLs.exe to get a list of all DLLs currently running on your computer. Vundo DLLs have a blank Version column, “C:\Windows\System32″ in the Path column, and have a string of 8 random characters as the filename.) Save the list somewhere handy, or print it out.
3. Locate the first DLL file on the list in your “C:\Windows\System32″ folder. Right-Click the icon and select Properties. Click to the Security tab. Make sure the “Everybody” group is selected, then click the Deny checkbox next to Full Control. This should automatically check all other permissions in the Deny column. (Note: you won’t be able to uncheck the “Allow” column, but the fix will work anyway.)
   

4. Repeat the last step for the other Vundo files identified using ListDLLs.exe. (In my case, there were 3 DLL files used by the virus.)
5. (This is the kind of nasty part.) Perform a hard reboot by holding the power button of your computer in for 15 seconds, or until it turns itself off. You cannot allow your computer to shut down normally, or Vundo will rename and reproduce itself during the shut down process.
6. After your computer finishes restarting, you can now delete the DLL files you changed permissions on. You should also empty the recycling bin, to ensure they are fully deleted.
7. Run a virus scanning program that’s normally capable of getting rid of Vundo to ensure nothing else remains. Spybot Search and Destroy seemed to do a good job of identifying it, or you could download and use Symantec’s removal tool.

How does this work? The variant I have keeps its DLL files constantly open and locked using both WinLogon.exe and Explorer.exe, so they are impossible to rename or remove.

The seemingly nameless page recommends queuing the files to be deleted on the next boot, but that didn’t work at all on my system. (Once WinLogon.exe is running, the DLL files are impossible to delete. I think the “delete on next boot” utility doesn’t run until WinLogon is already running.)

McAffe recommends using Process Explorer to Suspend Explorer.exe, WinLogon.exe and RunDLL32.exe as you do the removal, and then do a hard reboot. This in theory would prevent Vundo from re-establishing itself during the shut down process, but it didn’t work for me because the DLL files were impossible to rename or remove while Explorer.exe and WinLogon.exe were running, even when they were suspended. (Which makes sense– suspend is like pausing a program. If the program has locked files, why would you expect them to become unlocked while it was paused? I can only assume McAffe’s directions work on a different variant of Vundo, although I can’t see how.)

My solution relies on three handy bits of trivia I’ve learned:

• Windows XP boots using Administrator group permissions.
• Deny permissions always over-ride Allow permissions.
• The NTFS driver starts enforcing file permissions really, really early in the boot process

Basically, by setting Deny permissions for the Administrator group on the DLL files, we made it impossible for any program on the computer to run them, even programs that start before the user is logged in (like WinLogon.exe.) Once WinLogon.exe and Explorer.exe both fail to open the Vundo DLLs, they can simply be deleted from the system because they are no longer locked.

I hope this is helpful to somebody down the line.