No Zytrons In Range

Take a quick look at Steam’s Holiday Sale. I’m sure that link would be good for long, so here’s the screenshot:

(Click to enlarge)

Nice. I’ve been looking to buy Colonization for a long time, and it’s a 2K game. Let’s go ahead and click the 2K games icon that says, quite clearly:

25-75% OFF ALL TITLES

And we get the list of 2K games:

(Click to enlarge)

So, uh… last time I checked, Steam, 25% off $29.99 would be $22.50. Not the price you have listed, $26.99.

I’ve been wary of the entire Steam concept since the first time I installed it. It didn’t help that the first Steam experience was spending hours downloading Half-Life 2, and then even more hours “activating” it. Things like my Dark Messiah install haven’t exactly increased my confidence. And now I find out that they can’t even get basic pricing right.

---

Well, the sale’s over, and Steam never answered my support request. Feh.

I’ve been inspired by LiveJournal’s Virtual Gift Store, but I think I can do them one better. I’ll make you a deal, for a limited time only, you can be the proud owner of this icon:

Yes, you’re seeing it correctly. That’s over four thousand pixels available at a single low price. Not only is each pixel painstakingly selected from one of over 16 million individual colors, but this lovely showpiece even includes transparent pixels. Transparency not available for most icons at twice the price!

But wait, there’s more! In addition to the normal sized icon, you’ll also receive, not one, not two, but five (5) small wallet-size icons! Use on your iPod, Zune, Cellphone, or any electronic device– perfect for showing off your icon while on-the-go!

    

What, you ask, is the price for this tremendous collection of beautiful hand-crafted butterfly icons? You might want to sit down for this:

ONLY $1.99!

That’s less than two dollars, less than your morning coffee! But I still don’t think that’s a good enough bargain, so let’s sweeten the deal. Order in the next 10 minutes and you’ll also receive the versatile large icon:

This large icon is perfect for those formal occasions, when not just any icon will do. Your friends will be amazed at the detail and clarity!

ONLY $1.99!

Call now, operators are standing by.

---

P.S. Yes, Firefox 3 apparently does support the blink tag. Go figure.

Another one of those things that I have a love-hate relationship with is World of Warcraft. The good news is that Blizzard actually makes an effort at Vista compatibility. (Unlike, for example, Valve who doesn’t even try.) The bad news is that Blizzard has no fucking clue how to actually make their product compatible with Vista.

WOW was built with the assumption that it would be able to read and write files from the Program Files folder at will. This assumption was wrong when it was built, and it’s especially wrong now that Vista is out. Windows 2000, BTW, has the exact same limitations for regular users as Vista does for administrative users, so it’s not as if this is new or anything. WOW has simply always been broken on Windows 2000, XP, and Vista.

The solution before was always just “well, run as administrator.” To this I reply: screw you. I’m sick of video games, which pretty much by definition never do any administrative tasks, relying on administrator permissions. WOW does nothing but shove tons of data through the Internet, both directions. With administrator permissions, that means WOW can, at the instruction of some random Internet server, completely fuck with any file on my system. The same applies to any other Internet-aware video game, and I’m sick of it.

Security aside, using the wrong folders also breaks the multi-user model of Windows. It’s impossible for WOW to have different settings for different computer users, because they only have one copy of the settings file. It’s also impossible for different users to run different sets of Add-Ins, because there’s only one folder that Add-Ins can be put in.

Game developers: Windows 98 was a long, long time ago. Please spend a few seconds to learn how NT permissions work before releasing a game to the unsuspecting public! You’re doing nothing but adding security holes to people’s computers and breaking OS built-in multi-user features. Stop it.

So back to WOW. WOW decides to store its configuration data in a “WTF” folder (no kidding, Blizzard!) inside its Program Files folder. This is wrong; that data should be stored in “Users/[User]/AppData”. Additionally, Blizzard puts interface add-ins in the Program Files folder. This is wrong; that data should be somewhere like “Users/[User]/WOW Add-Ins”. (For those reading closely, in this paragraph I’ve just outlined exactly what changes Blizzard needs to make for full Vista compatibility.)

Obviously Blizzard knew their way was wrong, because they tried to fix it. How? In the most half-assed way possible, of course.

Blizzard moved their entire install to “Users/Public” (or presumably “Users/All Users” in XP.)

That user account is supposed to be used for files you want to share among all users on a computer, for instance, custom desktop backgrounds or maybe a music library. (You’ll note that’s where Vista puts all its sample media, so all users can access it.) It’s not intended for programs. In fact, nothing in the “Users” folder is intended for programs! Wrong, wrong, wrong!

And even worse, apparently Blizzard didn’t even bother to test if this would fix their issues. It doesn’t, it makes them worse! The problem they were trying to fix their auto-updater getting blocked by UAC prompts, what they ended up with is a situation where WOW is silently prevented from saving its own configuration files, and so it appears to be working just fine, except every time you log out, WOW forgets everything it ever knew. This includes making you agree to the EULAs over and over and over again.

Are you trying to tell me that nobody at World of Warcraft knows how NT permissions work? A 15-year-old system? At least Valve can use the excuse that they don’t even bother to try.

Blizzard, you’ve really earned this:

P.S. And whenever you see issues like this and look into the forums, people are always blaming Vista. As if Microsoft did something wrong by making their OS more secure. It’s almost enough to get me to break out that crazy pills image again.

Ok, so MS SQL Server has the worst installer in history. And Visual Studio 2008 has the second-worst installer in history. That’s a given. But when the two installers attempt to interact with each other, you’re left with an experience only slightly more pleasant than a lifetime of burning in hellish torment.

If you work with these two products, you’ll probably see the following dialog box when trying to install MS SQL Server 2008 SQL Server Management Studio (say that one three times fast!):

Rule “Previous releases of Microsoft Visual Studio 2008″ failed.

A previous release of Microsoft Visual Studio 2008 is installed on this computer. Upgrade Microsoft Visual Studio 2008 to the SP1 before installing SQL Server 2008.

(Yes, the grammatical error is in the original.)

It sounds simple enough, but true evil is always subtle in its workings. Once you receive this message, you do the only rational response, open up Visual Studio 2008 and select “Check for Updates” in its Help menu. This takes you to Windows Update which, lo and behold, actually has a download available for Visual Studio 2008 SP1! So you spend the next hour and a half (no kidding) installing the service pack from Windows Update.

So far this is the most easily-overcome obstacle I’ve ever encountered with one of these horrible installers! Or it would be if it worked, but of course it doesn’t. Despite the Windows update installer claiming to update Visual Studio 2008 to SP1, it doesn’t appear to actually do anything at all. Even after you reboot. At least, the version number for Visual Studio doesn’t change and SQL Server’s installer still barfs all over it.

Crap.

After a long Google search, I found a lengthy explanation of the problem, and if you spend the requisite 3 hours trying to understand the gibberish, you’ll realize where you went wrong. You can’t update Visual Studio using the update link that comes built-in to Visual Studio, you fool! You must instead use the one available at this website!

I write this in the hope, probably futile, that it’ll rise in the Google rankings and help the next pour soul who receives that poorly-written error message with no clue how to resolve it. And with the hopes that somebody who works on Microsoft’s SQL Server or Visual Studio teams will read this and fix their goddamned installers already! (but I’m not holding my breath on that one.)

Edit: I should have anticipated this!

Of course, after writing instructions on how to remove a common virus, I should have realized my content-sensitive Google ads on the left side of the page would all instantly turn into scam anti-virus tools.

Please, please don’t attempt to use any of those advertisers’ products to fix your computer if that’s what you came here to do. In fact, don’t click them at all. They won’t work, and you’ll just have more crap on your computer. Remember, despite anything Google might tell you, they don’t personally vet ads before letting them loose on their network and they don’t bother removing bad ads until somebody complains.

Sorry.

---

I managed to infect my work machine with this little bastard, and it took me several hours but I finally figured out how to get rid of it. Despite the name on the Wikipedia page, Vundo isn’t a trojan, it’s a plain ol’ virus, which managed to gain a foothold on my computer through Sun’s Java plug-in.

Lesson 1: Java is by far more trouble than it’s worth; uninstall it.

Anyway, I seem to have gotten a brand new variant of Vundo that slipped under Symantec’s radar, and the existing removal instructions and tools simply didn’t work for me at all. The most useful existing tutorial is on this seemingly nameless page, and the instructions on McAfee’s guide, which got me 75% of the way to the solution, and from there I found my own way to finishing the job.

To remove Vundo:

1. These instructions assume you are running Windows XP and have Administrator privileges. This shouldn’t be an issue, as if you didn’t run as Administrator, or were using Vista, you probably wouldn’t have been infected in the first place.
2. Follow the instructions on the seemingly nameless page linked above for identifying the DLL files used by the virus, up to the “Remove the Infection” header. (These instructions outline using ListDLLs.exe to get a list of all DLLs currently running on your computer. Vundo DLLs have a blank Version column, “C:\Windows\System32″ in the Path column, and have a string of 8 random characters as the filename.) Save the list somewhere handy, or print it out.
3. Locate the first DLL file on the list in your “C:\Windows\System32″ folder. Right-Click the icon and select Properties. Click to the Security tab. Make sure the “Everybody” group is selected, then click the Deny checkbox next to Full Control. This should automatically check all other permissions in the Deny column. (Note: you won’t be able to uncheck the “Allow” column, but the fix will work anyway.)
   

4. Repeat the last step for the other Vundo files identified using ListDLLs.exe. (In my case, there were 3 DLL files used by the virus.)
5. (This is the kind of nasty part.) Perform a hard reboot by holding the power button of your computer in for 15 seconds, or until it turns itself off. You cannot allow your computer to shut down normally, or Vundo will rename and reproduce itself during the shut down process.
6. After your computer finishes restarting, you can now delete the DLL files you changed permissions on. You should also empty the recycling bin, to ensure they are fully deleted.
7. Run a virus scanning program that’s normally capable of getting rid of Vundo to ensure nothing else remains. Spybot Search and Destroy seemed to do a good job of identifying it, or you could download and use Symantec’s removal tool.

How does this work? The variant I have keeps its DLL files constantly open and locked using both WinLogon.exe and Explorer.exe, so they are impossible to rename or remove.

The seemingly nameless page recommends queuing the files to be deleted on the next boot, but that didn’t work at all on my system. (Once WinLogon.exe is running, the DLL files are impossible to delete. I think the “delete on next boot” utility doesn’t run until WinLogon is already running.)

McAffe recommends using Process Explorer to Suspend Explorer.exe, WinLogon.exe and RunDLL32.exe as you do the removal, and then do a hard reboot. This in theory would prevent Vundo from re-establishing itself during the shut down process, but it didn’t work for me because the DLL files were impossible to rename or remove while Explorer.exe and WinLogon.exe were running, even when they were suspended. (Which makes sense– suspend is like pausing a program. If the program has locked files, why would you expect them to become unlocked while it was paused? I can only assume McAffe’s directions work on a different variant of Vundo, although I can’t see how.)

My solution relies on three handy bits of trivia I’ve learned:

• Windows XP boots using Administrator group permissions.
• Deny permissions always over-ride Allow permissions.
• The NTFS driver starts enforcing file permissions really, really early in the boot process

Basically, by setting Deny permissions for the Administrator group on the DLL files, we made it impossible for any program on the computer to run them, even programs that start before the user is logged in (like WinLogon.exe.) Once WinLogon.exe and Explorer.exe both fail to open the Vundo DLLs, they can simply be deleted from the system because they are no longer locked.

I hope this is helpful to somebody down the line.