The first pile of crap I had to deal with was the 64 bit server version of Ubuntu. I have a powerhouse AMD X2 machine with 8GB of memory and 900 gigabytes of disk (500, 200 and 200). This machine will be dedicated to running VMWare Server and various groups of virtual machines for developmental purposes. I had the new 8.04 LTS edition. I installed using LVM leaving extra space for expansion of logical volumes if necessary.
The first problem was GRUB wouldn’t do anything. Reboot, black screen, nothing. I altered the installation to install LILO and things worked this time. It was a minor annoyance but foreshadowed pain to come. I needed a desktop for VMWare so I decided to try KDE by installing the kubuntu-desktop package. There were four warnings issued during the installation. When I rebooted, LILO simply puked a bunch of 99’s on the screen then died. Great. I’ll try again later.
I just purchased a 24” wide screen LCD to replace the LCD one of our cats puked on and rendered non-operational. One of the problems with the large surface area of the desktop is that the styles that come with Windows XP are dull and look like crap. Some people at work have some really nice desktops so I figured I would find a nice them online, install it and bask in my coolness.
I went to a place called ThemeXP. I’m not going to provide a link, you’ll find out why later. I downloaded two themes in the form of executables. I assumed they were installers. When I tried installing them I was greeted by a pop-up window that explained these files had been “wrapped” and that you had to agree to services, etc. In short it was “f***-no” terminology.
I did some more investigation and found a link buried at the bottom that indicated some files were “wrapped” to defer operational cost through advertisements. Nice. We can really trust those advertisers. They have a stellar history of not trying to f*** over computer users. I cancel the install and look elsewhere. Then I noticed my hard drive just chattering away. Then AVG pops up a virus warning. I quickly do a process list and kill a msin.tmp process that was spawned by this “wrapper” program. More and more AVG pop-ups with files infected with the Win32/Gaelicum.A virus. My hell was just beginning.
I unplugged the network cable and booted a clean machine while scanning the infected one. The Win32/Gaelicum.A virus is a nasty little bastard that infects .exe files and is network aware. Grisoft had a cleaner utility to download and run in safe-mode. The problem, however, was that Grisoft AVG anti-virus had moved all infected executables to their virus vault; including the executable to manage the virus vault. So I can’t get the executables out of the vault to run the cleaner utility on them. Well that was just great.
I had to sleep on it. I was beyond furious.
So how did I fix it? In short: remove the infected drive from the computer and place it in a portable enclosure. Attach that drive via USB to a clean computer running the same software, copy AVG and Windows executables from the clean machine to the infected drive, copy vcleaner to the infected drive, detach the drive, install the drive back into the machine, boot, run the virus vault utility, take the infected executables out of the vault, reboot in safe mode, run vcleaner, reboot, scan again, test executables.
Damage was minimal. Some things won’t uninstall due to corrupt binaries and I had to reinstall 7-zip.
I am a computer professional and I almost had my entire computer f***ed because I wanted a nicer looking desktop. I sent a mail message to themexp explaining what happened and haven’t heard back from them. Rot in hell. There is so much garbage out there that if you see a screen saver or theme or program somewhere just don’t install it. Don’t let your kids install screen savers or programs. If they do then punishment is no games and no Internet unless you need it for school. Don’t let you parents click on things unless you put them there to click on. If you are using a work computer just don’t install anything and if you employer blocks sites don’t bitch about it. Also, consider installing WOT (Web of Trust) or similar browser plug-ins.