The forces of entropy overtook the computer last month. It was as though I had forgotten to put the rubbish out for weeks on end. Useless, unpleasant stuff was piling up, spilling over and threatening to overrun the machine.
I had what is known as bad "clot factor" - a geek-speak measure of how much intruders gum up your PC's innards by adding registry entries, files, directories and other nonsense. In plain language it means if you don't regularly put the rubbish out, there will be trouble.
I employ a number of rubbish collectors on my PC - Norton Antivirus, Ad-Aware, Spybot Search and Destroy and ZoneAlarm - but in this instance none of them worked. I noticed the alien and its attendant flotsam and jetsam on one of my regular rubbish patrols - a casual check of the program listings in my firewall Zone Alarm.
Firewalls are horribly difficult programs to understand, but in this day and age - especially if you're on a broadband connection - you need one. Mine annoys the rest of the family using the computer because it pops up messages from time to time asking whether they wish to allow such and such to access the net or the computer.
Despite my efforts to teach them to read the message and in most cases click "No" the younger members tend to be reckless surfers who click "Yes" without paying any attention to what the message says.
Which is why I have to do manual rubbish patrols, why the pest got in and why rubbish was piling up.
There they were - a program with a randomly generated name and other files that shouldn't be there. ZoneAlarm allowed me to track down the location - a "temp" folder on one of the kids' directories.
You would think I could just delete the little toads and be done. But rubbish removal from a PC is not always that simple. No sooner had I killed the thing than it boldly hopped back. Time for the big guns. Norton Antivirus found nothing. Ditto for Search and Destroy. Only Ad-Aware found the nasty - identifying it as a data miner, but then failing to nuke the gremlin which was back the next day. Grrrr!
A Google search for "winwildapp.exe" - the file I figured was causing all the rubbish - wasn't much help. But I did find a manual process for removal - not for the fainthearted because it involves a trip into the registry of the computer.
The registry is place you really want to avoid - a labyrinth of programs and geek code . But I found a couple of the offending lines and pressed delete. Success.
Not quite. I wanted to know how, given what I thought were good rubbish defences, this thing had got in.
Interrogation of the reckless surfers was futile. No, they hadn't been to any odd sites that suddenly caused lots of pop-ups or "drive-by" downloads.
No, they hadn't received any suspect attachments in their email.
The eldest confessed a few days later that the source of the rubbish was a small program - Homer Simpson's sayings - he had been sent by a friend. He deleted it, but why hadn't my various defences picked it up?
Here was more evidence that even with a good armoury, in the fight against entropy you will always be one step behind - and that the rubbish creators are getting smarter, nastier and better at hiding.
So what was this winwildapp.exe up to? AdAware describes it as a fairly harmless piece of spyware - a statblaster that sends out your surfing habit details to god knows where. But other sources on the net say its a trojan. Perhaps it was trying to turn my machine into a zombie - a mindless dolt for spreading spam and launching denial of service attacks on others.
Don't laugh, it's easy to get paranoid about rubbish. Read this report which shows that about 80 per cent of users have spyware on their PCs (Stay Safe Online).
Then type "PC, zombie, millions" into Google and read the estimates of the number of compromised machines out there.
For more information about dealing with this scourge visit Firewall Guide and PChell.
And be vigilant about taking the rubbish out to keep chaos at bay.
* Email Chris Barton
<i>Chris Barton:</i> Put out the rubbish before the rubbish gets you
AdvertisementAdvertise with NZME.
