I was asked to look at my sister-in-law's PC over the weekend. Apparently it was having problems. I typically avoid helping others with their PC problems but thought I would since she and her boyfriend were great hosts.
Somehow a nasty, little virus-like program was installed on her PC. I tracked down the source of the problem to the winik.sys, which isn't in fact a Microsoft driver. This little puppy loads other programs that appear to be tracking activity on the PC and reporting information out to somewhere.
The simple solution to the problem: delete the winik.sys file along with the directory of other programs it launches and clean up the registry. Unfortunately the winik.sys loads as a driver and cannot be deleted while Windows is running. No big deal I thought. I would just boot up into a different OS and manually delete the files. This turned out to be harder than I thought. And harder then it should have been.
Not having any "tools" with me, I decided I would boot up in safe mode with a command prompt. Unfortunately this still loads the winik.sys driver. Note that my sister-in-law is running an OEM version of Windows XP Home without any updates on it...no service packs, etc. When this attempt failed, I created a DOS bootable disk from Windows. I booted up the computer from the disk and to my surprised learned that the version of DOS I was running did not recognize NTFS.
I tried using the OEM recovery disc, but that didn't help either.
My next thought was to use Linux. I found a list of floppy based distributions, but to my surprise none of the distributions I tried supported NTFS. After spending hours trying to find ways to read an NTFS volume from another OS, I finally had to give up. After all, I needed to get on the road and head back to NYC.
I did learn a lot from the exercise even though I wasn't able to remove the file from the PC. For instance,
1) Sysinternals has a NTFSDOS utility that will mount NTFS volumes and provide read/write access from DOS. Unfortunately the freeware version is read access only so it didn't help me solve the problem. And I didn't want to buy the Administration Pack just for this one problem.
2) While the idea of a Linux distribution on a floppy is cool, there are limits to what you can do. I realized I need to know more about Linux and possibly make my own distribution that would allow me to help family and friends clean up infected machines. But I'll never take the time to make a floppy distribution.
3) I should buy this t-shirt.
Ha ha...you know I am going to have to tell them that their computer problem was worthy of your blog. I already told them about the t-shirt.
posted by Melanie | May 26 05:28 PMKirby,
This is a PERFECT situation for using something like a bootable Linux (Knoppix or Kanotix flavors are what I prefer)! Check out www.distrowatch.com.
There are also other versions of these things specifically targetted to your problem. Write me if you want more info. :)
Mike,
Unfortunately I didn't have the URL to www.distrowatch.com with me when I was working on the problem, and I couldn't find it doing a google search. Briefly looking over the site this morning I do not see a listing of floppy based distributions or should I say floppy-live distributions. I was looking for an OS I can load by booting from a floppy.
No doubt I would have preferred to boot from a live cd but that wasn't an option for me at the time. I think going forward I will keep a live cd in my backpack just in case the situation comes up again.
By the way, there is a new mono-live distribution available at www.mono-live.com.
I have only used the CD-based distros. No experience with Floppy-based. Another option of recent I've been looking at are USB-Drive-bootable-linux (by installing one of the CDROM versions to a USB-drive). Just to be geeky. heh. I have read that depending on the h/w you try to run it on, it could be problematic getting it to boot though.
One thing I DO use (and really like) is the ability to save my desktop-config (i.e., settings changes, files, etc) to a key-drive (USB) in Kanotix, and then boot from a CD-ROM and tell it to use the settings from my USB-RAM-Key thingie. Saves time with standard post-bootup settings like screen-saver preferences, SAMBA logins, etc. WAY COOL!
Oh, the smallest distro I've messed with is DSL (Damn-Small-Linux), which can fit on one of those 50MB credit-card-size CDROMs. That way, you can keep it in your wallet for emergencies. also, very cool.
posted by Mike | May 28 07:50 PMlol...what a fool...to remove that you have to rename the name of the randomly named folder that also contains winik.sys (there are 2 winik.sys files.one in randomly named folder and one in the Windows directory)...then you can delete the winik.sys from the Windows directory..
posted by | December 20 08:23 PMAt the time the PC was experiencing the problem your advice was not available. Your solution seems simple enough but the problem on the computer was more than 6 months ago and has since been fixed.
I wish I had known about your solution back then. It would have saved me much time.
Add Your Comment
