I was asked to look at my sister-in-law’s PC over the weekend. Apparently it was having problems. I typically avoid helping others with their PC problems but thought I would since she and her boyfriend were great hosts.
Somehow a nasty, little virus-like program was installed on her PC. I tracked down the source of the problem to the winik.sys, which isn’t in fact a Microsoft driver. This little puppy loads other programs that appear to be tracking activity on the PC and reporting information out to somewhere.
The simple solution to the problem: delete the winik.sys file along with the directory of other programs it launches and clean up the registry. Unfortunately the winik.sys loads as a driver and cannot be deleted while Windows is running. No big deal I thought. I would just boot up into a different OS and manually delete the files. This turned out to be harder than I thought. And harder then it should have been.
Not having any “tools” with me, I decided I would boot up in safe mode with a command prompt. Unfortunately this still loads the winik.sys driver. Note that my sister-in-law is running an OEM version of Windows XP Home without any updates on it…no service packs, etc. When this attempt failed, I created a DOS bootable disk from Windows. I booted up the computer from the disk and to my surprised learned that the version of DOS I was running did not recognize NTFS.
I tried using the OEM recovery disc, but that didn’t help either.
My next thought was to use Linux. I found a list of floppy based distributions, but to my surprise none of the distributions I tried supported NTFS. After spending hours trying to find ways to read an NTFS volume from another OS, I finally had to give up. After all, I needed to get on the road and head back to NYC.
I did learn a lot from the exercise even though I wasn’t able to remove the file from the PC. For instance,
1) Sysinternals has a NTFSDOS utility that will mount NTFS volumes and provide read/write access from DOS. Unfortunately the freeware version is read access only so it didn’t help me solve the problem. And I didn’t want to buy the Administration Pack just for this one problem.
2) While the idea of a Linux distribution on a floppy is cool, there are limits to what you can do. I realized I need to know more about Linux and possibly make my own distribution that would allow me to help family and friends clean up infected machines. But I’ll never take the time to make a floppy distribution.
3) I should buy this t-shirt.
Posted in uncategorized. Tagged in .