Jump to content











Photo
- - - - -

Client installed grub4dos, can't boot server


  • Please log in to reply
3 replies to this topic

#1 bookgrub

bookgrub
  • Members
  • 2 posts
  •  
    Australia

Posted 04 March 2010 - 03:19 AM

Hi all,

I've been looking around for solutions here but I'm coming up dry.

A client of mine tried to install some kind of anti-spyware product, and has succeeded in installing a pre-configured grub4dos which won't allow him to boot the server.

Normally I'd use the recovery console, but the HP media have this option scripted out.

I've also tried Win XP media, but they won't successfully load the driver.

If I run 'geometry (hd0)' I receive:

Warning: Unrecognized partition table for drive 80. Please rebuild it using

a Microsoft-compatible FDISK tool(err=114). Current C/H/S=65535/255/32 

drive 0x80(LBA): C/H/S=65535/255/32, Sector Count/Size=573367600/512



Warning: Unrecognized partition table for drive 80. Please rebuild it using

a Microsoft-compatible FDISK tool(err=114). Current C/H/S=65535/255/32 

   Partition num: 0, Filesystem type is ntfs, partition type 0x7

   Partition num: 1, Filesystem type is ntfs, partition type 0x7

Help?

#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14181 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 04 March 2010 - 09:10 AM

It is "abnormal" to have 255/32 HS geometry, it is usually 255/63.

If I were you I would check the drive with TESTDISK:
http://www.cgsecurit...g/wiki/TestDisk

It is possible that somehow the original partition table was overwritten, but you missed to post a number of details.

Try describing the current setup and what actually happens when the PC (or Server) boots (or attempts to).

Wonko

#3 bookgrub

bookgrub
  • Members
  • 2 posts
  •  
    Australia

Posted 05 March 2010 - 02:09 AM

Hi Wonko,

Thanks for the reply, although I only received it this morning.

I managed to resolve this issue late last night, using much the method you described.

Although GRUB4DOS reported the CHS as I mentioned, Testdisk reported much more 'sane' values.

I ended up using Testdisk to do an advanced partition search, which located the partition boundaries and rewrote the table. This allowed GRUB4DOS to launch the server OS, and I could then remove the product (and thus GRUB).

The product in question was Spyhunter Compact OS 1.0b.

My suspicion is that it re-wrote the partition table when it installed in some misguided attempt to 'secure' itself. Unfortunately, this server is running a RAID 5 SAS array, and it's borked the system instead.

The G4D installation wasn't using the grldr either, but sh4ldr. I suspect that Enigma software, who make Spyhunter and seem either incompetent, malicious or both, are using this without complying with the licensing terms. Might be worth the project administrators getting in touch with them.

The whole thing sounds quite simple as described above, but it was in fact several hours of mental anguish. Hopefully the client has learnt their lesson here.

Cheers,

Bookgrub

#4 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14181 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 05 March 2010 - 03:28 AM

The product in question was Spyhunter Compact OS 1.0b.

My suspicion is that it re-wrote the partition table when it installed in some misguided attempt to 'secure' itself. Unfortunately, this server is running a RAID 5 SAS array, and it's borked the system instead.

The G4D installation wasn't using the grldr either, but sh4ldr. I suspect that Enigma software, who make Spyhunter and seem either incompetent, malicious or both, are using this without complying with the licensing terms. Might be worth the project administrators getting in touch with them.


Sure, a lot of peeps think that creating a stoopid whatever using grub4dos, renaming it, changing some strings in it and using hardcoded menu.lst without an user confirmation is something really l33t, I never heard about this company or about this product, the "overall feeling" of their is not that good, but really cannot say :unsure::
http://www.enigmasof...e.com/about-us/
a street view of their US office:
2643 Gulf to Bay Blvd.
Suite 1560 #446
Clearwater, FL 33759
USA
might be revealing, since Mattress Giant is at #2613 amd Fat Burger is at #2689, I would guess it is not exactly the typical office building where the "core" business is held.

Let me guess :whistling: :
  • 1/2 employee in the US office (1 part-time)
  • 42 employees in
  • 1/2 employee in South Africa ( 1 part-time)


An example, just for the record:
http://www.boot-land...?showtopic=3833

I mean, in that case it was a kid, but your client? :cheers:

They should require a "common sense license" when they sell servers...... :cheers:

Happy the problem is solved. :cheers:

:cheers:

Wonko




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users