Mysterious OS/2 boot partition on XP.

fleggett

Gawd
Joined
Nov 30, 2004
Messages
546
I was given an OEM XP box that, when fully booted, displayed nothing. By that I mean the desktop was bare and Explorer could not "see" any files. I was at a loss.

I booted the machine using an OEM XP install CD and was rather surprised to discover a new partition had been added to the drive at the end. It was flagged as an OS/2 boot manager partition and consumed 2MB of space.

I was going to wipe the machine anyway, but as a point of curiosity, I deleted this partition just to see what would happen. Predictably, the machine refused to boot, so it was relying on this rogue boot partition.

Anyone ever run into this before? Is it the result of a virus or trojan? The client had MSE installed with the latest definitions, so whatever it was got through it.
 

800XL

Weaksauce
Joined
Nov 5, 2004
Messages
94
It has been a long time, but I remember using just the OS/2 bootmanager to handle multi booting systems to various OSs. It worked better than the windows boot manager for installing Win95, NT 3.51, Linux and so forth to the same drive. Could be the OEM used it to hide away their recovery partition, or to manage first boot of the machine out of the box for windows install/config. Or it could be just an OLD setup that someone had once been dual/triple/booting something from using some old OS/2 trickery.
 

D-EJ915

[H]ard|Gawd
Joined
Jan 31, 2003
Messages
1,672
Probably just something the OEM put on there as part of their loading system or maybe some quick diagnostic tools which is pretty common.
 

ameoba

Supreme [H]ardness
Joined
Jan 9, 2001
Messages
6,413
Probably just something the OEM put on there as part of their loading system or maybe some quick diagnostic tools which is pretty common.

They probably just stole a flag that wasn't used by a windows recognized partition type. There's a very slim chance it actually involves some stripped down OS/2 install.
 
Joined
Dec 10, 2008
Messages
41
There is a virus running around that I have been dealing with quite a bit at work. It creates a 2mb partition and boots using that. If you remove the partition and set the other partition as active it will boot fine. Dunno if that is what you have going there or not.
 

fleggett

Gawd
Joined
Nov 30, 2004
Messages
546
There is a virus running around that I have been dealing with quite a bit at work. It creates a 2mb partition and boots using that. If you remove the partition and set the other partition as active it will boot fine. Dunno if that is what you have going there or not.
That sounds EXACTLY like what I ran into, as this machine had been wiped and cleaned before (elsewhere), so there should not've been any bizarre partitions like this.

Was there any other strangeness after the machine was booted, like what I described in my initial post? Also, was the 2MB partition at the beginning or end of the drive?
 
Last edited:

DlStreamnet

Limp Gawd
Joined
Mar 10, 2005
Messages
359
Fixmbr or similar probably could have recovered it.

Maybe they were dual booting with linux or something hence why you couldn't see the other partitions? And the 2mb was a grub/bootloader
 
Top