Mysterious OS/2 boot partition on XP.

F

fleggett

Gawd
Joined
Nov 30, 2004
Messages
546
I was given an OEM XP box that, when fully booted, displayed nothing. By that I mean the desktop was bare and Explorer could not "see" any files. I was at a loss.

I booted the machine using an OEM XP install CD and was rather surprised to discover a new partition had been added to the drive at the end. It was flagged as an OS/2 boot manager partition and consumed 2MB of space.

I was going to wipe the machine anyway, but as a point of curiosity, I deleted this partition just to see what would happen. Predictably, the machine refused to boot, so it was relying on this rogue boot partition.

Anyone ever run into this before? Is it the result of a virus or trojan? The client had MSE installed with the latest definitions, so whatever it was got through it.
 
It has been a long time, but I remember using just the OS/2 bootmanager to handle multi booting systems to various OSs. It worked better than the windows boot manager for installing Win95, NT 3.51, Linux and so forth to the same drive. Could be the OEM used it to hide away their recovery partition, or to manage first boot of the machine out of the box for windows install/config. Or it could be just an OLD setup that someone had once been dual/triple/booting something from using some old OS/2 trickery.
 
Probably just something the OEM put on there as part of their loading system or maybe some quick diagnostic tools which is pretty common.
 
D-EJ915 said:
Probably just something the OEM put on there as part of their loading system or maybe some quick diagnostic tools which is pretty common.
Click to expand...

They probably just stole a flag that wasn't used by a windows recognized partition type. There's a very slim chance it actually involves some stripped down OS/2 install.
 
There is a virus running around that I have been dealing with quite a bit at work. It creates a 2mb partition and boots using that. If you remove the partition and set the other partition as active it will boot fine. Dunno if that is what you have going there or not.
 
SkittlesMcduck said:
There is a virus running around that I have been dealing with quite a bit at work. It creates a 2mb partition and boots using that. If you remove the partition and set the other partition as active it will boot fine. Dunno if that is what you have going there or not.
Click to expand...
That sounds EXACTLY like what I ran into, as this machine had been wiped and cleaned before (elsewhere), so there should not've been any bizarre partitions like this.

Was there any other strangeness after the machine was booted, like what I described in my initial post? Also, was the 2MB partition at the beginning or end of the drive?
 
Last edited:
Fixmbr or similar probably could have recovered it.

Maybe they were dual booting with linux or something hence why you couldn't see the other partitions? And the 2mb was a grub/bootloader
 
You must log in or register to reply here.
Back
Top