Tag Archives: System software

HP Pavilion Boot Loop Problem

Posted on by
Reply

Yesterday I ran into a devil of a time with a HP Pavilion slimline workstation at work. This machine was beyond it’s warranty with HP, so no help from them. I had a machine that presented these symptoms:

  • Computer powers up normally.
  • All BIOS-level diagnostics pass.
  • No error codes or beep codes whatsoever.
  • Once the HP BIOS Splash screen fades, the computer should boot into Windows. In this case, Windows 7. It does not. The computer reboots into the HP BIOS Splash screen. Ad infinitum.
  • You can enter BIOS Setup, you can also access the Boot Menu to select other boot sources, however the F11 key to start System Restore is unresponsive.
  • All first-tier efforts to clear the error were taken. BIOS reset to factory conditions, as well as holding down the power button to clear the power supply controller. None of these resolved the issue.

I then plugged in a copy of Knoppix that I downloaded and installed on a USB memory stick. I could have also burned the ISO file to a DVD and used that as well, but the USB was handy. When I use Knoppix this way, I like to enter this “Knoppix Startup Cheatcode” into the prompt right after it boots: “knoppix 2” (without quotes, of course) and this starts the Knoppix system in  the INIT 2 run level, which is single-mode text only interface. I don’t need X-Windows, and in this case, that just gets in the way.

Once at the CLI for Knoppix, I figured the boot flag, the boot manager, or the MBR was shot for the primary partition on the hard drive in the machine. Diagnostics indicated that the primary hard drive was fine, so it wasn’t a physical failure in the HD. I knew that the first (and only) hard drive in systems like these were most likely /dev/sda, you could search the “dmesg” log if you have doubt on where in the /dev the primary hard drive is. Knoppix has the “fdisk” command, so that was my next stop. I knew that this particular HP machine had a Windows Recovery partition stuffed in it, so when I started “fdisk” I displayed the partition map and there were three partitions: /dev/sda1, /dev/sda2, and /dev/sda4. I looked at the sizes and figured that the biggest one was the damaged partition, the middle one was probably for swap or scratch or something, and the last one seemed sized properly for the recovery partition. Honestly it was a guess. I turned the bootable flag on for /dev/sda4 and then off for /dev/sda1, then wrote the partition map to disk and then issued the command “shutdown -r now” to reboot out of Knoppix. Technically you could have just unplugged the machine, but I’m a big fan of orderly shutdowns even when the consequences are irrelevant – it’s a good habit to have.

The machine booted to the HP BIOS Splash screen, and then Windows Recovery started. Once the recovery partition got going I noticed a cutesy HP menu appeared offering me a selection of options. I started out with the simplest option which was something like “Microsoft Windows Boot Recovery” and it ran for maybe a second and then offered to reboot. I went for the reboot and that fixed the issue. Windows started but instead of a regular startup it went to the recovery menu, which I found fine since that was where I was going to go anyways by pounding the F8 button like a madman. I selected “Safe Mode With Networking” and then plugged in my USB memory stick containing TRON and got TRON working on the system.

Once TRON was done, I rebooted and let chkdsk naturally freak out about the structure of the NTFS partition in /dev/sda1. Chkdsk did what it had to do, and the system booted normally. I then set it for redeployment.

I figure if anyone else has this issue, this blog post might be helpful. If it helped you out, and you’re willing, maybe dropping a wee tip in Bitcoin or Dogecoin would definitely be appreciated.

Sandboxing FTW

Posted on by
Reply

After I reminded people that I offer a complimentary attachment checking service through my office I got a submission from one of our warehouse operators in Texas. It was an oddly-named attachment called UmjSJCk.zip. I saved it to my Mac and opened Terminal. Then unpacked the zip file and it unpacked to Quotation.exe. I giggled a bit when I ran the file command on it and saw that it was a Windows executable. Exactly what I expected. So I put it in a folder called sandbox and started my copy of Windows XP that I have in VirtualBox. The OS has it’s hard drive set to immutable, so any changes or write activities that the OS does is not sent to the VHD image, but rather to a “snapshot” VHD image on the side. Each time I start the OS, it’s as if I am starting it for the first time, because when an immutable VM finds something (anything) in the snapshot folder, it dumps it first then creates a new snapshot image for writes. I make sure the sandbox can’t see anything beyond my Mac by assigning it’s LAN connection as a Host-Only Adapter. That means that the VM can only see VirtualBox’es fake network host and nothing else.

So start this sandbox Windows XP, mount the sandbox folder as a drive to the sandbox – set as Read Only also, by the way, no baby-backwash here… and then double-clicked on Quotation.exe. It loaded a process and started to grope the network connection. Of course it did. So, with the bug trying it’s best to reach out and fetch it’s payload I clicked on the little red close control and told VirtualBox to power off the virtual machine.

Poof. All gone. Changes and everything. Then I dumped the sandbox contents.

I think whats more concerning here is that my scan using ClamAV on my Mac in regards to this data showed no infected data. Well, it certainly was trying to be nasty.

Then I start to wonder about the inherent usefulness of VirtualBox when it comes to airgapped computing when it comes to privacy and really being paranoid about encryption. But then I realize that when I turn off my Airport on my MBP, that it’s just as good as anything I could screw around with in VirtualBox. An infection in my MBP? Heh… piff.

I say hello, I say goodbye…

Posted on by
Reply

For a few months I’ve used an app called Platypus on my Mac to create a pseudo-app that bundles a bash shell script which instructs my Mac to open various applications that I want to use during the day. What I want is very specific, I want to be able to login quickly to a idle Mac, but I want to have one icon to click on to start an entire host of applications, if I want to. The overall solution would of course be to mark every app as “Open on Login” but I don’t want them all to open each and every time I log-in, I’m picky. The bash script uses the open command to open applications. This command works well enough, but it leaves my screens littered with open application windows. This is not exactly what I want. I want all my applications to be opened, then I want them to be hidden. Cake and eat it too.

This morning, on a lark, I investigated alternatives to using Platypus. I know there is AppleScript, but I never really delved very deeply into the language. A little browsing and some tinkering and I have exactly what I want:

tell application “Mail” to activate
tell application “Firefox” to activate
tell application “iTunes” to activate
tell application “/Applications/Yahoo! Messenger.app” to activate
tell application “Stickies” to activate
tell application “Remote Desktop” to activate
tell application “Server Admin” to activate
tell application “Evernote” to activate
tell application “iCal” to activate
tell application “iChat” to activate
delay 0.5
tell application “Finder” to set visible of process “Mail” to false
tell application “Finder” to set visible of process “iTunes” to false
tell application “Finder” to set visible of process “Yahoo! Messenger” to false
tell application “Finder” to set visible of process “Stickies” to false
tell application “Finder” to set visible of process “Remote Desktop” to false
tell application “Finder” to set visible of process “Server Admin” to false
tell application “Finder” to set visible of process “Evernote” to false
tell application “Finder” to set visible of process “iCal” to false
tell application “iChat”
set minimized of window “bluedepth@gmail.com” to true
set minimized of window “andymchugh@atlas.dev.wmich.edu” to true
set minimized of window “AIM Buddy List” to true
set minimized of window “andy.mchugh@chat.facebook.com” to true
end tell

This script, shoved into an Application icon opens up every app I want in the morning, then hides them, except for iChat, it minimizes every window but my Bonjour list. I discovered that if I accidentally have a volume open when I run the script and there is an application in the volume and I ask that it be activated, the Mac is confused and asks me to pick the application from the list – so for Yahoo I had to explicitly state which one I wanted. Not a bug, just me being lazy.

The flipside of this also occurred to me. In the evenings I want to close all my applications. I could of course rely on the log-out procedure to do all the mopping up but there are some apps I use, like GroupWise and VirtualBox that can upset the log-out sequence. This script unmounts all volumes and then quits all open applications. That way I close all my apps before I log-out. Again, with the lazy:

tell application “Finder”
set bootDisk to name of startup disk
set otherDisks to every disk whose (name is not bootDisk)
repeat with myDisk in otherDisks
try
eject myDisk
end try
end repeat
end tell

tell application “System Events” to set the visible of every process to true
set white_list to {“Finder”}
try
tell application “Finder”
set process_list to the name of every process whose visible is true
end tell
repeat with i from 1 to (number of items in process_list)
set this_process to item i of the process_list
if this_process is not in white_list then
tell application this_process
quit
end tell
end if
end repeat
on error
tell the current application to display dialog “An error has occurred!” & return & “This script will now quit” buttons {“Quit”} default button 1 with icon 0
end try

Yay for Lazy! 🙂