when i boot in to win me It thinks I have a virus in mbr

Then you need to get a different virus scanner.
This isn't something we can fix.

I completly reformated the hard drive and did a fresh install of windows me.I use the best scanner I can get. The scanner does not show a virus.. Windows mbr has been changed by by grub2 and it does not like it. This is a bug in grub2.

Am Samstag, den 08.08.2009, 12:34 +0000 schrieb Dave Stroud:
> I completly reformated the hard drive and did a fresh install of windows
> me.I use the best scanner I can get. The scanner does not show a virus..
> Windows mbr has been changed by by grub2 and it does not like it. This
> is a bug in grub2.

Well we have now a debconf prompt to run grub-install.
If you choose a device there then of course the MBR code can change.
If not then grub-install doestn't get run and the MBR doestn't change.
But if your virus scanner thinks this is a virus the bug is there not in
grub2.

--
Felix Zielcke
Proud Debian Maintainer

My virus scanner does not think there is a virus in the mbr,windows says there is a corrupt file or a virus in the mbr. It will not load everything. I never had this problem before grub2. The only reason I want to run win. is because I cant run my printer on ubuntu. There is no deb for my driver. The rpm will not convert to deb. I can not install it in windows because of what has been put into grub. If you dont know about this,let spomeone else look at it. Thank you for your time.

just to check this out I uninstalled grub2 and installed grub. Windows booted normal. Not warning of any virus. Reinstalled grub2 and I now cannot boot properly into windows again. t says I have a virus.Please some one needs to fix this. thanks

Sorry, but we simply can't fix this. It's a bug in Windows, or in your virus scanner. GRUB 2 does not contain a virus, and so it is clearly a false positive.

Have you tried reporting this to either Microsoft or your virus scanner manufacturer, whichever is appropriate in this case? They have an interest in avoiding false positives, since it tends to make people turn virus scanning off which reduces the overall security of their system.

There is no virus and no virus scanner says there is. The old grub works fine. Grub2 does not.Therefore its a bug in grub2.Maybe it should be fixed upstream. it just needs to be fixed.Win. loads its just not useable. M E is not supported and microsoft could care less.I might add that I have been using ubuntu since 6.06 and never had this problem before.I am just trying to do my thing and report bugs when I find them,and am trying to help the cause. I dont know how to code or I would just fix it myself. If it was written RPG or cobal I could. I have a degree in computer science and the very first thing that we were taught was that computers do just what they are told to do. This is not the only problem I have with grub2. Its not booting another linux I have on another partition. Sorry but I am just trying to help.

As a workaround, you should try chainloading Grub2 from ntldr instead of chainloading ntldr from Grub2. This will remove the need of replacing the MBR, so Windows ME shouldn't complain anymore about a "virus" in your MBR. There are numerous tutorials everywhere on the Internet to do so.
Grub2 works just fine, and it is not the goal of the developper to make it stealth and able to pass through systems that do a MBR check on bootup. However, it is true that it doesn't support yet choosing the chainloading order and that it could be added to the wishlist.

That is what I was doing up until tonight. The last update wiped it out and now I am back to a useless windows. The only reason I am using it it because I have to run my printer on it, because its not supported on ubuntu. I am sorry but the developers do need to pay attention to this.Thats what has made ubuntu good up until now.Grub legacy did not do that why should grub2 do it?This is testing and I am pointing out a bug in grub2 I just expect that ubuntu shold follow up on this.

GRUB 2 is not the same pattern of bits as GRUB Legacy.

I continue not to understand why it is a problem in GRUB 2 that *some
other software* incorrectly thinks it's a virus ... it's unfortunate,
certainly, but it is the fault of *that other software* surely? If you
want us to do anything about this, I'm afraid you're going to have to
explain more clearly how this is something that GRUB 2 can do anything
about. Have you contacted Microsoft about this problem? If not, why not?

I do appreciate that you're just trying to help, by the way, and I acknowledge that this is a problem; I just see no way it can be fixed here, other than simple dumb luck. As far as I can see you're trying elsewhere to elevate this to something that means that GRUB 2 shouldn't be the default, and I don't think that that is warranted just because Windows ME (which as you point out yourself is unsupported) doesn't like it ... what if Windows took a dislike to some other piece of free software?

Dave, can you take a screenshot, or take a photograph of your monitor when this Warning screen is displayed?
That might help us understand why this is happening.

Thanks.

On 08/27/2009 03:57 AM, Colin Watson wrote:
> GRUB 2 is not the same pattern of bits as GRUB Legacy.
>
> I continue not to understand why it is a problem in GRUB 2 that *some
> other software* incorrectly thinks it's a virus ... it's unfortunate,
> certainly, but it is the fault of *that other software* surely? If you
> want us to do anything about this, I'm afraid you're going to have to
> explain more clearly how this is something that GRUB 2 can do anything
> about. Have you contacted Microsoft about this problem? If not, why not?
>
>
I fail to understand why you think its not the fault of grub2,When grub
never did it before.Me is a dead os no longer supported. You know as
well as I do what ms will say or do. Thats why I use ubuntu. Ubuntu is
supposed to be better.It was up till now.

On 08/27/2009 04:24 AM, Jordi Mallach wrote:
> Dave, can you take a screenshot, or take a photograph of your monitor when this Warning screen is displayed?
> That might help us understand why this is happening.
>
> Thanks.
>
> It happens after windows logs in. I not sure if I can capture it. But will try. When you go into control panen and system. It tells you that it has disabled most things and is operating in a reduced mode. Thank for your interest

On 08/27/2009 04:23 AM, Colin Watson wrote:
> I do appreciate that you're just trying to help, by the way, and I
> acknowledge that this is a problem; I just see no way it can be fixed
> here, other than simple dumb luck. As far as I can see you're trying
> elsewhere to elevate this to something that means that GRUB 2 shouldn't
> be the default, and I don't think that that is warranted just because
> Windows ME (which as you point out yourself is unsupported) doesn't like
> it ... what if Windows took a dislike to some other piece of free
> software?
>
> windows allready has a dislike free software.

No one is faulty here.
* Grub2 is installed on the MBR to be the default bootloader of your system.
* Windows ME implements a protection scheme that check wether the MBR has been modified or not.
For some reason, Windows failed to detect Grub Legacy (well, there I can think that Windows ME was faulty here). But afaik, there was no workaround in Grub code to support Windows ME. Also, the MBR code hasn't really changed between Grub Legacy and Grub2, so I see ne reason why Windows ME complain. Have you checked if there's a way to deactivate this behaviour under Windows ME?
Also, if you are fluent with command lines, can you please send the output of the command (suppossing /dev/sda is your boot device)
~$ sudo dd if=/dev/sda bs=512 count=1 | hexdump -C
in these two different cases
* With Grub2 installed and Windows ME complaining about a virus in the MBR
* With ntldr installed (e.g. after a fixmbr)
This will dump the content of the MBR into hexadecimal.

I've recently run into this problem. From my own experience, and looking around on the net, the cause seems to be that something in the handling of chainloading or drive mapping has changed since grub-legacy, and Windows 95/98/ME thinks that it was booted from the MBR of a drive with grub on it instead of its own MBR (thus the false-positive bootsector virus detection and the use of compatibility mode). If the machine was booted with grub-legacy, or if BIOS is set to bypass grub2 and boot directly from the Windows' drive, Windows detects its own MBR and boots normally.

Grub2 isn't doing anything with the MBR(s) that grub-legacy didn't do. What it *is* doing, however, is setting the machine up in such a way that Windows checks the wrong disk when doing the MBR check, sees the Grub MBR, and thinks the MBR has been modified.

In short, there seems to be a regression between "map" in grub-legacy and "drivemap" in grub2 (or perhaps between "chainload" in grub-legacy and grub2) that causes Win95/98/ME to check the MBR on the wrong drive when booted from Grub2, but not when booted from grub-legacy or straight from BIOS.