• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login
    1. Home
    2. Mapaga
    M
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 2
    • Best 0
    • Controversial 0
    • Groups 0

    Mapaga

    @Mapaga

    0
    Reputation
    1
    Profile views
    2
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    Mapaga Unfollow Follow

    Latest posts made by Mapaga

    • RE: Windows 7 Deployment Error

      @sebastian-roth Hi Sebastian thank you very much i´ll give it a try with Raw Image capture an see how it goes. Just for curiosity, why is it important to caputre all partitions?.

      posted in FOG Problems
      M
      Mapaga
    • Windows 7 Deployment Error

      Hi everyone, i have tried to setup a FOG deploy enviroment for a single machine where malware samples are run. Idea is that after samples are run a fog deploy task is triggered to leave the computer on a clean state.
      My expierence with FOG has been succesfull until i tried to work with real hardware for executing the samples. Here is my setup

      The FOG server is on a ubuntu 18.04 virtual machine under vmware workstation, version 15. The computer where samples are run is a sony vaio model PCG-31111M (from 2010). After configuring the operating system as required i launched a capture task which worked perfectly. Later the deploy task was successfull but when rebooting the computer after the deploy the computer was unable to boot. It just printed the message “Windows failed to start. A recent hardware or software change might be the problem…”.

      I have been looking that there are some issues with windows 7 (https://wiki.fogproject.org/wiki/index.php/Vista_Image_says_0xc000000e_\windows\system32\winload.exe_can_not_be_loaded) but on the message i see there is no trace, not even a file name or dll name. So this makes me doubt whether i have the same problem or not.

      Details about the captured image are:

      • ZTDS with level 6 compression was used
      • Type: Multiple partition single disk not resizable
      • All partitions were selected
      • I didn´t used sysprep before capturing since i am deploying the image on the same computer.

      To recover the computer i need to use the instalation disk since the recovery partition was also overwritten and it is unreadable now. Since after restoring the computer i´ll try again to capture the image with FOG is there something i did incorrectly that is leading me to this error?.

      I am considering that maybe capturing all the partitions including the MBR and the recovery partition is not a good idea, maybe i should run sysprep although i am deploying on the same machine.

      Any help is welcomed, thanks in advance.

      posted in FOG Problems
      M
      Mapaga