Multiple Operating Systems
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Multiple Operating Systems

  1. #1
    Junior Member
    Join Date
    Feb 2005
    Posts
    6

    Multiple Operating Systems

    I currently run a system that includes 3 different MS Operating Systems. On my C: drive (physical) is Windows 2000 Pro, on my D: drive (partition 1 of 2nd physical drive) is Windows XP Pro, and on my E: drive (partition 2 of 2nd physical drive) is Windows 98SE. My default operating system is WinXP.

    I am having a problem with a certain virus that continues to spawn - a Trojan Dropper (sorry, I don't recall the name off-hand as I'm not on my home PC at the moment). The AV that I'm running tells me that it's on the system but whenever I run a scan, it is unable to locate it. Feeling that it might be a registry problem, I downloaded an anti-ad/spyware program and installed it on WinXP, only to find that it consistently scan the wrong registry. It scans the Win2000 registry and naturally, since the virus is NOT on that OS, it cannot find it, nor can it find anything related to XP. I'm at a loss as to what to do. I've tried following the technical support recommendation that the same program be installed on all operating systems but it still doesn't work. The same registry is scanned each and everytime, no matter which OS I'm currently running. That's well and good if I happen to be using Win2K but does me absolutely no good should I be running one of the others. Any suggestions about how I might get around this problem and scan the correct registry?

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    you know I have gotten false positives from anti virus products....

    And also missed malware.

    Thats why I always double check with an online anti virus scanner.

    Also I would reccommend using an anti spyware product...Which needs to be installed in all OSes (same with your AV ) cause viruses\malware can run as system processes.

    Also...with XP..did you disable the system restore feature???

    Are you running the scan in each OS...or from just one OS and scanning the other drives???

    Sorry..I am confused

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Junior Member
    Join Date
    Feb 2005
    Posts
    6
    System restore is disabled.

    As for the AV program, because one of the OS is Win98SE, it is incompatible with the AV program I'm running on both XP and 2000 (I run a different one on Win98). As for the Anti-spyware program, that has not been installed on the Win98 partition but has been installed on the other 2. I'll have to check the compatibility issue to see if it's Win98 compatible... many programs released nowadays are not, as I'm sure you are aware.

    As the current virus only appears when I'm running XP, and does not appear on the other 2 OS, I can only conclude that the virus is only affecting XP. AV scans have been done (with 2 different AV programs on ALL files for all OS and data (I have a 3rd partition that contains data only - no OS).

  4. #4
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Ad-Aware installs on 98 and is free.

    An online AV scanner shouldnt care what windows OS you are running...but the browser version may matter.


    If you have 2 antivirus installed in the same os...that could very well be your issue.

    They will see eachother as a virus......

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #5
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Do I have this right, You boot by default into Windows XP which is on your D: drive not Windows 2000 which is on your C: drive?

    How is your system configured?As in do you have a RAID system or is your D drive slaved from your C drive?

    How does it boot by default to an OS that is on your D drive?

    What was the removal program you downloaded?

    As to your problem, can you browse manually to to registry and scan it that way?
    You could back up Win XP's reg and store it on your WIN 2000 partition and scan it from there.
    A crude way would be to disconnect your C drive then try scanning again.
    Have you tried scanning from safe mode?

    From within WIN XP start msconfig from the run prompt ans select the BOOT.INI tab, what does it say under Default? Also under Operating systems, does all the partition info tie in with the way you think your hard drives are configured? Try this will all your O/S's and check they are saying the same thing.



    A bit more info about your setup could be helpful here!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Multiple OSes can be a bit confusing. I suggest you go into all Av and Spy/Adware programs and empty the quarantine.

    Then empty all browser caches and history, and be sure to empty the Java cache as well

    then update your AV and run it in safe mode.

    Good luck

  7. #7
    Junior Member
    Join Date
    Feb 2005
    Posts
    6
    My hardware configuration is as follows: C: is the Master, D: is the Slave. When I bought my new system, it didn't come with an operating system so I transported the C: drive from another system to this one, then picked up WinXP at a later date and installed that on the D: drive. Also, since I'm an avid game player and I have a lot of older games, as well as Win98, I decided to install that as well since, despite Microsoft's claim that you can run just about anything by changing the compatibillity setting, they're wrong.

    I downloaded the free scan version of AdwareSpy (won't remove anything unless it's registered but that's okay - I just want to see if I've been infected with any spy/adware for the moment).

    I would prefer not to mess around with the hardware if I possible can help it. It took me long enough to configure it the way it is now and for the system to accept the settings. As I'm sure you are aware, installing multiple operating systems prompts you with a choice to pick one to boot, unless you modify the settings to boot automatically (there's a 15 second delay on my system and if no key is pressed, WinXP is the system that boots up by default).

    I have yet to do an online scan because I'm not particularly comfortable using IE but it seems I have little choice in the matter. Most of the online scanners available are written with IE as the default browser. I prefer to use Firefox if possible as I think it's a much better program with more options (plus I'm more comfortable with it).

    As it is right now, Trend Micro, which is my AV scanner continues to tell me that I have a TROJ_DLOADER.AZ virus on my system, yet when a full scan is performed, it cannot be found. That's the reason I believe the problem may lie in the registry.

    With Microsoft's supposed know how, it should be possible to scan a registry from the operating system you are currently using but for some reason, this does not seem to be the case. For whatever program I use, the default registry scanned (whatever operating system happens to be on the C: drive) is the one on C:. This, of course, is totally unacceptible and virtually useless (though not entirely).

  8. #8
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Strange how trend micro is the only AV detecting TROJ_DLOADER.AZ on your system, yet when I enter TROJ_DLOADER.AZ into google the only results that appear are all related to Trend Micro or Sophos (a division of TM). Even on MSN or Yahoo I only get trend micro or sophos related results.

    Maybe its me being a search engine mong, I dont know but it could have something to with why Trend Micro is the only AV able to detect it on your system?
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  9. #9
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    Bloody hell use the holy trinity beaver:

    Spybot search and Destroy
    Adaware se v1.05
    HiJackThis
    Any of these prog will only scan the registry of the ACTIVE OS..
    you will need to install on each OS and individually scan them..

    And be sure to follow nihils advice first
    Then empty all browser caches and history, and be sure to empty the Java cache as well
    As well empty the c:\windows\temp folder (oh thats c:\winNT\Temp on the Win2k machine)
    in winXP clear the contents of the c:\windows\prefetch folder as well, clear the TIF, recycle bin..

    OH: BTW: When the malware file is detected WHERE IS IT?

    these things WILL set them selves as System Hidden files.. so you need to have an idea where it lives then you can kill it iuseing the command prompt.. you may need to use the attrib command to snot the bugger
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  10. #10
    Junior Member
    Join Date
    Feb 2005
    Posts
    6
    Trend Micro Internet Security does not run in Safe Mode. I tried this last night.

    Though I will take your (Und3ertak3r) suggestions under advisement, I'm not particularly thrilled with any of those software progams - I've used SpyBot and Adaware before - though I can't give a positive or negative assessment on HiJackThis.

    The SPYW_ is always located in Local Settings/Temp. I've even cleared that completely, including hidden and system files (if any) and yet the message window continues to pop up.

    Not only is it very strange, but highly suspicious as well. I find it difficult to believe that ONLY Trend Micro is aware of this particular virus' existance. It just doesn't seem feasible that both Norton and McAffey (probably 2 of the biggest AV companies) don't know that it even exists. I'm not putting Trend Micro down as it's found stuff that Norton has not (trial tests). I even like it better than Norton, but this is too strange for explanation.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •