Mainframeguy
Debiant by way of Ubuntu
- Joined
- 29 Aug 2002
- Messages
- 3,763
I have a network of four here and the third down the line, my AMD 1600+ has recently become highly unstable. Typically I am seeing two BSOD's a day, when there used to be hardly any.
There is some history to this, because this is one of the shared machines (one and two are mine alone) and someone allowe GAIN software to sneak on. I cleaned that out but a couple of days ago I had a virus alert, which the relevant user had to clean. However in the process a lot of hijacking occured - to clean this I went back to a restore point two days prior.
Things seemed almost OK until yesterday I discovered that the main secondary user was running with no AV enabled 😱 and, to make matters worse, when I tried to enable it told me it could not because a task (VSTSKmgr I think) needed to be started, then offered to start the task for me, but failed to do so 😱 Which meant AV could not be started.
The AV is up to date and I have scanned and found nothing. I can run the AV, and do, on my own account. This second account has admin privileges too - maybe I should demote them for now? But what is it that is stopping them being able to run AV? Is it a legacy of the virii they have had? Or is there some bloatware or spyware that is interfering?
I am attaching a hijackthis! log and would welcome any advice and opinions...
There is some history to this, because this is one of the shared machines (one and two are mine alone) and someone allowe GAIN software to sneak on. I cleaned that out but a couple of days ago I had a virus alert, which the relevant user had to clean. However in the process a lot of hijacking occured - to clean this I went back to a restore point two days prior.
Things seemed almost OK until yesterday I discovered that the main secondary user was running with no AV enabled 😱 and, to make matters worse, when I tried to enable it told me it could not because a task (VSTSKmgr I think) needed to be started, then offered to start the task for me, but failed to do so 😱 Which meant AV could not be started.
The AV is up to date and I have scanned and found nothing. I can run the AV, and do, on my own account. This second account has admin privileges too - maybe I should demote them for now? But what is it that is stopping them being able to run AV? Is it a legacy of the virii they have had? Or is there some bloatware or spyware that is interfering?
I am attaching a hijackthis! log and would welcome any advice and opinions...