Not what you are looking for? Ask the experts!
Tamper Protection More Hindrance Than Help?
Is Tamper Protection really worth leaving enabled?
I have to question whether it is more of a nuisance than a help after an incident that occured today.
My system froze due to what was clearly a non-malware related issue. So I had to do a hard shutdown. When the system rebooted I got some ominous error about how XP could not make an image of my registry and could not restore something-or-other. My desktop (including icons) and appearance settings were all back to how they looked the first day I had the pc. It appeared my programs were now on the (re-formatted) start menu, although I did not test them.
The NIS icon was gone -- maybe a good thing, as you'll see. I rebooted into Safe Mode and did a System Restore. This brought things back to nearly normal, with the major exception that the NIS icon was gone, even though ccSvcHst was running (with a CPU of zero) and the NIS service (I still have 188.8.131.52) was shown as running in services. I could NOT get the icon back by starting NIS 2010 from the Start Menu. To see if NIS was REALLY functioning even though the interface was gone, I briefly went back online and downloaded the simplest version of the eicar test virus, and a context-menu scan of it (for some reason that option was still there) indicated no problem. So clearly NIS was hosed.
So I tried to do another System Restore to a day earlier, and this time I got the "can't restore" message that Tamper Proection causes unless temporarily disabled. But I couldn't disable Tamper Protection because, as I said, I couldn't get the settings interface to come up. So I have to assume that somehow Tamper Protection was still active and that that's why all my further System Restore attempts came up as "can't restore." Nice little catch-22 there. So I had to reinstall NIS.
So is it worth having Tamper Protection enabled if it can keep you from doing a System Restore after a non-malware-related crash that hoses much of NIS -- but apparently leaves Tamper Protection running and non-dsable-able?
On a related note: Does Tamper Protection function in Safe Mode? If not, maybe that is why I was able to do that first restore, and offers a solution to the catch-22.
Also: Even though I have tracking-cookie scanning set to "ignore" on my *other* NIS 2010 pc, and have not made any settings changes (and, as I said, have NOT yet been upgraded to the brand new inline release), a scan I did today reported tracking cookies. So I checked and the setting has changed to "ask me." Ever heard of something like this happening spontaneously?Message Edited by Ardmore on 01-14-2010 10:34 PM