Is Tamper Protection really worth leaving enabled?

I have to question whether it is more of a nuisance than a help after an incident that occured today.

My system froze due to what was clearly a non-malware related issue.  So I had to do a hard shutdown.  When the system rebooted I got some ominous error about how XP could not make an image of my registry and could not restore something-or-other.  My desktop (including icons) and appearance settings were all back to how they looked the first day I had the pc. It appeared my programs were now on the (re-formatted) start menu, although I did not test them.

The NIS icon was gone -- maybe a good thing, as you'll see.  I rebooted into Safe Mode and did a System Restore.  This brought things back to nearly normal, with the major exception that the NIS icon was gone, even though ccSvcHst was running (with a CPU of zero) and the NIS service (I still have 17.1.0.19) was shown as running in services.  I could NOT get the icon back by starting NIS 2010 from the Start Menu.  To see if NIS was REALLY functioning even though the interface was gone, I briefly went back online and downloaded the simplest version of the eicar test virus, and a context-menu scan of it (for some reason that option was still there) indicated no problem.  So clearly NIS was hosed.

So I tried to do another System Restore to a day earlier, and this time I got the "can't restore" message that Tamper Proection causes unless temporarily disabled.  But I couldn't disable Tamper Protection because, as I said, I couldn't get the settings interface to come up.  So I have to assume that somehow Tamper Protection was still active and that that's why all my further System Restore attempts came up as "can't restore."  Nice little catch-22 there.  So I had to reinstall NIS.

So is it worth having Tamper Protection enabled if it can keep you from doing a System Restore after a non-malware-related crash that hoses much of NIS -- but apparently leaves Tamper Protection running and non-dsable-able?

On a related note:  Does Tamper Protection function in Safe Mode?  If not, maybe that is why I was able to do that first restore, and offers a solution to the catch-22.

Also:  Even though I have tracking-cookie scanning set to "ignore" on my *other* NIS 2010 pc, and have not made any settings changes (and, as I said, have NOT yet been upgraded to the brand new inline release), a scan I did today reported tracking cookies.  So I checked and the setting has changed to "ask me."  Ever heard of something like this happening spontaneously?

Thanks, SendOfJive!  That nicely addresses just about every question and concern about what happened.  I did see the message "Windows cannot load your profile because it may be corrupted. You may be logged in using a temporary User Profile."

BTW, I tried to reply awhile ago but while the site would let me click "Solved!" it wouldn't let me post at the time due to maintenance, presumably related to implementation of the new look I see here today.

Is Tamper Protection really worth leaving enabled?

I have to question whether it is more of a nuisance than a help after an incident that occured today.

My system froze due to what was clearly a non-malware related issue.  So I had to do a hard shutdown.  When the system rebooted I got some ominous error about how XP could not make an image of my registry and could not restore something-or-other.  My desktop (including icons) and appearance settings were all back to how they looked the first day I had the pc. It appeared my programs were now on the (re-formatted) start menu, although I did not test them.

The NIS icon was gone -- maybe a good thing, as you'll see.  I rebooted into Safe Mode and did a System Restore.  This brought things back to nearly normal, with the major exception that the NIS icon was gone, even though ccSvcHst was running (with a CPU of zero) and the NIS service (I still have 17.1.0.19) was shown as running in services.  I could NOT get the icon back by starting NIS 2010 from the Start Menu.  To see if NIS was REALLY functioning even though the interface was gone, I briefly went back online and downloaded the simplest version of the eicar test virus, and a context-menu scan of it (for some reason that option was still there) indicated no problem.  So clearly NIS was hosed.

So I tried to do another System Restore to a day earlier, and this time I got the "can't restore" message that Tamper Proection causes unless temporarily disabled.  But I couldn't disable Tamper Protection because, as I said, I couldn't get the settings interface to come up.  So I have to assume that somehow Tamper Protection was still active and that that's why all my further System Restore attempts came up as "can't restore."  Nice little catch-22 there.  So I had to reinstall NIS.

So is it worth having Tamper Protection enabled if it can keep you from doing a System Restore after a non-malware-related crash that hoses much of NIS -- but apparently leaves Tamper Protection running and non-dsable-able?

On a related note:  Does Tamper Protection function in Safe Mode?  If not, maybe that is why I was able to do that first restore, and offers a solution to the catch-22.

Also:  Even though I have tracking-cookie scanning set to "ignore" on my *other* NIS 2010 pc, and have not made any settings changes (and, as I said, have NOT yet been upgraded to the brand new inline release), a scan I did today reported tracking cookies.  So I checked and the setting has changed to "ask me."  Ever heard of something like this happening spontaneously?

Hi Ardmore,

You're welcome, and I'm glad my hunch about the temporary profile was useful.  Hope everything is back to running normally for you.