Tech Problem Aggregator

System Protection is OFF

Q: System Protection is OFF

My System in "System Properties" has its "Protection" as OFF
Start > Control Panel > System > System Protection > System Properties (dlg) > System Protection (tab)


I am trying to clean up my Registry after uninstalling "CutePDF"
- three lots of bundleware with one double negative opt-out that I thought I had outsmarted
- CutePDF do not supply an "uninstaller" any more for their free CutePDF
- Revouninstaller did not detect any registry items
- CCleaner does not find any of the CutePDF registry entries
- a manual trawl/search has found two keys each with 29 data entries
- created a restore point, as insurance
- disabled the "CutePDF" keys by renaming the keys with a "_obs" affix string
- rebooted and no problems
Q1: Should the "System" protection be Off or ON
- my inclination is to change it to ON
- but I would like to check with those who really know first (no guesses)

I know ... I know ... an image would have been simpler
- but I am not "there" yet ... when my busy meter slows down to insane

A: System Protection is OFF

It should be on if you want the protection of system restore.

9 more replies
Answer Match 46.62%

I've had the System Integrity Scan Wizard, PC-Antispyware, and Security System Protection Control Panel popups. They've been very stubborn but after reading some of the posts here and running Spybot, Adaware, SmitfraudFix, Panda Activescan, Housecall, Stinger Avert, Windows Defender, and SDFix, I am now getting only one popup, which shows up as a blank white rectangle in the center of the screen (and now I can't click "Close" to get it off the screen, since the "Close" option is missing). From the size & shape, I believe it's the Security System Protection Control Panel. Would you please review my HijackThis log? Also, in some of the posts I've noticed recommendations to update Java. Is that needed in my case? Thanks very much for your help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:55 PM, on 3/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Sh... Read more

A:System Integrity Scan Wizard, Security System Protection Control Panel

The blank popup appeared to be repopulated with information over time...apparently the spyware refreshed itself. I also learned from Task Manager that all of my popups were from the System Integrity Scan Wizard. After some more searching, I found the name (in my case, yzqrqzkp.exe) and told Norton Firewall to block it from accessing the internet. I used HijackThis to fix it and then deleted it and a namesake (YZQRQZKP.EXE-1253B76A.pf) from Windows\Prefetch (not sure that was necessary but deleted it anyway). My only concern is that from what I read, there should have been another copy in \Local Settings\Application Data, which I didn't find. I updated Java per instructions in another post, also turned System Restore off and on. I think the PC is now clean, but would you review my latest HijackThis log to be sure? Thanks very much.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:05:26 AM, on 3/30/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Syman... Read more

14 more replies
Answer Match 46.62%

I've had the System Integrity Scan Wizard, PC-Antispyware, and Security System Protection Control Panel popups and my backround change to a blue colour. After reading some of the posts here and running Spybot Search and Destroy, Ad-Aware 2007, RegCure and Malwarebytes Anti-Malware it seems as if that problem was solved, but now everytime I put my pc on I get these messages:The first one says "rundll32.exe - Bad Image : The application or DLL C:\WINDOWS\system32\qpfrsnow.dll is not a valid Windows image. Please check this against your installation diskette" and the second one says "RUNDLL -Error loading C:\WINDOWS\system32\qpfrsnow.dll%1 is not a valid Win32 application".The disk that I got when I bought my pc was Windows XP Home Edition SP1. I downloaded SP2 from the internet.I'm attaching all of the logs you need to assist me, because I don't know if and how badly my pc is still infected.I attached 4 log files: 1. DSS Main.txt 2. DSS Extra.txt 3. Kaspersky 4. DSS Main.txt - after the Kaspersky reportThank you for taking the time to look into my problem.DSS MAIN.TXTDeckard's System Scanner v20071014.68Run by Parratjie on 2008-04-17 09:29:31Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------... Read more

A:System Integrity Scan Wizard, Security System Protection Control Panel

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =O4 - HKLM\..\Run: [e43075dd] rundll32.exe "C:\WINDOWS\system32\qpfrsnow.dll",b================Click Start -> Control Panel -> Add Remove Programs and uninstall these programs:J2SE Runtime Environment 5.0 Update 11 Java? 6 Update 2 Java? 6 Update 3 Java? SE Runtime Environment 6 Update 1Reboot and post a new hijackthis log.

37 more replies
Answer Match 46.62%

I have windows 7 home premuim 64 bit
I went to create restore point on my new dell and after about an 1/2 hour of waiting for SR to open up I got this:

You have no Restore Points. Use System Protection to create restore point.
When I attempt to turn on System Protection, it doesn't show any drives available when it opens -- it just says that it's searching for available drives and it keeps searching and doesn't stop. Eventually, I'll receive the following Error Message:

"There was an unexpected error in the property page: System Restore encounter an error. Please try to run System Restore again (0x81000203)." also all button are greyed out. I wanted take an image to show you but that's not working either. Is there hope?

Thank you.

 

A:Windows 7 Home Premuim System Restore and System Protection not working.

16 more replies
Answer Match 46.62%

My PC is infected with 3 malware popups named Security System Proctection Control Panel, System Integrity Scan Wizard and Security System Warning (the last one telling me I have Abebot). I have tried to get rid of them with Kaspersky Antit-Virus, Adaware, spyware sweeper, and SpybotSD, but they are still running. I didn't run the online scan by Kaspersky because I have the most recent version installed and running on my PC. When I ran a rootkit scan with KAV, it took just over four hours and reported my PC was clean. So for whatever reason Kaspersky is not picking up these three forms of malware. Following all other directions on your preliminary instruction list I used Deckard's System Scanner to make two Hijack This files. They are pasted in below. Please take a look and tell me what I should do to get rid of this malware. Thank you very much for this valuable service you are providing.-- Dark EagleDeckard's System Scanner v20071014.68Run by Perry H. Chesnut on 2008-04-18 23:11:18Computer is in Normal Mode.--------------------------------------------------------------------------------Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Perry H. Chesnut.exe) ------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:47:35 PM, on 4/18/2008Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:F:\WINNT\System32\smss.exeF:\WIN... Read more

A:Security System Protection Control Panel & System Integrity Scan Wizard Popups

Hello Dark Eagle. to BleepingComputer.comMy name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)Please give me some time to look over your computer's log(s).Please take note of the following:In the meantime, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Finally, please reply using the button in the lower left hand corner of your screen.See you soon,Billy3

2 more replies
Answer Match 46.62%

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system ca... Read more

More replies
Answer Match 46.62%

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system cannot fin... Read more

More replies
Answer Match 46.62%

Hello,
 
I have recently successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.
 
However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.
 
I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned :D/ drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.
 
So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system... Read more

More replies
Answer Match 46.2%

I've tried to open System Protection in System in the Control Panel but it will not work. It gives an error of 0x81000203. I've rebooted and attempted but get the same thing each time.

A:System Protection not working in System Control Panel

Follow instructions on this page error code 0x81000203__ - Microsoft Community

Scroll to the 2nd answer by Meghmala

6 more replies
Answer Match 46.2%

Please help!!! Pics included to explain the situation
Basically after installing some new software for my phone my windows 7 laptop crashed - it flashes a blue screen and restarts on boot up I can get to image 1 page to try a system repair
But then I need to enable system protection.. Image 2
Is there any way I can do this through a command prompt??
Thank you in advance!!!

A:Enable system protection to preform system restore

Sorry images didnt upload???

9 more replies
Answer Match 45.36%

Hi, I defragged my registry (castigate me later, please), and well, my system crashed. I'm running Windows 7 Home Premium 64 bit on a Lenovo laptop, and on startup, I get a blue screen claiming that the OS couldn't boot, and the option to try a system repair. After analysis, it says that it can't repair the system automatically, and offers more advanced options. I can try a system restore, but after selecting a restore point (clearly the one created before defragging the registry), system restore says that I must enable system protection on the drive. I don't remember disabling it, and I don't know how to enable it without access to the desktop.
From those same advanced recovery options, I can use a system image recovery (don't have an image to recover from), the windows memory diagnostic (it claims there's no memory error), or the command prompt. I know very little about using the command prompt, but I can open the task manager at least, though not explorer.exe or msconfig.exe (the prompt claims they're invalid commands).
I've tried booting in safe mode, with the last known good configuration, with boot logging, and everything else from that menu, as well as a Windows 7 recovery disc (though I believe this disc just provides the same options as those installed on the laptop.
If possible, I'd like to know how to enable system protection from the command prompt window so that I can continue with the system restore. I'm quite certain that the error lies in the defragmentation... Read more

A:System Restore - Enabling System Protection

right click my computer/properties/advanced system settings/system protection/ high light your drive, click configure,now click( restore system settings and previous versions of files)
OK and exit

7 more replies
Answer Match 45.36%

My Toshiba Notebook (x64) (running Windows 7) has stopped being able to open/run programs. I've been using safe mode to try and find a cure, and safe mode works fine. I ran a few antivirus programs that detected a few things, but none of them solved this issue. Using System Restore seems to be the only thing I can really do, but I've been having some troubles with it.

Only one System Restore point shows up, and it's only from a few days ago, which isn't far back enough to fix my problem (I've already tried restoring it to that point). There are no other options as you can see here and here.

I tried to create my own restore point, but ran into some problems. When I go into "System" the "System Protection" option is missing. I only have these three options:

When I use the search bar to find it instead, "Create a restore point" comes up, but when I click and it opens System Properties, the "System Protection" tab is missing.

When I looked it up, someone had suggested running Regedit and checking HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR but I couldn't get that far.

If anyone could help me out, it would be greatly appreciated.

A:Troubles with System Restore/System Protection

Hello esu and welcome to Seven Forums.

Have you verified that System Protection is turned on? (If it is, try turning it off, restarting the computer, turning it back on, and restarting the computer one more time.)

System Protection - Turn On or Off

See if you can manually create a restore point.

System Restore Point - Create

If not, your computer may have damaged or corrupt sytem files. Try running a system file checker scan from an elevated command prompt (option two.) If problems are found, run the scan 3 times and make sure to reboot the computer immediately after each of the scans.

SFC /SCANNOW Command - System File Checker

4 more replies
Answer Match 45.36%

I have a Win10 Pro and ran MR to create a system image backup.
It went well but it turned of system protection.
A message shows up with a warning yellow triangle that reads.
Using system protection on a drive that contains system image backups will cause other shadow copies to be deleted faster than normal.
--- How do I stop system protection from being turned off?

I have another Win10 computer and created a MR system image backup on that one also.
System protection wasn?t turned off on that one.

I do not use shadow copies: If shadow copies are in use on my computer it doesn?t matter to me if that is the case as I don?t know how to use them anyway. I just don?t want system protection turned off.

A:I donít want system protection turned off when I do a MR system image

Hi,

The available disk space on the pc with the warning issue is probably too small to store both backup images (MR) and system protection image.






I do not use shadow copies:



Actually you do. System Protection is a form of Shadow Copying.

Furthermore, it's not wise policy to store backups on the same physical drive as your system. Still better than nothing but all in all not sound practice.
Better to store back up on an ext. removable drive.

In the mean time you could reduce the amount of space allocated to System Protection and see if that helps any.

Cheers,

1 more replies
Answer Match 45.36%

 I have a screen shot of it.  There is the Local Disk (C:) listed and then this other.
 Capture.PNG   126.43KB
  0 downloads

A:Under System Prop, and System Protection what is (C:) Missing ?

Post an Image from Disk Management Screen.
 
Control Panel / Administration Tools / Computer Management / Disk Management.
 
This will show all current active drives.
 
 
 

11 more replies
Answer Match 45.36%

Hi Everyone

I went on my laptop this morning and it said I needed to run a system restore. Unfortunately when I try to it says I need to enable system protection on my C drive. I've been searching the web for a solution for the past couple of hours and it seems like quite a common problem. However I've tried all of the suggested solutions and nothing seems to work. I'm not the most computer literate so some of the suggested didn't make the most sense. If anyone has any suggestions to help the matter it would be very much appreciated.

Thanks

A:How do I enable system protection for system restore?

System Protection - Turn On or Off

3 more replies
Answer Match 45.36%

I need help on how to remove the (system reserved) folder under Available Drives in protection settings. On all my other computers it is not shown. Not sure why it is there as it does not show anywhere else on computer as a drive. I guess it just bugs the hell out of me not knowing why it's there. Any help would be appreciated.

A:In System Protection under Available Drives (System Reserved)

Look in Disk Management and see if the Reserve has a partition letter.

9 more replies
Answer Match 43.68%

Oh i can not get system restore to open but it works in safe mode not in regular mode.

A:Need help system protection not there on system properties

Hi,

Welcome to Seven Forums.

Run Regedit and check the following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR.

If the key is present and has any value other than 0 then system restore is disabled and the system protection tab will be hidden.

Viruses often disable this by setting this registry key. Often they will also disable the task manager and regedit too.

If you get a message saying regedit has been disabled by your administrator then it's quite possible you have been targeted by a virus, in which case a full scan of your system is a good idea.


As always, before making changes to your registry, back it up.

hth
Tanya

4 more replies
Answer Match 43.68%

Hi,
I wanted to start system restore. The window shows: to create a restore point

open System Protection.

When this link is clicked, the System Properties dialog is opened by

SystemPropertiesProtection.exe

But the Tabs "System Protection" and "Remote" are missing in this dialog.

Something is wrong with the installation, but I cannot do new clean installation as many software is installed upon the platform. I have mounted the Vista installation DVD with "GImageX", but I do not know which files or Registry Entries I have to extract.

Any ideas? Thanks in advance for any help.

More replies
Answer Match 43.26%

Hi all
I want to disable "hardware, Advanced, System Protection, Remote" tabs from system properties dialog box( screen shot attached).
The user should only able to access change computer name feature. Other feature should be disabled/removed.
I there any way to achieve it?
thanks in advance.


IMG]https://social.technet.microsoft.com/Forums/getfile/703346[/IMG]

A:disable "hardware, Advanced, System Protection, Remote" tabs in system

I'm inclined to say no, for a very simple reason.
Changing the computer name requires administrator access. Given that, the user already has full control over the entire computer, therefore he can change whatever he wants.
What's the purpose of such "limitation"?

4 more replies
Answer Match 43.26%

I was looking around in system properties and under system protection, device updates the top box was checked, I changed it to what it is now and want to make sure this is ok.
 

A:System Protection

It's far better than just "OK" when you have the system running satisfactorily. It's the only way to avoid the nasty surprises when Windows "updates" to incorrect drivers.
 

3 more replies
Answer Match 43.26%

Yesterday I, as always before, was going to do monthly Macrium Reflect system backup. As per usual I did all the AV, HW and software checks, made sure windows and SW was up to date, absolutely everything works as good as ever. At the end of those checks I did sfc /scannow but would not go past 58%. Dism also got stuck at some 20% on or offline, in safe mode too.
All disks are in perfect shape and so are drivers etc.
Before I do something radical like restoring last moth's Macrium backup or doing windows repair I would like to see if there's something less radical to troubleshoot this problem.
I still have W10 on another disk to fall back to if necessary so in no way I could be left without OS on this computer. Willing to try anything. Any ideas ?

A:System protection

Hi Mike,
Personally I don't have a problem with this but some people do with:
The Scoop On KB 3022345 System File Corruption
You might want to uninstall this update if installed.

3 more replies
Answer Match 43.26%

No matter what I do system protection somehow always manages to turn it self back on

How can I PERMANTLY KILL THIS PROCESS? Is it a service?



I WANT IT GONE FOR GOOD

A:Ive had it with System Protection...

Go to control panel, admin tools, services, volume shadow copy, but that may cause more problems than it solves.

9 more replies
Answer Match 43.26%

Hi. I suddenly got a ?Security Center Alert? pop-up in my computer. I have tried what other users tried before. The thing is that now it uninstall Avast antivirus, don?t let me install MBAM (or any program at all), can?t connect to the Internet or access the Windows Task Manager. I also tried to run the Hjack but it simply won?t run.

Please help.

A:Protection System Again

Welcome to BCTry to run both of these and save the logsWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.-----------------------------------------------1. Download Win32kDiag from any of the following locations and save it to your Desktophttp://ad13.geekstogo.com/Win32kDiag.exehttp://download.bleepingcomputer.com/rootr.../Win32kDiag.exe2. Double-click Win32kDiag.exe to run Win32kDiag and let it finish.3. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.4. Double-click on the Win32kDiag.txt file that is locate... Read more

1 more replies
Answer Match 43.26%

Why can I not save restore  points when I have it set to restore previous versions of files only?  It shows system protection turned off when set this way. Only way it will show turned on is if I have setting and files turned on.

A:System Protection

Hi -
System Restore is just that - System Restore -
I have not been able to set mine to restore only one file / folder to an earlier time, unless I have a backup made.
 
However I may have missed a setting that I could not find, but I can only set mine to System Restore -
 
More general information ..............

 What files are changed during a system restore ?
 

System Restore affects Windows system files, programs, and registry settings. It can also make changes to scripts, batch files, and other types of executable files created under any user account on your computer. System Restore does not affect personal files, such as e-mail, documents, or photos, so it cannot help you restore a deleted file.
NOTE :: If you have backups of your files, you can restore the files from a backup.

 
Always create a backup of your system prior to doing any System Restore
 
Open System Restore and follow the links in that area as to what you will restore and what you can do there.
There is a lot of helpfull information listed there -
 
Thank You -

1 more replies
Answer Match 43.26%

Ive noticed every once in a while that my system protection keeps turning it self on, even though I have manually shut it off?

What could be affecting this? (I want it off because I back up regularly)
 

A:System Protection...

I don't have an answer but do have some advice.

System protection is different than backing up data, system protection backs up critical system registries and other settings normal backups do not, it would be wise to leave this setting On.

.
 

1 more replies
Answer Match 43.26%

How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.

A:System Protection

  
Quote: Originally Posted by huffman


How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.


See this tutorial.

System Protection - Turn On or Off

2 more replies
Answer Match 43.26%

What would be the best antivirus for pc.I need a antivirus that is not slow and that protects my pc very good.I need sugestions!

A:System Protection

Welcome
First forget best, it is subjective.
However, I and many members use the free
Microsoft Security Essentials
Free Malwarebytes and the Windows Firewall
I also use winpatrol. It takes a picuture of your HD. Anything is installed, it asks if you want it. If you say no, it restores what you had. Has other features too.
http://www.av-comparatives.org/
This list is already outdated. Microsoft has just finished testing on 2.0. It is now available.

2 more replies
Answer Match 43.26%

I am running Vista Home premium, but see no evidence that it is creating restore points automatically every 24 hours. I can create restore points manually but they are the only ones that show under system protection. Should I not be seeing, "system scheduled checkpoint" in system restore? Thanks.

A:System Protection

I suspect that a system setting has been changed that prevents this from occurring - have you changed any of the system settings/services or used a tweaking/protection utility that might have caused this?

1 more replies
Answer Match 43.26%

Hello everyone ... Really hoping you can help me.

I use Firefox browser and gmail or yahoo for mail. I have Fix-It Professional 6 which I just ran for any viruses, mal ware, spy ware and ad ware.

For about the past week or so, every time I start my machine, I get a window called Windows PC Defender inside of which is a"My Computer" window. I cannot close this window but I can minimize it and open an additional window.

This address appears in the location window -
hxxp://my-systemprotection.net/?p=WKmimHVl...nBkaF%2FEkKE%3D

In the My Computer it shows the Windows shield logo along with System Folders, My Documents, Hard Drive and Security. Next to each, flashing in red is notification that I have 5 viruses in the System Folders, 7 in My Documents, 12 in my Hard Drive and that "Security has been damaged by virus" in the Security. Additionally, below that is a separate window "Your Computer is Infected" and shows a long list -

W32.Benjamin.Worm Virus High
Trojan virtumonde Virus Critical
AdvWare.Hotbar Virus High
[email protected] Virus Medium
Trojan.Qoologic - Key Logger Virus High
SHeur.ZSQ Virus High
Adware.Win32.Winad Virus Critical
Trojan-PSW.Win32.LdPinch.abm Virus Critical
Backdoor.Win32.Haxdoor.gu Virus High
Magic DVD Ripper Virus High
Trojan.Fakealert.355 Virus Medium
Trojan-Downloader.Win32.Small.dge Virus High

Recommend: Click "Start Protection" button to erase all threats
When I have clicked on "Star... Read more

A:my-system protection

Hi Cailleach Echo, welcome to BC I have moved your topic to the "Am I infected? What Do I Do?" forum since you appear to be infected by a rogue security product. This will allow our members who specialize in malware removal to find your topic more easily.I've always been warned not to open anything that ends with ".exe"Sound advice. You're infected with some sort of rogue security program. These programs falsely warn that your computer is infected (like in the list of baddies you were given) and then prompt the user (you) to download a file to "clean" the computer. Do not download anything it asks you to. Do not purchase any program it recommends. It is a scam and will only serve to make the situation worse.

3 more replies
Answer Match 43.26%

Hey all, I've ran into a huge problem... My aunt dropped off her family computer yesterday and I've been working on it for a few hours now and to say the least I'm completely stumped. There's this fake anti virus program called Protection System which does it's thing, I'm sure you know all about it. Anyway, I've done a few hours worth of research, read countless "fix it" articles and forum post and nothing has worked yet. At this point I need to rest my eyes and my mind and ask you all for your help.The biggest problem is no programs that could solve the problem or aid in solving the problem work. The real anti virus was disabled and broken, malwarebytes wouldn't install so I renamed it, it then installed halfway before freezing. I played around with that for a while and I got it to install. Couldn't run the program after that, so I renamed the that. It finally opened but as expected the scan shut the program down. After it crashed during the scan malwarebytes was completely inoperable, couldn't even delete it with out a restart. At that point I had enough, I was preparing to post a topic in the "HijackThis Logs and Virus/Trojan/Spyware/Malware Removal" forum but after several attempts it appears that not even your DDS Tool works. I'm just so frustrated right now...To clear a few things up. I've been trying everything in and out of safe mode, same results. Also, all the games on the computer appear to work, iTunes works, Quickbooks work, AIM works. I'm pretty sure every progr... Read more

A:Protection System

We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr

4 more replies
Answer Match 43.26%

How to turn on System protection using/through Ubuntu?

A:System Protection

Look over here:
The Ubuntu Forum Community - Ubuntu Forums

2 more replies
Answer Match 43.26%

In my system properties under system protection, the c drive sys pro is on but on my d drive (restore) the sys pro is off. Should i turn it on?Is it able to vreate sys restore points when the sys protection is off?

A:my system protection

Hello @hunterm1 Welcome to the HP Support forum. Thank you for your post.Probably you have one HDD drive and C:\, D:\, etc.. - these are not called drives but partitions - part of the whole thing - one HDD. No problem. The D:\ partition is usually your recovery partition and Windows System Restore is off there for a reason - you should not and need not to attempt to turn it on. This drive should have no changes usually - its purpose is to keep the original version of your operating system, settings, drivers, original image and to be able to restore your PC to factory default condition.  Let me know if you have any other questions.

1 more replies
Answer Match 43.26%

How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.

More replies
Answer Match 43.26%

I am curious I was reading a previous thread which concerned a Teacher, Wendy and her issues with her current computer instructor. When following the thread a program I have never heard of, HijackThis was mentioned several times. Is this a program that just simplly reports problems to the user or is it like Spybot S&D(which I am currently using) in that it can also fix any possible security issues. If HijackThis can do the previous: fix report and whatever else; then what additional advantages does it provide the user that Spybot doesn't support, and would U use this in place of Spybot S&D or something else.
 

A:system protection?

It is not an automated tool, and provides no judgement or recommendations on removal. It simply shows what is present in several locations of the registry and file system - you have to know what you're looking at to use it to delete entries.
When I think it's preferable that dll's are unregistered etc., I will often recommend that SpyBotSD be run first and then use HJT to look and see if it missed something.

You can see some instructions at http://tomcoyote.org/hjt/ if you want to look at it.
 

1 more replies
Answer Match 43.26%

How does System Protection work...does it save information to a separate partition?

I have a 7gb partition on my drive that I do not know what it is for. I deleted it and was am thinking of adding it to my main C: partition. Did destroy the System Protection partition?

A:System Protection?

That partition was likely put there by the manufacturer to help you restore the PC to factory specs if you ever needed to do that.

If you in fact deleted the partition and do not have "recovery disks", you will have problems restoring to factory specs.

Do you have any install discs at all? What happens if your hard drive fails in 30 minutes?

System protection is not the same as "system restore", which you may be thinking of. System restore returns the operating system to the way it was on the date the restore point was made---typically somewhere in the last couple of weeks-----not to factory specs. System restore points are stored on your C drive along with Windows.

Can you post a screen shot of Disk Management?

9 more replies
Answer Match 43.26%

I have been infected with protection system and the instructions say to run malwarebytes but when I try to run it it just stops. Is there another way to get around this. I work from home and this is ruining my day. I also tried to use spyware doctor but I can download the updates to run the program... I'm hoping somebody can help Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:protection system

Did you rename Mbam.exe to something else? Name it tatertot.scr and try to run itAlso try Dr Web Cureit:Please download Dr.Web CureIt, the free version & save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.When complete, click Select All, then choose Cure > Move incurable.
(This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)Now put a check next to Comple... Read more

1 more replies
Answer Match 43.26%

I just finished "cleaning out" an old Dell desktop. I deleted a lot of files. I don't intend to un-delete any of them (couldn't anyway, because I did a wipe of the free space), but the thought occurred to me, what if I wanted to un-delete one of them? In the old DOS days, I could do that without software (like Recuva). But with NTFS file systems, I note that there is a system setting called System Protection that provides a built-in way to recover deleted files, as long as you haven't overwritten them. I checked the settings for this app on my desktop. System Protection is Off for both of my drives, so that's apparently the default.

Question: What are the downsides of turning that On? My guess would be that it burdens the MFT with more entries, thereby slowing drive performance. Is that true and are there any other downsides?

A:System Protection

The only real downside to turning on System Protection is that is consumes some disk space but you can control that. The impact on performance is insignificant.

5 more replies
Answer Match 43.26%

Hey all, I've ran into a huge problem... My aunt dropped off her family computer yesterday and I've been working on it for a few hours now and to say the least I'm completely stumped. There's this fake anti virus program called Protection System which does it's thing, I'm sure you know all about it. Anyway, I've done a few hours worth of research, read countless "fix it" articles and forum post and nothing has worked yet. At this point I need to rest my eyes and my mind and ask you all for your help.The biggest problem is no programs that could solve the problem or aid in solving the problem work. The real anti virus was disabled and broken, malwarebytes wouldn't install so I renamed it, it then installed halfway before freezing. I played around with that for a while and I got it to install. Couldn't run the program after that, so I renamed the that. It finally opened but as expected the scan shut the program down. After it crashed during the scan malwarebytes was completely inoperable, couldn't even delete it with out a restart. At that point I had enough, I was preparing to post a topic in the "HijackThis Logs and Virus/Trojan/Spyware/Malware Removal" forum but after several attempts it appears that not even your DDS Tool works. I'm just so frustrated right now...To clear a few things up. I've been trying everything in and out of safe mode, same results. Also, all the games on the computer appear to work, iTunes works, Quickbooks work, AIM works. I'm pretty sure every progr... Read more

A:Protection System

Hi Mike,

do you still have your aunt's PC and do you still need help?

regards _temp_

3 more replies
Answer Match 42.42%

I have a many pop ups that say Security Center Alert Do you want to block suspicious software? Name: Virus.Win32.Hala.a, Net-Worm.Win32.Mytob.t; Protection System Network Security Alert, Network attack rejected!, and continuous pop ups asking me to activate Protection System antivirus software. The pop ups start whenever I turn my computer on. I do not even open a browser. Here is my DSS.txt log
DDS (Ver_09-07-30.01) - NTFSx86
Run by abc at 18:04:05.71 on Thu 08/27/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.225 [GMT -7:00]

AV: Protection System *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin&... Read more

A:Infected w/ Protection System and I can't get rid of it

Hi, waxeddental Welcome.Please read and follow all these instructions very carefully. Please download Malwarebytes' Anti-Malware from Here.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.=====================================================================Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**If you are using Firef... Read more

20 more replies
Answer Match 42.42%

Hey all,

I've had Windows 7 installed since 2009. Recently I've been getting this warning.



Not really sure why though, as I've never stored System Image backups on this drive. I always keep them on an external drive.
I've tried turning off System Protection then back on, this does remove the warning. But then when I create a new image the warning returns.
I've done various different scans, A/V, diagnostics and can't see anything wrong. Disks are working fine.

Anyone have any ideas as to what may be causing this warning?

A:System Protection Warning.

Backup Images are snapshots... The image process creates a restore point just like what happens when installing software or windows update patches. The restore point itself, so the situation on start of backup will be backed up.

2 more replies
Answer Match 42.42%

I've used Windows 7 Home Premium x64 since 2009. I understand how to use System Protection. However, what I don't understand is why it would be useful for drives other than C:, where Windows resides.

If there is a tutorial somewhere on reasons why System Protection is useful on other drives, I would surely appreciate a reference to it.

A:Why Use System Protection On Drives Other Than C: ?

It`s useful if you also wanted to have restore points for those drives and if you had storage room to backup those drives.

It`s not turned on on other drives by default, windows just gives you the option to do so if you wanted.

2 more replies
Answer Match 42.42%

I have this annoying system protection malware and also maybe, I don't know for sure one that keeps redirecting me everywhere else. I have already used 3 different programs spybot and windows malware remover. I also used combofix and I already have the Log ready. I'm pretty technical savy so I hope that helps you. ComboFix 11-07-17.03 - jessie 07/17/2011 15:20:48.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3317.2098 [GMT -7:00]Running from: c:\users\jessie\Desktop\ComboFix.exeSP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\defender.exe..((((((((((((((((((((((((( Files Created from 2011-06-17 to 2011-07-17 )))))))))))))))))))))))))))))))..2011-07-17 22:50 . 2011-07-17 22:52 -------- d-----w- c:\users\jessie\AppData\Local\temp2011-07-17 22:50 . 2011-07-17 22:50 -------- d-----w- c:\users\Default\AppData\Local\temp2011-07-17 22:50 . 2011-07-17 22:50 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp2011-07-17 22:16 . 2011-07-17 22:16 -------- d-----w- c:\windows\system32\MpEngineStore2011-07-16 20:50 . 2011-06-20 15:57 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates&#... Read more

A:Malware system protection one

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Answer Match 42.42%

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

A:Protection System infection

Due to the lack of feedback, this Topic is now closed.In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.Orange Blossom

2 more replies
Answer Match 42.42%

Hello! I have visited the site before and have browsed through the topics and easily removed virus. This time I have this pesky Protection System virus that keeps on appearing after I have scanned using Malware. I also keep getting Security Center Alerts telling me about trojans such as Rootkit.Win32.Agent.pp and it gives me an option to enable protection but have decided not to mess with anything like that. I hope someone can help me please. THANK YOU!
I will paste my MalWare log.
Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

9/15/2009 7:21:32 PM
mbam-log-2009-09-15 (19-21-32).txt

Scan type: Full Scan (C:\|)
Objects scanned: 200701
Time elapsed: 1 hour(s), 12 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{5e2121ee-0300-11d4-8d3b-444553540000} (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\protection system (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfu... Read more

A:need help removing Protection System

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download ComboFix from one of these locations:Link 1Link 2Link 3Important!You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Make sure that you save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow ... Read more

9 more replies
Answer Match 42.42%

Hey , i need help in order to restore my system . In fact when i open the system properties i realise that System Protection tab was missing. Launching the tab by its executable, SystemProtectionProperties.exe, did not launch the tab, either.

I tried to search in the registry for HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR

I didn't find the SystemRestore Folder .

I only found the Windows File Protection folder and Terminal Services folder

what should i do ?

Thank you
 

A:Missing System Protection tab HELP

follow this :-

http://answers.microsoft.com/en-us/...operties/99c8160e-500f-47e7-8898-c2680a6fd26b
 

3 more replies
Answer Match 42.42%

Pretty much any form of antivirus/antispyware programs that are installed have stopped working (IE: malwarebytes, spybot, HiJack This, and Panda) and wheni click some of them it says, "Application cannot be executed. The file is infected. The file is infected. Please activate your antivirus software."

Task manager also does not seem to work and gives the above error message. I also get some popups related to Protection System.

The DDS program/logger didn't work and also gave the above error; however, I was able to get a RootRepeal log and have attached it.

Thanks for your time.

A:very bad "Protection System" Malware

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.Download and run a batch file (peek.bat): Download peek.bat from the download link below and save it to your Desktop.Download peek.bat Double-click peek.bat to run it.A black Command Prompt window will appear shortly: the program is running. Once it is finished, copy and paste the entire contents of the Log.txt file it creates as a reply to this post.==========Please post the following logs in your next reply:* Win32kDiag.txt* Log.txt

27 more replies
Answer Match 42.42%

Logfile of random's system information tool 1.06 (written by random/random)Run by Owner at 2009-09-01 18:01:20Microsoft Windows XP Home Edition Service Pack 2System drive C: has 51 GB (34%) free of 147 GBTotal RAM: 895 MB (21% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:01:42 PM, on 9/1/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16876)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\TGTSoft\StyleXP\StyleXPService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\COMMON~1\Stardock\SDMCP.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system3... Read more

A:protection system virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.??If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine.??Please perform the following scan:Download DDS by sUBs from one of the following links.??Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool.??No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

4 more replies
Answer Match 42.42%

Hi
I am having a problem with this program called Protection System which is totally messing with my computer and I tried to run Root Repeal and it produced a whole list of files that are blocked and there is a wierd symptoms with my computer going on when nothing is running.
Please help me with this as I use my computer everyday and it is messing with my productivity.

Thanks

A:PLEASE!!!! I have a problem with the protection system!!!!

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

2 more replies
Answer Match 42.42%

I have no system protection tab in System Properties box, hence I cannot create a restore point. Looking for the answer to get this tab enabled or reinstalled. I am logging in with Admin rights.

A:Missing System Protection Tab

Hello Doc, and welcome to Eight Forums.

Check in your registry at the location below to see if you have a DisableSR DWORD value in the right pane of the SystemRestore key. If you do, then delete the DisableSR DWORD, and restart the PC to see if that does the trick.

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore

5 more replies
Answer Match 42.42%

Hello-
I am trying to fix a friends' laptop that appears to have been infected with Protection System malware. PC Info: Dell Vostro 1500, Windows XP Home, SP2.

At the moment, I cannot seem to get the laptop to access the internet, whether itís because of the virus or because it is not set up to access my cable modem. I have left it disconnected from our network to avoid any cross infections with my good pc. Can I download programs to a USB stick using the good pc, and transfer them to the sick pcís desktop- if you donít see a problem with this method, then Iíd prefer to continue using it.

When I try to install Malware Bytes from the .exe on the desktop, the install procedure seems to begin, then disappears completely from view, and doesnít even appear in Task Manager.

HijackThis seems to install ok from the desktop, but when I try to run the program, I can see it begin to list programs, but the after less than 2 seconds it, too closes and disappears.

Other issues: Restarting/Shut Down gets stuck and I have to hold down the power button to shut off.

Would greatly appreciate any help you can give.
 

More replies
Answer Match 42.42%

I recently had a power outage while Windows 7 (x64) was loading. System booted up fine. I went to do a system restore, but could not. When I go to select a restore point is says, "System Protection is turned off". I never turned it off and it will not let me turn it on. The C:\ clearly shows protection is turned on, but when I select system restore it says it is turned off.










I think I read most of the posts here on this issue, but no go. What I have tried:Manually create restore point- Works fine. Repeated many times.
.
Turned System Protection Off and then back On- No difference
Ran WMI.bet- No change
Deleted all restore points- No change
Ran VSS List Shadows- Got hits even though I had deleted all restore points
Verified VSS is on- I have seen posts to say set to manual and set to auto. I have done both. No difference.
SFC /SCANNOW- Found no integrity violations
Tried to do a Repair Install- Cannot. I am running SP1. Comes back saying it cannot be done.
Any ideas would be appreciated.

A:System Protection will not turn on

Try again in this admin account Built-in Administrator Account - Enable or Disable

9 more replies
Answer Match 42.42%

Hi, My cat has given birth to 4 beautiful kittens. Woo-Hoo.

Obviously i have taken photos of the cute little critters and transfered them to a folder on my pc.

I used G6 Utilities to rename and enumerate all the pictures. When i look in the folder now there are several pictures missing. Fortunately i have found them. Unfortunately i found them by showing Protected Operating System files.

After googling for a while i have only managed to find out how to disable the File System Protection for all of Windows. Before i attempt this i would like to know if it will allow me to recover the pictures or if it is just better to delete them and take new ones.

Or does anyone know of another way to remove this protection? Any software that may help?

Thanks in advance.
 

A:System File Protection on a jpg?????

7 more replies
Answer Match 42.42%

Long story short, I bought a new laptop, and in the month I have had it, I've had to do continual restores because it was getting hung up on 15% at updates. Finally got that fixed, then I had to do another restore for an unrelated issue, and it restored it to prior to the update. Before I could go in to fix it again, it started updating and once again got hung up at 15%. After three hours, I finally shut down, just expecting to do another system restore. Now, it won't let me do anything. Repair and restore tell me that there was a problem and no changes were made, and it gives me restore points, but then tells me I have to enable system protection...which I can't boot into anything to do. Safe mode won't work. Nothing but command prompt works, and I am about to tear my hair out. Has anyone had this problem and been able to fix it without a repair disk, that I conveniently do not have at this time? I contacted the company I ordered the computer from, and they are sending me the disks, but..I was hoping to be able to fix this without having to do a complete clean reinstall.

A:Enable system protection?

Hi and Welcome to TSF!

Since the laptop is brand new I would recommend asking your warranty to take a look.

You don't want to mess with it so much that they VOID your warranty.

2 more replies
Answer Match 42.42%

I have W7, 64 bit blah blah blah. when I bought my system, I set it up with a password required in order to be able to sign into windows. can that be bypassed by, say, a computer repair person? I sent my computer in for repair which turned out to needing a mother board replacement. I realized after that diagnosis was made that I'd forgotten to mention nor supply them with the system sign on password.

thanks for your help.
 

A:System Password Protection

8 more replies
Answer Match 42.42%

Helloes
Pz say to me how to remove the System Progressive Protection which I was attacked by him.....Thnx

A:system progressive protection 3.7.17

Hello nrimawi.

Please follow these instructions closely here at this site.
System Progressive Protection Removal Guide <-Let me know if you cannot go to that site.

Post back with any questions and to let us know how things are going.

1 more replies
Answer Match 42.42%

Hello guys

I needed to do a system restore this morning and when I looked and the drive options there all in an odd sort of order.I only have system protection activated on my system drive so i thought that would be at the top of the list like it always has been but its not.I dont know what order there in it makes no sense.Its not causing me any problems but just wondered how other peoples partitions and drives are ordered I always thought it was by letter but not the case here.Does anyone know how to re order them.

Mine are E:80gig
F:18gig
C:system 80gig
D:120gig

Thanks

Danny

A:System Protection Strange

Do they appear in right order under disk management?

9 more replies
Answer Match 42.42%

I am running Windows XP using Firefox. I got the System Progressive Protection virus. I ran Malwarebytes and can use the computer now but "iexplore.exe" is still running in the background. Also, Microsoft Security Essentials pops up every few minutes with a "Detected threats are being cleaned" message. What do I do now?
Thanks, in advance.

A:System Progressive Protection

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next t... Read more

1 more replies
Answer Match 42.42%

It seems to me that W7's System Protection now functions like the old "Go Back" , which made a backup of one's files, as well as Windows' system files.

How can I configure W7's S P to leave user files [ not only "my docs", but <user>\app data . . . . , favorites, desktop ]?

I used W7's System Protection on my W7 Pro, 32 bit system, to return to a restore point I had made before installing a program, but it either modified or deleted files modified or created after the restore point was made, after uninstalling the program and returning to the manually created restore point.

Does "USERPROFILE" include <user>my documents ?
http://msdn.microsoft.com/en-us/library/aa378870(VS.85).aspx

User Account Control was set to minimum.

System is single boot.

System was upgrade from Vista Ultimate 32 bit.

RF123
 

A:System Protection configuration

__.__

bump
 

2 more replies
Answer Match 42.42%

Do you have enabled System Protection in Windows 7?

A little tip, where you will find that:

A:Do you have enabled System Protection?

yes i checked and it is on but why would you not want it on?

9 more replies
Answer Match 42.42%

I am trying to do a system restore. When I get to the screen titled 'confirm disks to restore' it says 'you must enable System Protection on this drive'. I am unable to enable System Protection thru normal means because the tab isn't showing up. I searched the forum and found an answer in the following thread that I thought would help:

Can't access System Protection options

There's probably a value in the registry called "DisableConfig" or "DisableSR" at HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore. Open regedit, browse to that key, and if either value exists, delete and reboot the PC. You should get your System Restore tab back after doing this.
Last edited by cluberti; 08-27-2010 at 05:55 AM.. Reason: Seems there's a second value - updating thread

Unfortunately, I have HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\

but no SystemRestore after that.

Can anyone help me????

A:Need to turn on System Protection

Hi garzon6, welcome to the forums

It sounds like 'Systems Restore' has been disabled. To enable it just follow the steps below...

1 Click Start and right-click 'Computer' & select 'Properties'

2 Select 'System Protection'

3 Click 'Configure'

4 Select the first option in the list then click 'Apply' then 'Ok'

Hope this helps






Quote:
I am unable to enable System Protection thru normal means because the tab isn't showing up


Can you show a snip regarding the lack of options above too?

OS

9 more replies
Answer Match 42.42%

Here is my log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:44:04 PM, on 6/30/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exec:\Program Files\Common Files\Symantec Shared\ccProxy.exec:\Program Files\Common Files\Symantec Shared\ccSetMgr.exec:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\HPZipm12.exec:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.5.0\bin\jusched.exeC:\windows\system\hps... Read more

A:Protection System Malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42.42%

After reading your website I am sure I have System Progressive protection. I read the user guide written by Lawrence Abrams and have tried it a couple of times. I am using windows XP. I have followed the steps each time, but it does not seem to work. I boot into safe mode and then download one of the RKill downloads and it does it's thing and then posts a report on my desk top. Each time I have attempted to remove the vius/worm I have tried a different version of RKill. So then I move on to scanning my computer. I use Microsoft Security Essentials. I have run full scan twice and found and removed "unwanted software". Then when I have removed it I am prompted to "restart" the computer to let changes take effect. When it boots back up in normal mode the System Progressive Protection thing pops up again and obviously I did not get rid of it. I would guess one of two things is going on. Either it is not stopping the virus when I run RKill or I am rebooting back into normal mode and I should not be doing that. What should I do? With this description can you tell what I might be doing wrong? I know this is not a really serious problem but I would prefer to get rid of it. I am so close to fixing this issue but I can't seem to completely get rid of this thing. Please help. By the way. Thanks for the site. You all do wonderful work here. Thanks again. Looking forward to hearing from someone.

A:System Progressive Protection

Can anyone help me with the issue I am having? Thanks.

5 more replies
Answer Match 42.42%

Hi, all. First, thank you for everything you do. I've come to this site a couple of times over the years and your advice has been incredibly helpful. I really appreciate it.
Now I have my own problem with a malware issue.
My computer has become disabled. It boots to the desktop, but I cannot access anything with my mouse, and when I place the cursor in the taskbar, the hourglass icon appears. Sometimes the Protection System window would appear trying to tell me about some fake virus problems and to do an install.
I was able to delete any mention of Protection System from the registry through safe mode with command prompt, then regedit. That removed the Protection System screen from startup, but I still can't run any scans to send to you for review.
Nothing works! I have to unplug the machine to turn it off!
Is there any other way to use your recommended scanning programs to get this fixed?
I am running Windows XP with Service Pack 3.
 

A:Protection System has taken over computer

Bump, please!

I am still having this nasty malware problem. I can't perform a HJT scan using the suggested methods.
 

1 more replies
Answer Match 42.42%

PC is infected with "Protection System" -- apparently it's preventing use of any malware removal tool (including malwarebytes, avg, adaware, weborot), and it won't permit uninstall with Revo Uninstaller. Below (and attached) is the hijackthis log. Any advice would be appreciated!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:30:53 PM, on 7/21/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\LogMeIn\x86\LMIGuardian.exeC:\Program Files\MozyHome\mozybackup.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\Program Files\Common Files\Real\Update_O... Read more

A:Hijackthis log - "Protection System"

Hello and welcome to Bleeping Computer.My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I wouldbe grateful if you would note the following: Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
Copy and paste all logs requested in you reply, Do not attach them unless asked too.
If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.
If I do not hear back from you within 5 days of my last post, then this topic will be closed.Please download Malwarebytes' Anti-Malware from HereNote: If you already have Malwarebytes' Anti-Malware, just update then run it.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan (the scan may take some time to finish, so please be patient).When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be p... Read more

2 more replies
Answer Match 42.42%

I have done 2 installs of Windows 8 RP (build 8400) and it seems the System Protection of off by default. I need to turn it on and allocate disk space.
If I turn System Protection off it fails to warn or delete previous restore points. This does not effect me creating restore points manually.
Anyone come across this before and what is going on.
Robert...

A:System Protection in Windows 8 RP

Hello Robert,

It works the same way for that as in Windows 7 for me. When you turn system protection off, does currant usage drop to zero afterwards like below? This is not the same as what the max usage is set for. Max usage is just how much it can use when system protection is turned on.

System Protection - Turn On or Off in Windows 8

3 more replies
Answer Match 42.42%

I need help to configure system protection settings (Attachment). I don't understand the 'Restore Settings' in 'Configure'. I need an explanation or directions to a suitable tutorial, where I can understand how to set this up.

Thank you.

A:How to set system protection settings

You want 'Restore system settings and previous versions of files' selected, under 'Restore Settings'.

System Protection - Turn On or Off - Windows 7 Help Forums

System Protection - Change Disk Space Usage - Windows 7 Help Forums
--
What is System Restore & How to Create a Restore Point in Windows

How to Configure The Way System Restore Works & How to Disable It
--
Configure System Restore in Windows | www.winhelp.us

2 more replies
Answer Match 42.42%

I've been directed here after having my post confirmed at http://www.bleepingcomputer.com/forums/t/255937/fake-windows-security-center-alerts-and-failure-to-open-anti-spyware-programs/.My OS is vista and I can get screen shots of the fake security system/protection system if needed.Here's the log that I got before my comp crashed (I tried several times, but it crashed at the same spot each time.)Log file is located at: C:\Users\Alastor\Desktop\Win32kDiag.txtWARNING: Could not get backup privileges!Searching 'C:\Windows'...Found mount point : C:\Windows\AppPatch\Custom\CustomMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmpMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5937.tmp\ZAP5937.tmpMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E9B.tmp\ZAP6E9B.tmpMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmpMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB7C.tmp\ZAPAB7C.tmpMount point destination : \Device\__max++>\^Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmpMount point destination : \Device\__max++>\^F... Read more

A:Windows protection system

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Please note, I normally request a DDS log, but since you have this rootkit, I'll hold off. Please let me know if you're there and I'll pass this off to a member of the HJT team.Information on A/V control HERE

36 more replies
Answer Match 42.42%

Hello

This is the first time I've had a virus so I'm a little new to the technical terms and am trying to follow the advice given on this forum.
(BTW - the advice has been v clear and easy to follow - thanks!!)
I have had the 'Protection System' virus since yesterday (the one that masquarades as an anti-virus). I havent accepted anything nor bought it but it keeps putting distasteful shortcuts on my desktop, has cut me off from the internet, disabled some of my own scanware and keeps putting up pop-ups pushing me to buy it.

I read your threads and tried to install the Malwarebyte' Anti-Malware but it won't run and closes after 5 seconds. I then ran a CD with AVG as suggested on one of the threads. After this ran, I still was unable to run the Malware software - even in safemode.

I am using my friends computer and have downloaded the DDS screen saver and have managed to run it on this (healthy) PC and obtain the log files with ease. On my PC I have tried several times and rebooted, but no logs are being produced. Indeed after some time of trying - even that welcome message isnt displayed and it just closes without warning.

I dont really know where to go from here. Im not overly technical so I dont know if there is somewhere I should be looking to start with. Any help would be much appreciated.

PS I am running on Vista.

Thanks

A:'Protection System' virus

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr==========================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press any key on ... Read more

6 more replies
Answer Match 42.42%

lFor the last couple days I have had problems with windows police pro virus which i was able to fix. Now Protection System virus is attacking me. First it wouldnt let me open any programs, but finally I was able to download and run IObit security 360 which found a large number of threats. It did not really solve the problem though, instead now for just about every program (except microsoft office, and a couple others) it says "Choose a prgram to open this file", basically nothing will run. Also Protection System virus is still there and is doing it's usual thing. I can't use the internet or open regedit, and I have no idea how to fix this. My OS is Windows XP.

A:Protection system virus Please Help

does anyone have any ideas? I would really appreciate any help that could be provided

1 more replies
Answer Match 42.42%

A friend had the Protection System variant of Fake AV on is Vista PC. I was able to remove with malware bytes and cleaned up the registry with Regmechanic. the system appears to be fine Scans with Malware Bytes, AVG 8.5, Trend micro's root kit buster and house call all come up clean at this point. However as all of you are saying AVG 8.5 is out of date that is where I am running into issues. When I try to install AVG 9.0 it tells me that there is a conflicting software package installed: Protection System, and will not complete the install.I have searched the registry, and file system for anything that might be telling AVG that it still exists but am coming up with nothing.Below is my hijackthis log, possibly someone here knows what I have overlooked or can spot it in the log.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:54:57 PM, on 4/9/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Apoint\Apoint.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Apoint\ApMsgFwd.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Cy... Read more

A:Protection System removal

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42.42%

I have an awful virus...please help me before my boyfriend gets home. He allowed me to use his computer and this Protection System 2010 virus has taken over.

It won't allow me to open Mbam or hijackthis...hijackthis will start and then just disappear.

I have tried everything that my feable mind can think of. I downloaded the SuperAntivirus, but it won't open and I can't delete it so I can't reinstall it.
I am working within safe mode with networking at this moment.

Please HELP!

A:Help Me Please Protection System 2010

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

1 more replies
Answer Match 42.42%

Here it is, I turned on my Acer laptop last night and would not boot to desktop. Safe mode will not run as it should do, system restore will not repair any problems, I cannot get to desktop full stop. Although I can get to a system restore which displays 3 potential restore points but when i click I cannot go any further because it says 'you must enable system protection on this drive' how can I do this if I cannot boot correctly?

I am totally lost on this one!

I downloaded the win 7 beta a few months back and had win vista preinstalled. Someone please help me!!

A:System protection = lost!

First open a command terminal ... enter cmd in the search box ... enter sfc /scannow .. let it check your system files... reboot .... this should resolve your problem ... let us know your results...

Welcome to Seven Forums!

9 more replies
Answer Match 42.42%

Protection System has installed itself and seems to be keeping me from running Malwarebytes to clean it up. Every time I try to run it, I get a split-second hourglass, then nothing.
I managed to get Malwarebytes installed by renaming it, but that cute little trick didn't work for executing the program.
I get frequent pop-ups and system stalls. Any help would be greatly appreciated.

DDS is pasted below, and rootrepeal report is attached.

Thank you!
DDS (Ver_09-07-30.01) - NTFSx86
Run by Administrator at 23:00:03.54 on Wed 09/09/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.18 [GMT -5:00]

AV: Protection System *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: eTrust EZ Antivirus *On-access scanning enabled* (Updated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
FW: eTrust Personal Firewall Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
svchost.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\CA\eTrust EZ Armor ... Read more

A:Protection System Infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.??If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine.??Please perform the following scan:Download DDS by sUBs from one of the following links.??Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool.??No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42.42%

Hello,
 
I just got a new Windows 8.1 64 bit system last week and I have a couple protection questions.
 
On the system now I am running Kaspersky Pure 3 and Malwarebytes Premium (paid version).
Also My firefox browser has adblock plus installed in it and noscript.
 
My question is, is there any other protection software I should run in conjunction with the items that I have already installed and listed?
 
I go to lots of cross stitch site and I know Malwarebytes has save me several times.
But I thought I should have more proyection which I why I ask the question above.
 
Thanks in advance
Drauka
 
 
 

A:System Protection question

  Spybot S&D 1.62 will protect your host file quite nicely, and, it has an on-demand malware scan.  I had to goto Spybot 2, it's like driving a bus where a Chevy or Ford station wagon would do.  For very good behind-the-scenes browser lprotection, I use SpywareBlaster [I only pay $10/yr for automatic-update/automatic enable all]. 
  Now, comes an Idea:  you have to balance functionality and security, not so much 50-50, rather, how much functionality and ease would you like, and, how much security would you like?  While they are not mutually exclusive, too much of one can cause problems for the Chair-person.  Not enough of one can cause problems for the Chair-person.  Just last night, I had to roll-back to a Dec 29 image 'cause too too much security attempts led to pretty much Windozzzzzzz and hee-haw in the thin blue line.

20 more replies
Answer Match 42.42%

I have been on your site all day trying various ways to remove Protection System. Is there anyone who can help?! It's driving me crazy!!

A:Infected With "Protection System"

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The... Read more

1 more replies
Answer Match 42.42%

I have been infected with what looks like several viruses. Unable to complete full virus scan although the following were quarantined: Trojan.Metajuan, Packed.Generic. 200, scmhux.exe and Packed.Generic.233. Also have lovely porn links on desktop, which I have removed. Tried to run DDS, but just sits there, all the while pop ups for Protection System download, Window security center alerts and various.exe - bad image error messages. Tried to run rootrepeal, but will not let me save log. Was able to get a log from hijackthis. Please help me to find what needs to be removed. Thanks in advance for any help. See hijackthis log below:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:27:35 PM, on 9/8/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceServic... Read more

A:protection system and bad image pop ups

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42.42%

Hi,

I have something called "Protection System Support" that's installed itself on my machine, and I think it's evil, but I can't get rid of it. Any suggestions?
All of us a sudden I have a flood of virus warnings, and I'm not even sure if they're real or not. Any help would be appreciated.

Thanks,

Tanguera

A:"Protection System Support"

Welcome to BCSome types of malware will disable Malwarebytes Anti-Malware and other security tools. If MBAM will not install, try renaming it first.Right-click on the mbam-setup.exe file file and rename it to mysetup.exe.Double-click on mysetup.exe to start the installation.If that did not work, then try renaming and changing the file extension. click this link if you do not see the file extensionRight-click on the mbam-setup.exe file, rename it to mysetup and change the .exe extension to .scr, .com, .pif, or .bat.Then double-click on mysetup.scr (or whatever extension you renamed it) to begin installation.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.Right-click on mbam.exe, rename it to myscan.exe.Double-click on myscan.exe to launch the program.If that did not work, then try renaming and change the .exe extension in the same way as noted above.Double-click on myscan.scr (or whatever extension you renamed it) to launch the program.If using Windows Vista, refer to How to Change a File Extension in Windows Vista.Be sure to update MBAM through the program's interface (preferable method) or manually download the definition updates and just double-click on mbam-rules.exe to install. Then perform a Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs ta... Read more

1 more replies
Answer Match 42%

My system is running Windows 7 Ultimate (64-bit).  I have two hard drives installed, a C-Drive (System Drive) and a D-Drive (Backup Drive). 
I have System Protection enabled on the C-Drive, protecting both system settings and user files. 
On the D-Drive, I have System Protection turned off.  This same D-Drive is configured as the Window 7 Backup and Restore backup drive, backing up both data files and creating a system image. 
Here is my question:
Whenever I or the system creates a restore point, data is added on the C-Drive and on the D-Drive, which can been seen via the System Protection applet, under the configure button. 
I assume that this is restore point data.  Plus, whenever a backup is executed, more data is added, as can be seen, via the configure button, under the D-Drive settings, in the System Protection applet. 
Regarding restore points, I understand why data would add up, on the C-Drive, but, with System Protection turned off on the D-Drive, why is data increasing (restore point data?) accumulating, on the D-Drive? 
Since the D-Drive is the Backup Drive, does the System Protection configure applet include data gathered from Backup and Restore? 
Is this why I am seeing data add up here, despite the fact that System Protection is turned off, for this D-Drive?
I would appreciate anyone?s help, clearing up this issue for me. 
Thank you.

More replies
Answer Match 42%

Hello and thank you for your time. It seems like there is a rootkit out there reeking havoc and I have become an unwitting statistic. This pest will not let me run a malwarebytes scan nor will it let me run a rootrepeal, it simply reboots the whole system when I try rootrepeal,even in safe mode. I get bogus "Security Center Alerts" and bogus messages urging me to buy Protection System antivirus software. Please help! Additionally, I receive various messages telling me about bugs that have been detected with a scan that I never initiated.

A:Protection System Rootkit needs to be removed

Hi elbarracho,Download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.

7 more replies
Answer Match 42%

I just finished a reinstall, had winnowed all of the errors out and was doing the final clean and boot time defrag with Puran.

Afterwards I checked the Admin Event log again and had a bunch of Volmgr and Volsnap errors from the reboot:






Quote:
Log Name: System
Source: volmgr
Date: 1/22/2014 8:23:44 PM
Event ID: 46
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Conrad-PC
Description:
Crash dump initialization failed!
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="volmgr" />
<EventID Qualifiers="49156">46</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-01-23T01:23:44.465603400Z" />
<EventRecordID>4285</EventRecordID>
<Channel>System</Channel>
<Computer>Conrad-PC</Computer>
<Security />
</System>
<EventData>
<Data>\Device\HarddiskVolume2</Data>
<Binary>0000000001000000000000002E0004C004100000080000C000000000000000000000000000000000</Binary>
</EventData>
</Event>







Quote:
Log Name: System
Source: volsnap
Date: 1/22/2014 8:22:59 PM
Event ID: 25
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Conrad-PC
Description:
The shadow copies of volume C: were deleted because ... Read more

A:Defrag sets System Protection to 0%

That's indeed not pleasant. Get a SSD (there are many cheap offerings right now) and then you need not do any defrags.

5 more replies
Answer Match 42%

my computer was infected by Rogue "System Progressive Protection"
but it was protected by my NOD32 antivirus.
therefore some of it left on my computer eg. it's icon and some file without extension
on my C:\Documents and Settings\All Users\Application Data\(random number)

i am not sure that my computer is slower than before or not!!

i attached hijack this log file along with my post..
please help me to check is my computer still in good condition or not??...
Many thanks in advance
===============================================================================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:22:37, on 3/11/2555
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\... Read more

A:infected with System Progressive Protection

Hi jackoff

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

White Warrior

6 more replies
Answer Match 42%

Hello...

For the past week, I have been encountering the fake anti-virus 'Protection Systems,' sometimes calling itself Windows Security Center. I am constantly getting nag screens, pop ups and bubbles saying my system is infected. My google searches are redirected at times. Also, sometimes my system will shut down by way of a countdown, but I've stopped it recently running shutdown -a.

I have tried with Malwarebytes and it seemed to get rid of it at first, but it just keeps coming back. Then I couldn't even update Malwarebytes anymore, and now, after trying to uninstall it, it won't reinstall even after renaming the file. I have also scanned with Avira Antivir, and all it did was temporarily kill the processes. I have tried all of this in safe mode as well.

Any help would be greatly appreciated. Thanks in advance.
DDS (Ver_09-07-30.01) - NTFSx86
Run by Brian at 15:16:33.23 on Wed 09/16/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.1556 [GMT -5:00]

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A1E92BC-FFA4-00C8-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {88D1D69C-FFA4-00D8-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A2FD47C-FFA4-00C8-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {8993D51C-FFA4-00D8-0... Read more

A:Security Center/Protection System

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

19 more replies
Answer Match 42%

I've been infected with the Protection System virus. Computer runs slower than normal. My google searches get redirected to www.searchwebonline.org. Obviouly, I get a ton of Protection System fake popups asking me to register and that it has found various worms/viruses, etc.

Please let me know what steps to take to get rid of this thing. I have downloaded OTL.exe and run the scan based on a previous post but the removal was not successful. Not sure but I guess the removal of malware/spyware is specific to each pc?

Anyway, any help would be greatly appreciated!

tenjed

A:Need help in removing Protection System Virus

Reposted: http://www.bleepingcomputer.com/forums/t/264165/windows-security-center/

1 more replies
Answer Match 42%

Hello,

My computer was recently infected by System Progressive Protection virus, which I removed using RKill and Malwarebytes Anti-Malware. In the process, the Antimalware detected and removed several Trojans and Rogues. How do I ensure that my computer is not infected? Any suggestions on additional scans that can be performed?

Thank you so much.

A:System Progressive Protection Virus

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwar... Read more

12 more replies
Answer Match 42%

i have a fake anti-virus called 'protection system' on my computer. It continually has pop-ups informing me that my system is infected and that i need to use 'protection system'. It has also tried to unistall AVG about 4-5 times.I have run malwarebtyes and AVG software. I tried running ad-aware but it didn't seem to find anything. *when i downloaded malwarebytes and HJT i had to change both the file names before i could install them* Please help!!! On a different site i read something about 'rootrepeal'.. i dled that and ran a scan, i have the report from that scan included as well.Malwarebytes' Anti-Malware 1.40Database version: 2551Windows 5.1.2600 Service Pack 38/20/2009 10:44:35 AMmbam-log-2009-08-20 (10-44-35).txtScan type: Quick ScanObjects scanned: 97055Time elapsed: 5 minute(s), 18 second(s)Memory Processes Infected: 1Memory Modules Infected: 1Registry Keys Infected: 4Registry Values Infected: 2Registry Data Items Infected: 0Folders Infected: 2Files Infected: 14Memory Processes Infected:C:\Program Files\Protection System\psystem.exe (Rogue.ProtectionSystem) -> Unloaded process successfully.Memory Modules Infected:\\?\globalroot\systemroot\system32\UACmosoxtbqlm.dll (Rogue.Agent) -> Delete on reboot.Registry Keys Infected:HKEY_CLASSES_ROOT\CLSID\{5e2121ee-0300-11d4-8d3b-444553540000} (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\CoreGuard ... Read more

A:Fake antivirus "protection system" please help!

Hi michellew1221,We will run ComboFix. You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer. Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member. You need to disable your AVG Antivirus before running ComboFix, as it will prevent it from running. To disable AVG antivirus:??Please open the AVG Control Center program -> double-click on the "AVG Resident Shield" component (looks like this: ) -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.When you need to enable the AVG Resident Shield, ( I???ll let you know when) just open the AVG Control Center program -> double-click on the "AVG Resident Shield" component -> select the "Turn on AVG Resident Shield" checkmark and save the setting.Note: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy. Please visit this webpage for instructions for downloading and running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix To work properly, you must install ComboFix o... Read more

9 more replies
Answer Match 42%

Hi, all. First, thank you for everything you do. I've come to this site a couple of times over the years and everyone has been incredibly helpful. I really appreciate it.

Now I come once again with a malware issue. I thought Spyware Doctor had gotten rid of all of Protection System, but it seems there are still residual traces wreaking havoc. I can hear different programs clicking on & off in the background, but nothing shows up in task manager. Spyware Doctor is finding a new Trojan or spyware about once an hour. Firefox Google Search doesn't seem to work and when I go to Google directly, I'm sometimes redirected to a different site & another Google tab opens up. When I reboot, I get half a dozen of memory errors.

I ran DDS, but GMER just would not run at all. I can download the zip file, but the program itself just won't initiate an install. I have the same issue with MalwareBytes--it seems something is preventing these programs from loading.

If you have any insight as to what is going on, I'd appreciate any sage advice you have to offer. Thank you.

DDS.txt:


DDS (Ver_09-06-26.01) - NTFSx86
Run by Brigid Fitch at 19:22:51.92 on Mon 07/13/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.313 [GMT -4:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Protection System *On-access sc... Read more

A:Infected with Protection System malware

hi.

Let run your gmer in a different way. Follow the instructions below;

If you have the gmer.exe now, delete it please.

Redownload GMER from here:
http://www.gmer.net/files.php

Unzip it to the desktop.

---------------------------------
Open Notepad and copy/paste the contents in the code box below, into Notepad.

Code:
@copy /y gmer.exe gamer.exe
@Start gamer.exe -protect
Save this as kyrie.bat Choose to "Save type as - All Files"

It should look like this:

Place the batch next to gmer & double click kyrie.bat to launch it.

--------------------------------------------------------------------------

When the program opens and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for 'Show All'.
Click on Scan.
Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop.
Attach that ARK.txt in your next reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Mark

19 more replies
Answer Match 42%

i have a fake anti-virus called 'protection system' on my computer. I have run malware btyes and AVG software. I tried running ad-aware but it didn't to find anything. *when i downloaded malwarebytes and HJT i had to change both the file names before i could install them* Please help!!!

***did a scan this morning, new logs are at bottom of post***
here is the log from malwarebytes

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3

8/20/2009 12:42:45 AM
mbam-log-2009-08-20 (00-42-45).txt

Scan type: Full Scan (C:\|)
Objects scanned: 146971
Time elapsed: 31 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACmosoxtbqlm.dll (Rogue.Agent) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\UACmosoxtbqlm.dll (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

and here is the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved... Read more

A:Protection System virus. help please! HJT log included

9 more replies
Answer Match 42%

Hi. I contracted Protection System. In addition to trying to uninstall AVG, it has pretty thoroughly hijacked firefox so as to make it unusable. I downloaded the setup file for Malwarebytes by using Safari, and managed to install it (although it took so long, I suspected it was frozen) but when it gets to the update part, it doesn't seem to do anything. If I try to run it, the file mbam.exe stops at mem usage 3,200K every time.

I used the program's uninstall program to uninstall protection system, however I have no confidence that that did anything but remove the desktop icons. I still get popups from the toolbar, so I know it must still be in residence. I ran AVG in safe mode, and it found 1 trojan horse generic file and moved it to the virus vault but now I'm stymied. Help?

Thanks.

A:Trouble getting ride of Protection System

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if... Read more

23 more replies
Answer Match 42%

Platform: Windows 7 Home, SP 1
 
I have two drives: C & D. C is used for the OS plus those programs that can only be installed on C. D is for my data and those programs that can be installed on any drive. I have some questions about "System Protection" configuration in the System Properties dialog box.
 
(1) "Protection" is "on" for the C drive and "off" for the D drive. Should I turn protection on for D? What guidelines should I use to make this decision?
 
(2) Max usage for C's system protection is 10% (11.6 GB) Currently there are 2 restore points consuming 10.6 GB. This makes me think I should increase the max usage to allow more restore points. Any guidelines on how to make this decision?
 
Thank you.

A:System protection (restore) questions

Personally, I don't use system restore. While it's great when it works, I've seen it fail when most needed too many times over the years. Instead I use (and recommend) backing up via disc imaging software on a regular basis.
 
However, to answer your question... whether or not you use system restore on both drives / partitions is entirely up to you. No guidelines. Here is all the info you need on system restore: http://windows.microsoft.com/en-us/windows-vista/system-restore-frequently-asked-questions.
 
Less space means fewer restore points (and vice versa). Again, a personal decision.

1 more replies
Answer Match 42%

Hello, My computer was hit with these viruses maybe 2 weeks ago. I have tried various types of online help, and I have not been able to get rid of the issue. My computer was offline for a few days, and when I went back online today, I was able to search without redirects for a few hours (I actually got to the real google page instead of the redirect one), but the issue is back now. I have read that sometimes, the virus can remain in the router until it is reset. I do not have access to the router to do this, so I hope that this is not the case. I have McAfee on my computer, but it is expired, so I am not sure that I disabled it correctly before running the scans. If I need to do anything over again let me know. Thank you in advance for your expert help.Here are my logs.************************************************************************************************************************************************Checkupresult************************************************************************************************************************************************Results of screen317's Security Check version 0.99.7 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! McAfee AntiVirus Plus McAfee Security Scan Plus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwar... Read more

A:System protection and redirect virus

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/419297 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

30 more replies
Answer Match 42%

I have this game, Dreamfall The Longest Journey. now I got a new computer with Windows Vista Home Premium 32bit. before I had Microsoft XP and there was no problem playing Dreamfall except it went in slowmotion... today I installed dreamfall and there was nothing going wrong untill Protection System came up when installation was done and I clicked on the game icon. this is what it says:

Protection System
To launch the application, u need to install additional libraries on your computer. Would you like to install them now?

No-nothing happens
Yes- Error. To install application you must have Administrator privileges on your computer.
what should I do?? when I click information it just collect a whole lot of ununderstanding information! if I click OK nothing happens. is there something that needs to be done? I really appriciate answers!

A:Dreamfall Protection System Error! pls help!

Originally Posted by angelsheart


I have this game, Dreamfall The Longest Journey. now I got a new computer with Windows Vista Home Premium 32bit. before I had Microsoft XP and there was no problem playing Dreamfall except it went in slowmotion... today I installed dreamfall and there was nothing going wrong untill Protection System came up when installation was done and I clicked on the game icon. this is what it says:

Protection System
To launch the application, u need to install additional libraries on your computer. Would you like to install them now?

No-nothing happens
Yes- Error. To install application you must have Administrator privileges on your computer.
what should I do?? when I click information it just collect a whole lot of ununderstanding information! if I click OK nothing happens. is there something that needs to be done? I really appriciate answers!



give it administrator priviledges then by right clicking the installer and running as administrator.
image below - i know this is GTA4 but its the same thing you have to do with the file on the disc or the executable.

5 more replies