locked
The remote registry setting on your PC has been turned on. RRS feed

  • Question

  • I am running a OneCare 90 day evaluation on a fully patched Windows XP Pro.

    OneCare is showing the "Problems were found on your computer." bar and when the Fix button is clicked the message box says

    "The remote registry setting on your PC has been turned on. This may allow remote computers to harm this PC.

    Problem details

    The remote registry setting makes it possible for remote users to make changes to your PC's registry using remote access software. This can harm your PC."

    This is the second time this has happened. The first time I encountered this screen was when OneCare did not activate on a reboot and I had to manually restart it from the Start menu.

    I figured that the problem was malicious rather than a fault in the OneCare so I ran my XP Pro Automated System Recovery to reinstall the operating system and was surprised to find that my hard drive was no longer accessible; ASR could not see it. I tried to recover with my Maxtor MaxBlast disk but it did not see the drive either. I then tried a Ubuntu Live CD and was able to repartition the disk with one of the Linux Tools.

    I would appreciate comments on this problem.

    Robert Wishlaw

    Friday, April 18, 2008 3:41 AM

Answers

  • OneCare looks for this registry entry, and fixes it for you during a scheduled system health check. I think it was coincidental that you were prompted after OneCare encountered a startup problem.
    Why a system recovery caused you to lose access to the hard drive through an apparent corrupt partition table I can't comment on, but the fact that the registry setting was found is not surprising as it is enabled on many systems - hence the reason for OneCare to look for this.
    -steve
    Friday, April 18, 2008 5:26 AM
    Moderator

All replies

  • OneCare looks for this registry entry, and fixes it for you during a scheduled system health check. I think it was coincidental that you were prompted after OneCare encountered a startup problem.
    Why a system recovery caused you to lose access to the hard drive through an apparent corrupt partition table I can't comment on, but the fact that the registry setting was found is not surprising as it is enabled on many systems - hence the reason for OneCare to look for this.
    -steve
    Friday, April 18, 2008 5:26 AM
    Moderator
  • Thank you for your comments Steve. After further investigation it seems that it was a coincidence that the   prompt regarding the remote registry setting followed the OneCare startup problem.

    However something is causing the MBR/Boot Sector to be changed. It may be an existing rootkit or a hardware failure. I will have to go back to a reinstall from a stock XP ASR and see if the problem persists. Once I get this solved I will again begin evaluating OneCare.

    Robert Wishlaw
    Saturday, April 19, 2008 8:45 AM