Hi all,
I have sitting in front of me the second PC where the owner, admin and Safe Mode Admin account have no permissions. Control panel has been removed and when I try to run it I get the error that I do not have permissions, contract the administrator. I tried to run MMC and all the GPO plugin but its not listed. The only things that I can see that they have in common is that they both that the winAV2007 and antivir icons (known spyware) on the desktop. I've removed them (kaspursky and AVG) and they now scan clean but the permissions are still messed up.

anybody else hit something like this?

Formatting is a good thing.

Formatting is a good thing.

not when you need the programs and data. This is the second machine that I've seen this happen to. I can't just go formatting every machine this happens to. If theres a solution I'll find it.

ok. after weeks of searching around the net fro clues I have finally cleaned this system. It looks like this is the work of [winantiviruspro2007] I couldn't fit enough curses in this thread for the writer of this. I will put my notes together along with links to reading and programs used in case someone else gets stuck with this.

I just cleaned the same thing off my sisters laptop a few days ago. It took about 9 hours all told. Posting your notes would be a great help, but at the same time, this winantivirus changes so fast that it is hard to keep up. I have removed this from about a dozen systems this year and all of them were just a little harder each time and in different areas.
Thanks for your notes.

its funny that you have just posted this...just yesterday a client brought their computer in that is doing the exact same thing...out 4 users and the guest account...none will show the control panel or give admin rights. I took the drive out and connect to another computer to scan. Found only 4 virsus and slapped the drive back into the old machine...

Nope didn't work at all..the computer is doing the same thing all over again..no admin rights, no control panel..no nothing but thousands of pop ups etc. even after the full scan of the hard drive...

so i'm going to back up the drive and blow everything away...but please do post the information you have found.

Yeah...sharing notes about this kind of stuff is always helpful for reference. Gimmie :D

Check my sig guys, I have a thread about it. If it is that bad, get files and just format, recovering Windows back to "stock" is virtually impossible.

Check my sig guys, I have a thread about it. If it is that bad, get files and just format, recovering Windows back to "stock" is virtually impossible.Just did so (recovering to stock). :D
Although a repair installation kinda counts as a reinstall - XP managed to get all networking ability killed off by a combo of 100+ viruses and crap (well, this was in reference back to other thread (http://www.ocforums.com/showthread.php?t=532737)...got confused here)