No clue what virus it is/was or what program carried it. I had Avira Free installed at the time, which totally missed it; I also scanned my computer using the online versions of NOD32 and BitDefender, which found nothing; and this morning scanned my Win7 drive from XP using Avast, which found nothing pertinent. So I have no idea what virus or the source.Do you know what virus it is?
I believe if you accidently delete the only administrator account on your system, you are destined for a re-install. I know of no way to get around the security in Win 7. In your case it seems a virus has done this for you, but the results seem to be the same, unless you know of something left over from your Admin rights.
Does your user still show it is an admin?
This won't solve the problem because "Last Known Good Configuration" only works when Windows won't start. Windows is starting just fine and I can do everything a person with only the most basic privileges can do.I was thinking, and if the virus messed with the registry, you might be able to get back by using the F8 key during boot and select "Last Known Good Configuration".
As I noted above, I can't run RegEdit from the desktop, but I CAN run it from the Recovery Console (boot 7 from DVD). So I'm hoping that I can restore my Privileges the same way.Since I am not sure what you can or cannot run, it is hard for me to suggest anything.
Have you messed with the UAC settings?
Last Known replaces the current registry with an older one. But once you log off and back on, I believe it resets the Old to what was the current.This won't solve the problem because "Last Known Good Configuration" only works when Windows won't start. Windows is starting just fine and I can do everything a person with only the most basic privileges can do.
As I noted above, I can't run RegEdit from the desktop, but I CAN run it from the Recovery Console (boot 7 from DVD). So I'm hoping that I can restore my Privileges the same way.
Thanks for the reply.If you are still Administrator, can you open the user panel? (lusrmgr.msc)?
As you might expect, I don't have "Permission" to "change ownership". If I did, I don't think I'd be having this problem.If you can't get into the Windows Directory, you might think about changing the ownership and then giving yourself permissions. But before you do that, maybe seeing what permissions you have currently would help show the problem.
I'm not sure what to do with: "NT SERVICE\TrustedInstaller". Is that a command?The TrustedInstaller should be the current owner and have Special permissions with everything checked in Effective Permissions. To get Trusted Installer listed, you may need to use
NT SERVICE\TrustedInstaller
as a name to get it recognized.
If you take this one level up and look at the Windows 7 install (C: ) it should show the System and Administrators as having full control, Authenticated Users-special, and Users Read & Execute, List folder contents, and Read.
The $64 question. I *thought* Win7 was supposed to stop things like this from happening. Even allowing a *program* to ACCESS the Windows directory, and alter... let alone delete... all your System Restore points is something that no modern OS should ever permit.If the virus was able to basically lock you out of your system, I am not aware of how that might have happened, unless it was able to take you out of a group or change permissions on everything at once.
Hi Dave,Were you able to apply anything from my post?