Double clicking on the Windows XP clock to change the time produces a message saying that I do not have sufficient privileges and should contact the system administrator. Additionally, I can no longer see or access the Control Panel. The strange thing is I am an administrator of the local computer, so I don’t understand why I am being denied access. The computer has been scanned with Norton Antivirus 2007, Ad-Aware SE, and Windows Defender, but these have not detected any viruses or malware on the computer. How can I fix the permissions such that I can regain full control of the computer?

From your description of the problem, the security settings on your computer have been modified. Even if you are a local administrator on the computer, some security settings (known as Windows policy settings) can override your local administrator rights. For example, if your computer was a member of a Windows Server network (known as a Windows domain) even if you are a local administrator you may not be able to change the time on the local computer. This is to protect the computer itself, as the time on Windows workstations which are members of a domain need to be within 5 minutes of the domain controller, otherwise the domain controller will not be able to communicate with the workstation (for security reasons). While this example isn’t directly relevant to your situation, you can see how being a local administrator does not necessarily grant you full rights to the computer.

There are a few possible reasons why your computer has been subject to these particular security policies. The first reason is your computer has previously been part of a Windows network (domain). When your computer is a member of Windows domain, it will download group policies from the Windows server which contains the security settings for the local workstations. That said, since your computer is a home machine then this is a less likely explanation.

The next most likely explanation is a piece of malware was previously installed on your computer. Malware has a bad habit of applying security settings to your computer to make removal of the malware more difficult. Since you have scanned your computer using Norton Antivirus, Ad-Aware and Windows Defender it seems that the malware has been removed and is no longer residing on the computer. However, when such security policies are applied they remain resident on the computer until they are explicitly reversed, meaning that once the malware has been removed the policies remain in effect. Therefore, I suggest you ensure your antivirus and anti-spyware software is up to date with the latest definition packages, and do a complete re-scan of your computer. You must make certain that the malware is no longer on your computer, because if you reset the security permissions and the malware is still present, it will reapply the policies and cause the same problem again!

The final possible explanation is a piece of software on your computer has been changing the security permissions. Why any software would modify the security permission to lock you out of changing certain settings (e.g. time and date) and prevent access to the Control Panel is a mystery, so this is a less likely cause but still a valid one. We will know whether this is the cause once we reset the security permissions and check whether the problem reoccurs.

The security permissions which determine whether certain users (or user groups) can access and/or modify particular settings on the computer are contained within the Windows registry. However, we do not know how wide-spread the security policies which have been applied to your computer extend (for example, we don’t know what else on the computer has been blocked) so our best option is to reset all the security policies on the computer. Be aware, there are inherent risks whenever dealing with modifying the security policy on your computer, so I strongly suggest that you have a backup of all your important data before attempting this procedure, in case you lose access to your data following the procedure.

Additionally, this procedure will reset all file permissions, group memberships and policy settings to their default values. Since your computer is only operating in a home environment this should not present a major problem, since you probably only want these to be at their default values anyway. However, if you are unsure you will need to not just backup your data, but also the “system state” (i.e. the Windows registry). For more details, read the following Microsoft Knowledge Base article: support.microsoft.com/kb/313222 . However, as I mentioned, this should not be a major issue since your machine is a home computer, but just be aware of the implications of resetting the security permissions on your computer.

Once you have a full backup of your data, to reset the security permissions on your computer, logon under an administrator account on the computer (your normal user account should be fine) then go to the “Start” menu > “Run”. In the Run box type “cmd” (without the quotes) and click OK. A Command Prompt window should appear on the screen. In the command prompt, type the following command:
secedit /configure /cfg %windir%repairsecsetup.inf /db secsetup.sdb /verbose
The command may take several minutes to complete, as it scans through and processes the file security and registry security settings on the computer. The process indication in the command window will provide you with an update on progress. Once this has completed, the security settings on your computer should be at their default values. Restart the computer, and check whether the problems continue.

If you do find the problem continues, it is possible that either the security policy reset has not fixed the problem, or a program or process running on your computer has reapplied the restrictive security policies. In this event, we need to determine exactly what has happened. To do this, we will disable all processes from loading on Windows startup, run the security policy reset command again, restart the computer, and check the results. As the first step, we need to disable all processes from loading on Windows startup. Go to the “Start” menu > “Run” and type “msconfig” (without the quotes) and click OK. In the System Configuration Utility window that appears, click the “Startup” tab. This will list all the processes which load on Windows startup. Write down the name of all the processes which are currently ticked (enabled), as you will need this later to re-enable the processes. Once this has been done, untick (disable) all the processes and click OK. You may be prompted to restart the computer. Should this be offered, click No as you do not wish to restart the computer just yet. Next, you need to re-run the security reset command (as detailed previously in this answer). Once the security reset command has been run, restart the computer. Once the computer has restarted, check whether the problem persists.

If the problem does not persist, one of those processes is causing the problem. Now, you just need to determine which of the processes is the problem. To do this, go back into the System Configuration Utility “Startup” tab and enable one of the processes, click OK, then restart the computer. Check whether the problem reoccurs. Continue this procedure until the problem reoccurs, at which time you know that the most recently enabled process is the one causing the problem. At this point, you can leave that process disabled until you find more information about the nature of the process and perhaps how the problem can be fixed.

However, should the problem continue after disabling all the processes and running the security reset command again, this indicates that the security reset command is not effective and is not fixing the security policies. In this situation, please contact me for further advice as I will need to investigate the problem further to determine why this is not working.