Recently we encountered a situation where a domain user, all of a sudden, was able to see all files and folders within the Windows 2008R2 domain, as if he was the administrator. The users' security was verified and according to the ADUC, had the appropriate security, yet was able to navigate at will throughout the network. Lucky this user is honest, and no damage done, but has anyone heard of such a thing? We reimaged the user PC and the issue has not re-occurred but we are very concerned this may occur again unless we find the reason. It is possible that a USB stick was used on this PC that had not been cleared, but I cannot find any reference to malware that does this.

Any ideas, Microsoft or anyone else?