A customer brought in a Window XP computer that had the “ZeroAccess” rootkit on it. It must have removed Microsoft Security Essentials (MSE) and replaced its directory with symbolic links (junctions) that pointed to the system32/config Directory. When I attempted to put MSE back on the client’s machine it failed with error code 0x80070643.
I could not remove the symbolic links even in knoppix. This was because ZeroAccess was still not removed. After I removed it I was easily able to remove the symbolic links.
After doing some research I found that the the Microsoft fix it at http://support.microsoft.com/mats/Program_Install_and_Uninstall worked well at completly uninstalling the program. I told the fix it program to uninstall the “Microsoft Security Client” after that the program installed with no additional problems.