I had this computer that was in for malware removal.  I had clean it mostly up before having a few days off.  When I came back, they were trying to an OS reload on it because it was BSoDing from TDSS and they could not be bothered to fix it.  So I removed TDSS, thus fixing the BSoD during boot, which was 0x0000007B.  I got the rest of the OS clean up and was finishing verification when I noticed Mcafee would not scan and the Mcafee firewall would not start.  

I fixed the not scanning issues by turning the Mcafee services back during boot -- I had turned them off during a clean boot.  However, the firewall would still not start, nor was it throwing any helpful errors about the problem.  A quick search of the Mcafee help site did not reveal anything more helpful, than reload the product.  I started poking around the services, on a hunch, when I noticed the Windows Firewall service (MpsSvc) was missing.  I figured, might as well fix this while I think about the Mcafee firewall problem.  I reinstalled the service by importing the registry values from a known good machine.  After an import and reboot, the Mcafee firewall magically started up.  Turns out the Mcafee firewall depends on the Windows firewall service.  

You can query to service for existance by using the command line:

sc query MpsSvc

If you get "The specified service does not exist as an installed service," then the Windows Firewall service will need to be reinstalled; also, it can be check by looking through the Services tree in Computer managment.  

Here is the text from the .reg file for CurrentControlSet or direct download

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc] "DisplayName"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23090" "Group"="NetworkProvider" "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\ 00,65,00,4e,00,6f,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,00,00 "Description"="@%SystemRoot%\\system32\\FirewallAPI.dll,-23091" "ObjectName"="NT Authority\\LocalService" "ErrorControl"=dword:00000001 "Start"=dword:00000002 "Type"=dword:00000020 "DependOnService"=hex(7):6d,00,70,00,73,00,64,00,72,00,76,00,00,00,62,00,66,00,\ 65,00,00,00,00,00 "ServiceSidType"=dword:00000003 "RequiredPrivileges"=hex(7):53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,\ 00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,\ 72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,75,\ 00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\ 00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,\ 00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\ 53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,\ 00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\ 65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,\ 00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,\ 6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,\ 00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 "FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters] "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 6d,00,70,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"ServiceDllUnloadOnStop"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Parameters\PortKeywords] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc\Security] "Security"=hex:01,00,14,80,b4,00,00,00,c0,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,84,00,05,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\ 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\ 00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,15,00,\ 00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,\ 0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\ 00,00,00,05,12,00,00,00

Permalink | Leave a comment  »

No sort

=Query(A:C, "select A,count(C) where (A is not null and C='y') or (A is not null and C='Y') group by A")

Sorts by count

=Query(A:C, "select A,count(C) where (A is not null and C='y') or (A is not null and C='Y') group by A pivot B")

Sorts by count, creates pivot table based on count, and labels column A=LDAP, B=Done

=Query(A:C, "select A,count(C) where (A is not null and lower(C)='y') group by A pivot B label A 'LDAP', count(C) 'Done'")

Imports range from another shared spreadsheet

=ImportRange("0AiVAdzdSox_mdGRlR0hRLVQwTEdDY3ZjU3phc29IWlE","Sheet1!A:C")

Query data and create pivot table from shared Google Spreadsheet (Only updates every few minutes, will refresh if opened and closed)

=arrayFormula(query(ImportRange("0AiVAdzdSox_mdGRlR0hRLVQwTEdDY3ZjU3phc29IWlE","Sheet1!A:C"),  "select Col1,count(Col3) where (Col1 is not null and lower(Col3)='y') group by Col1 pivot Col2 label Col1 'LDAP', count(Col3) 'Done'"))

Permalink | Leave a comment  »

This computer came in the other day with Word 2000 showing no toolbars.  Shortly later Word 2000, would stop responding and turn into a white window.  Word would open without any problems using winword /a from the run box.  This only seemed to effect Word 2000, but not excel, outlook, or powerpoint.  

I tried reinstalling, repairing, deleting normal.dot, and deleting several recommended registry keys, however none of this resolved the issue.  What did resolve the issue was a solution I saw on Microsoft Answers. The solution was to uninstall the "Office Live Add-in."  Once removed and the system rebooted, Word 2000 worked perfectly fine.  

Permalink | Leave a comment  »

After removing malware from this one Vista computer, we had several corrupt drivers (PEauth.sys, processor, and chipset).  Poking around in the removal logs, I found WDF01000.sys had been removed.  I ran SFC and it threw back an error about the replacement file in the store being corrupt too.  So I found a good copy of wdf01000.sys from another vista box, and replaced the file in %windir%\system32\Drivers with the know good file.  SFC still refused to accept the file as being good.  Looking in the driver store, the actually file was missing, therefore I copied the known good file into the driver store too.  

This fixed all the problems in SFC, but still did not fix the problems in Device Manager (error code 34, if I remember correctly).  After spending, what felt like days, examining files and registry keys, I realized the service information for the driver was missing from the registry.  After exporting a copy of the driver info from another Vista box, and importing the registry information, everything appeared correct.  I rebooted the unit, and all the drivers started up correctly, and the PS/2 mouse and keyboard started working again.  

Here is a link (http://www.box.com/s/8464f244b4748b850d0b) to the copy of the WD01000.sys registry file -- it was made for Vista x86, but should work on Windows 7 x86/x64, and Vista x64. 

Permalink | Leave a comment  »

This unit came into the store for a virus removal with the note, will not connect to internet; of course, I figured the internet connection problem would be something simple to fix like usual.  Surprisingly, it turned into an interesting problem to solve; I just had to solve it before anyone else go to it and reloaded Windows because they don't know how to deal with it otherwise.  

Looking through Event viewer I kept seeing "Access denied" errors for DHCP, and "Network Location Awareness service terminated with service-specific error %%-1073741288."  I figured fixing the DHCP Access denied error would fix the Network location Awareness error too.  After following KB943996 (http://support.microsoft.com/kb/943996 ) to fix the access denied error and to fix the Diagnositc Policy,  I rebooted to the exact same issue.  After poking around the registry verifying permissions and settings, I finally just put it on some automated scans, so I could work on other things.   

After the scans came back clean, and I checked for boot sector infections - none where found.  I looked back at the event viewer.  The only real error now was the Network Location Awareness service error listed above.  Researching on the internet found very few answers beside a repair install.  Digging through the Microsoft forums, I found a man who offered a simple fix, which seemed to help most people.  It is basically adding the "Localservice" user and "NetworkService" user to the adminstrators group.  WIth nothing to lose, I tried it out and it worked flawlessly.  

The commands are (from an administrator command prompt):

net localgroup administrators localservice /add net localgroup administrators networkservice /add

Reboot and done. 

Permalink | Leave a comment  »

Delete NSI from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\DependOnService  Started working after this.

Check nsiproxy.sys for file corruption (replace with known good copy and replace NSI back in DependonService key)

Turned out to be a bad hard drive.  :(

Permalink | Leave a comment  »

See the full gallery on Posterous

See the full gallery on Posterous

Permalink | Leave a comment  »

Acer recovery partition password:  Saved in plain text in a file named aimdrs.dat at the root of the recovery partition. 

Mac: F12 ejects media from the optical drive during boot

ERROR: "Windows cannot find '(null)' " when using IE; FIX: uninstall and reinstall IE

When installing SP1 0x800F0A12: FIX  What I did:  Enabling automount did not fix the problem; mountvol /e did not work.  Using diskpart to set the 100MB "Startup repair" partition to active resolved the problem.  

ERROR: When opening a link in Outlook, "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."  Resolution: (Microsoft KB310049)

Permalink | Leave a comment  »

See the full gallery on Posterous

Permalink | Leave a comment  »

See the full gallery on Posterous

Permalink | Leave a comment  »

See the full gallery on Posterous

Permalink | Leave a comment  »

Permalink | Leave a comment  »

We ran into a problem while finishing a malware removal, in which the Malicious Software Removal tool (MSRT) would not run.  We first noticed the problem while downloading Windows updates -- all the other updates would install, but Windows Update kept reoffering the August 2011 MSRT.  We tried many different things, such as reseting Windows Updates, double checking for root kits, rescanning the machines,  manually checking files in %windir%, and an assortment of other things.  One of the things we tried was downloading the standalone MSRT from http://support.microsoft.com/kb/890830.  The file would download fine, but it would not run.  The extraction dialog boxes would show up, then it would just disappear.  Watching Task Manager while extracting the MSRT standalone package show the package would start running and then just disappear.  We could not find any information in Event viewer, mrt.log, or mrteng.log. 

We double checked the permissions on HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools to make sure acces was not denied, since the MSRT package updates the Version subkey when a new verison successfully finishes.  Our final idea was to take ownership of %windir%\system32\mrt.exe and rename the file to %windir%\system32\mrt.old.  To do this we used the following commands:

takeown /f %windir%\system32\mrt.exe /a icacls %windir%\system32\mrt.exe /grant Administrators:F ren %windir%\system32\mrt.exe mrt.old

After successfully taking ownership and renaming the file, We reran the MSRT standalone package.  This time MSRT actually continued to run, and allowed us to complete a scan.   After MSRT finished a scan Windows Update stopped reoffering the the August 2011 MSRT package and offered new Windows Updates.   I am not sure whether the problem was acutally permission or a corrupted mrt.exe, since I was time crunched to fix the problem before the customer returned. 

Permalink | Leave a comment  »

We had this customer bring in a Dell desktop for having sound everywhere but in flash player; the customer had already had two local repair shops take a look at the problem and his IT guru son -- none were able to actually fix the problem.  We looked at it for a few minutes with him in the store, but eventually convinced him we should check the computer in for repairs. 

The symptoms were sound every where, but webpages using flash player.  The volume mixer did not show any other devices but the built in sound device (a realtek sound card).  Videos would download without any problems.  All the Windows Vista x64 sounds worked fine, as did any local media.

Attempted resolutions

Uninstall Flash player, and reinstalled -- no effect

Flash player removal tool, and reinstall -- no effect

After poking around for a little bit, we found the registry keys for sound drivers were missing from the registry.

All the sub keys under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 were missing.  A post on Technet indicated that the "wavemapper" subkey being missing was often the cause of no sound in flash player.  We created a string value subkey named "wavemapper" under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32, with a value of "msacm32.drv."  After a reboot, we still had no sound.  We looked under the x64 drivers registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32 and found all the subkeys here were missing too.  So we exported a known good list of both the x86 driver32 keys, and the x64 driver32 subkeys.  After importing them and rebooting, there was still no sound.  One of our tools indicated that users did not have permissions to read the registry keys, but it also show the keys existed; however regedit show the keys as still missing.  I tried creating another copy of "wavemapper" in the Drivers32 subkey, but regedit tossed up an error saying the key already existed.

All the permissions on the registry keys looked ok, but I decided to look at the effective permissions.  Luckly, I got the right account off the bat.  It turned out the Administrator account had deny "Full Control" set.  I moved up to the key higher in the tree, and found the the deny permission.  After unsetting it and rebooting, sound worked perfectly. 

Permalink | Leave a comment  »

We had another employee's computer get this error while installing Service Pack 1 for Windows 7 x64.  After poking around for some answer about how to fix the problem, I found most people were having sucess with running dism /image:c:\ /cleanup-image /revertpendingactions in Windows 7 Recovery Environment.  This seemed to be working for us, but ending up throwing "Error 2" and bailing out.  I pulled up the x:\windows\logs\dism\dism.log and started searching through for a possible answer.  

Near the middle of dism.log, I found an error "Status_object_name_not_found" and a reference to the missing file in d:\windows\winsxs\.  I pulled a good copy from another Windows 7 x64 SP1 machines.  Reruning dism failed again with the same error, and the log found the same "Status_Object_Name_Not_Found" error.  Also dism.log would indicate a missing directory with the error "Status_Object_Path_Not_Found."  Between these two errors, my co-worker and I replaced between 200-300 files, and directories.  

So the basic process from the command line in Windows Recovery Environment was:

dism /image:d:\ /cleanup-image /revertPendingActions notepad x:\windows\logs\dism\dism.log copy g:\windows\winsxs\PathTo\missingFile.xxx d:\windows\winsxs\PathTo\MissingFile robocopy g:\windows\winsxs\MissingDirectory d:\windows\winsxs\MissingDirectory /e (For Missing Directories) del x:\windows\logs\dism\dism.log

Once we replaced all the missing file in Windows Recovery Environment, the computer started booting to Windows without any errors; in windows, we ran SFC from an administrative command prompt.  Reading through the SFC log the first time, some missing files from SP1 which I replaced with known good copies from another Windows 7 box.  These first missing files were found by using "findstr /c:"[SR] Cannot" c:\windows\logs\cbs\cbs.log > c:\sfcResults.txt."  All the missing files are listed in sfcResults.txt.  After fixing these SFC did not show any errors from the above command, but said it found unrepairable errors.  Searching manually through cbs.log, I found a reference to "Status_Object_Path_Not_Found."  After replacing the missing directory, and a reboot, we ran SFC; the findstr command above found more missing files, which were all in a single missing directory.  We replaced these, and that ended up being all the missing files.   

One note, is /revertPendingActions rolls back filesystem changes, and not changes to the registry.  So Service Pack 1 was seen by Windows as installed, and 99% of the files we replaced by hand were for Service Pack 1.  We had thought about using System Restore, but there was no restore data.  

Permalink | Leave a comment  »

The other day, we had a Vista Service Pack 1 notebook dropped off just to have Service Pack 2 installed.  We ran through some basic hardware tests, and virus scans to make sure things were ok; the problem was error code 0x80073712 which means "CBS manifest is corrupted."  So we ran through the System Readiness Tool, and SFC, fixing all those errors.  Afterward, the Service pack installer was still throwing 0x80073712.  So I started looking through the cbs.log and noticed there was an error stating "MissingFileSystemResource" and pointing to a specific file in c:\windows\winsxs.  So I replaced the file from a known good copy of Winsxs, backed up the CBS log, and reran the SP installer; it failed again, but this time the CBS log pointed to a different missing file.

Being the semi-lazy when it comes to repeating a process over and over, I wrote a basic batch file to find the missing file from CBS.log, delete the cbs log, and run the service pack installer.  Here it is (make sure to turn off UAC, to simply the process):

@echo off findstr /c:"MissingFileSystemResource" pause del %windir%\logs\cbs\cbs.log pathToSp2\Installer\sp2.exe /unattend

So after running this script and replacing problem 15-20 missing files, the service pack installer started to reboot the system like normal; during the reboot, it would get to "Stage 1 of 3" and fail at 4%; the new error was 0x80070002 "Error_File_Not_Found," when it booted back to Windows.  I checked the CBS log again for guidance on the missing file, but there was no indicator of thie missing file.  So I started poking around setupapi.dev.log looking for something wrong.  After blinding paging through many many pages of setupapi.dev.log, I found an error pointing to a missing file in c:\windows\winsxs.  This time, I replaced the missing file with a known good, backed up setupapi.dev.log and reran the service pack installer.  The installer rebooted and failed in the same place; once back in Windows, I searched setupapi.dev.log for the word "fail" and quickly found another single reference to a missing file.  So again, the missing file got replace, setupapi.dev.log got erased, and the installer reran.  This process went on for two or three more files, before I had to leave for the day. 

I, later, realized the easier way to figure out the missing files would have been to compare this corrupt Winsxs, to a known good Vista SP1 winsxs with something like comp.exe or Winmerge.  So in preparation to test my new idea, I used tree on a Vista SP1 virtual machines and redirected the results into a text file.

tree /f /a c:\windows\winsxs > c:\WinsxsSp1.txt

Sadly, before I could test my new process the machine was already started on an OS reload.  So this idea remains unverified.

The Vista SP1 text document is here.

Permalink | Leave a comment  »

I had a customer come in with a phantom contact in the "To:" field's dynamic list.  The weird this was this contact did not appear in the actual contact list.  After all the typical fixes -- reseting IE, clearing cookies, clearing flash cookies, etc -- I had almost given up when I saw a possible fix on some random questionable forum.  The idea was there was a pending invitation request, and that was the phantom contact.  In this case, it was an invitation from "Sexygirlroom."  It did turn out to be a pending invitation, which once decline, caused the phantom contact to disappear. 

Here is how to decline/remove the contact:

• Click "Contacts"
• Click "View Invitations"
• Click "Groups"
• Decline any unwanted invitations. 

Permalink | Leave a comment  »

Adding Microsoft Standalone System Sweeper to a custom USB drive is no more difficult than creating the initial USB stick. The most complicated part is keeping track of the BCD descriptions; it is far easier to get it right the first time, than have to go back and change it.  Although updating the descriptions is not difficult. 

First download the Microsoft Standalone System Sweeper files for both x86 and x64 - https://connect.microsoft.com/systemsweeper is the beta page, which will change eventually.  I ran both executables and created ISOs.  Next, I mounted those ISO with Virutal clone drive and copied the contents to a working directory, such as c:\temp\MSSS_x64\.  After both ISOs have been copied to a working directory, some files will need to be copied into the main bootable image. 

First, we'll need to copy boot.wim into our destination image sources directory and rename the file. 

copy c:\temp\msss_x64\sources\boot.wim c:\temp\usb\sources\msss_x64.wim copy c:\temp\msss_x86\sources\boot.wim c:\temp\usb\sources\msss_x86.wim

We'll also need to copy FilesList64.dll, mpam-fex64.exe from the x64 source, and FilesList32.dll, and mpam-fe.exe from the x86 source.  Just put these in the root of the working directory.  Also copy etfsboot_XP.com from the x86 boot directory into the USB boot directory.

Now that all of our files are in place, we will need to update the BCD store to boot the new System Sweeper images.

First make a copy of the default BCD entry and take note of the GUID

bcdedit /store bcd /copy {default} /d "MSSS x86" bcdedit /store bcd /copy {default} /d "MSSS x64"

From here, the BCD settings for each new entry must be updated with the path to the MSSS images.  I did this with the following script, since I'm lazy. 

bcdedit /store c:\share\Waik\usb_pe_working\boot\bcd /set {967afa23-91d8-11e0-aea5-005056c00008} device ramdisk=[boot]\sources\msss_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f} bcdedit /store c:\share\Waik\usb_pe_working\boot\bcd /set {967afa23-91d8-11e0-aea5-005056c00008} osdevice ramdisk=[boot]\sources\msss_x64.wim,{7619dcc8-fafe-11d9-b411-000476eba25f} bcdedit /store c:\share\Waik\usb_pe_working\boot\bcd /set {d36d8608-91d8-11e0-aea5-005056c00008} device ramdisk=[boot]\sources\msss_x86.wim,{7619dcc8-fafe-11d9-b411-000476eba25f} bcdedit /store c:\share\Waik\usb_pe_working\boot\bcd /set {d36d8608-91d8-11e0-aea5-005056c00008} osdevice ramdisk=[boot]\sources\msss_x86.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}

While I was using Find and Replace to update the GUIDs, I failed to notice, the descriptions pointed to the wrong MSSS images.  So after testing to make sure it worked, I had to go back and rename the BCD entries.

bcdedit /store bcd  /set {d36d8608-91d8-11e0-aea5-005056c00008} description "MSSS x86" bcdedit /store bcd /set {967afa23-91d8-11e0-aea5-005056c00008} description "MSSS x64"

You'll need to use diskpart from here to set the partition on the USB drive to active, then copy the files over. 

Manual Updates can retrieved from the Microsoft Malware Protection Center, if you don't want to get the updates everytime it boots. 

Permalink | Leave a comment  »

We had this customer come in this week who was having problems with his Office 2010.  The problem was the Insert Page number galleries would not show up, like in the picture.

It turns out this is caused by the "Built-In Building Blocks.dotx" file being hidden.  After unhiding this file, the galleries will reappear like magic. 

Make sure Word is closed, then from a command prompt:

attrib -h "%userprofile%\appdata\Roaming\Microsoft\Document Building Blocks\1033\14\Built-In Building Blocks.dotx"

Or it can be unhidden from Windows Explorer:

• Open Windows Explorer
• Open the Windows Explorer Folder Options (under Tools)
• Select "View" tab
• Select "Show hidden files, folders, drives" radial button
• Click ok
• Navigate to Appdata\Roaming\Microsoft\Document Building Blocks\1033\14
• Right Click on "Built-In Building Blocks.dotx"
• Uncheck "Hidden" check box.
• Click Ok.
• Go back through Folder Options and rehide files.
• Done.

I would, also, unhide "Building Blocks.dotx" in the process, if it exists.

Seriously, make sure Word 2010 is closed or changing the hidden attribute will have no effect. 

Final results should look like this picture. 

Sorry for the crappy screenshots, I didn't remember to close out the movie I was watching. 

Permalink | Leave a comment  »

To unhide hidden libraries in Windows 7 (This is an outline for unhiding all the libraries, but can be easily applied to individual)

1.  Unhide the Libraries directory

attrib -h %userprofile%\Appdata\Roaming\Microsoft\Windows\Libraries

2. Unhide all Library Files

attrib -h %userprofile%\Appdata\Roaming\Microsoft\Windows\Libraries\*

3. Reboot and all your default libraries should be visible. If not try again. 

Permalink | Leave a comment  »