Your fonts folder is menu, and when you said Control Panel Home looked that way I was confused.
But yeah your fonts folder is correct.
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.
Cannot get into System Properties
Started by
McZwick
, Jan 31 2012 11:22 AM
135 replies to this topic
#31
cryptodan
-
- Members
- 38,037 posts
- OFFLINE
Bleepin Madman
- Gender:Male
- Location:USA
- Local time:04:42 AM
Posted 02 February 2012 - 12:00 PM
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
Back to top
#32
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 12:02 PM
Ahh yes...Yeah it just says "control panel home" as a shortcut on the top right.
Any other ideas?
Any other ideas?
Edited by McZwick, 02 February 2012 - 12:02 PM.
#33
cryptodan
-
- Members
- 38,037 posts
- OFFLINE
Bleepin Madman
- Gender:Male
- Location:USA
- Local time:04:42 AM
Posted 02 February 2012 - 12:18 PM
Go to Start > Search Box > type in cmd hit enter.
In the box type in "echo %path%" minus the quotes.
You should get something like this:
C:\Users\cryptodan>echo %path%
C:\Program Files\Common Files\Microsoft Shared\Windows Live;
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;
C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;
C:\Program Files (x86)\Windows Live\Shared;
C:\Program Files (x86)\WinSCP\;
C:\Program Files (x86)\QuickTime\QTSystem\;
C:\Program Files\Intel\WiFi\bin\;
C:\Program Files\CommonFiles\Intel\WirelessCommon\;
c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;
c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;
c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;
C:\Program Files\Intel\WiFi\bin\;
C:\Program Files\Common Files\Intel\WirelessCommon\
C:\Users\cryptodan>
In the box type in "echo %path%" minus the quotes.
You should get something like this:
C:\Users\cryptodan>echo %path%
C:\Program Files\Common Files\Microsoft Shared\Windows Live;
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;
C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;
C:\Program Files (x86)\Windows Live\Shared;
C:\Program Files (x86)\WinSCP\;
C:\Program Files (x86)\QuickTime\QTSystem\;
C:\Program Files\Intel\WiFi\bin\;
C:\Program Files\CommonFiles\Intel\WirelessCommon\;
c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;
c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;
c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;
C:\Program Files\Intel\WiFi\bin\;
C:\Program Files\Common Files\Intel\WirelessCommon\
C:\Users\cryptodan>
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
#34
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 12:21 PM
Here's what I get:
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.
C:\Users\Zwick>echo %path%
C:\Windows\system32;
C:\Windows;
C:\Windows\system32\wbem;
C:\Program Files\CommonFiles\Microsoft Shared\Windows Live;
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;
C:\Windows\System32\WindowsPowerShell\v1.0;
C:\Program Files (x86)\Windows Live\Shared
C:\Users\Zwick>
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.
C:\Users\Zwick>echo %path%
C:\Windows\system32;
C:\Windows;
C:\Windows\system32\wbem;
C:\Program Files\CommonFiles\Microsoft Shared\Windows Live;
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;
C:\Windows\System32\WindowsPowerShell\v1.0;
C:\Program Files (x86)\Windows Live\Shared
C:\Users\Zwick>
#35
James Litten
-
- BC Advisor
- 1,946 posts
- OFFLINE
¿Ԁǝǝ˥q
- Gender:Male
- Location:New Jersey
- Local time:11:42 PM
Posted 02 February 2012 - 01:58 PM
James,
I can open the fonts folder and see everything. It does look different. Is there anything different between the fonts and system folders?
adam
They are both what is known as Windows System Folders.
Good, that helps us narrow it down to the System Properties and not all System Folders.
Let me put together a little batch file for you to run that will check the registry and I'll post it here later today.
James
#36
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
#37
James Litten
-
- BC Advisor
- 1,946 posts
- OFFLINE
¿Ԁǝǝ˥q
- Gender:Male
- Location:New Jersey
- Local time:11:42 PM
Posted 02 February 2012 - 02:34 PM
Okay, I wrote the batch file but before we run it, I want to be sure that we are heading down the right path.
Open a Run window by pressing the key combination
Windows Key and R
The run window should open.
Enter the text
control.exe fonts
and click OK
The Fonts window that you saw before should open.
Close it.
Again, open the Run window and this time enter the text
control.exe system
and click OK
This should not work.
Let me know if this is the case.
James
Open a Run window by pressing the key combination
Windows Key and R
The run window should open.
Enter the text
control.exe fonts
and click OK
The Fonts window that you saw before should open.
Close it.
Again, open the Run window and this time enter the text
control.exe system
and click OK
This should not work.
Let me know if this is the case.
James
#38
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 02:35 PM
You are exactly right! Fonts works, system doesn't.
I'm still trying to learn my way around my system better. Are you thinking there is a registry key missing?
I'm still trying to learn my way around my system better. Are you thinking there is a registry key missing?
#39
James Litten
-
- BC Advisor
- 1,946 posts
- OFFLINE
¿Ԁǝǝ˥q
- Gender:Male
- Location:New Jersey
- Local time:11:42 PM
Posted 02 February 2012 - 03:09 PM
You are exactly right! Fonts works, system doesn't.
I'm still trying to learn my way around my system better. Are you thinking there is a registry key missing?
Yeah, what happens is that a system file is replaced by a virus so that the system file is now labeled a bad,naughty, evil file. Some virus cleaners will then search the registry for keys that cause this bad file to run and delete or edit those registry keys. What the virus cleaner is SUPPOSED to do is first check if the bad file is a system file, replace it with a clean backup of the system file and not worry about any registry keys that invoke it because it is NOT evil.
This is very complicated and hard to do in real life so sometimes keys get deleted or edited that should not.
Here are the instructions for what you need to do to enable us to make sure that the registry keys for Microsoft.System aka GUID {BB06C0E4-D293-4f75-8A90-CB05B6477EEE} are as they should be.
Open notepad and copy/paste the text in the quotebox below into it:
REG QUERY HKCR\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
REG QUERY HKCR\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE} /s
REG QUERY HKLM\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
REG QUERY HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
REG QUERY HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
Save this as sysprop.bat Choose to "Save type as - All Files". Save it to your desktop.
Open a Run window by pressing the key combination
Windows Key and R
The run window should open.
Enter the text
%USERPROFILE%\desktop\sysprop.bat > %USERPROFILE%\desktop\sysprop.txt
and click OK
after it runs, it should create a file called sysprop.txt on your desktop. Copy the contents of that file and paste it into your post.
Let me know if you have any problems or questions.
James
#40
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 03:14 PM
BOOM! Log! What are we looking for in here? And thanks for the explanation of what is going on...me getting this virus and going through this forum to get rid of it has been super interesting....
-----------
C:\Users\Zwick\desktop>REG QUERY HKCR\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKCR\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE} /s
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
-----------
C:\Users\Zwick\desktop>REG QUERY HKCR\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_CLASSES_ROOT\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKCR\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE} /s
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BB06C0E4-D293-4F75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
System.ApplicationName REG_SZ Microsoft.System
System.ControlPanel.Category REG_SZ 5
System.ControlPanel.EnableInSafeMode REG_DWORD 0x3
InfoTip REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-2
LocalizedString REG_EXPAND_SZ @%SystemRoot%\System32\systemcpl.dll,-1
System.Software.TasksFileUrl REG_SZ Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\DefaultIcon
(Default) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-149
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\InProcServer32
(Default) REG_EXPAND_SZ %SystemRoot%\System32\shdocvw.dll
ThreadingModel REG_SZ Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance
CLSID REG_SZ {328B0346-7EAF-4BBE-A479-7CB88A095F5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\Instance\InitPropertyBag
ResourceDLL REG_EXPAND_SZ %SystemRoot%\System32\systemcpl.dll
ResourceID REG_DWORD 0x64
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}\ShellFolder
Attributes REG_DWORD 0xa0000000
WantsParseDisplayName REG_SZ
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
C:\Users\Zwick\desktop>REG QUERY HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}
(Default) REG_SZ System
#41
cryptodan
-
- Members
- 38,037 posts
- OFFLINE
Bleepin Madman
- Gender:Male
- Location:USA
- Local time:04:42 AM
Posted 02 February 2012 - 03:33 PM
I would try reinstalling the DHTML Editing Control for Windows 7 this could fix it.
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
#42
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 03:36 PM
Your link appears to be for Windows Vista...is this really what you want me to do? I'm running Windows 7
#43
cryptodan
-
- Members
- 38,037 posts
- OFFLINE
Bleepin Madman
- Gender:Male
- Location:USA
- Local time:04:42 AM
Posted 02 February 2012 - 03:39 PM
It should work as Windows 7 is based off of Vista.
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t
#44
McZwick
- Topic Starter
-
- Members
- 86 posts
- OFFLINE
- Local time:11:42 PM
Posted 02 February 2012 - 03:47 PM
No luck...I installed and restarted and nothing changed. Bummer!
#45
James Litten
-
- BC Advisor
- 1,946 posts
- OFFLINE
¿Ԁǝǝ˥q
- Gender:Male
- Location:New Jersey
- Local time:11:42 PM
Posted 02 February 2012 - 04:18 PM
Thanks for running and posting those reg entries. They look correct but when I cross reference them with the logs you posted for Gringo, I saw something that we should take a look at.
We need to see if you have the file...
C:\Windows\System32\systemcpl.dll
Unfortunately, that is a hidden system file so I don't think you can see it in Windows Explorer
I know an easy way for you to check it and get version info in XP but you are running Windows 7 and I only know how to do it in Powershell off the top of my head (or changing settings in Windows Explorer that you should not change) so, I'll look for a safe easy way for you to check for its existence and version.
I'll post when I find something or maybe someone else knows a quick way to check it and can chime in
James
We need to see if you have the file...
C:\Windows\System32\systemcpl.dll
Unfortunately, that is a hidden system file so I don't think you can see it in Windows Explorer
I know an easy way for you to check it and get version info in XP but you are running Windows 7 and I only know how to do it in Powershell off the top of my head (or changing settings in Windows Explorer that you should not change) so, I'll look for a safe easy way for you to check for its existence and version.
I'll post when I find something or maybe someone else knows a quick way to check it and can chime in
James
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
