Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 Ran by Roman at 2015-02-07 11:42:51 Run:4 Running from C:\Users\Roman\Downloads\FRst Loaded Profiles: Roman (Available profiles: Roman & Administrator) Boot Mode: Normal ============================================== Content of fixlist: ***************** Reg: reg query "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" Reg: reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s Reg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" Reg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" Reg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" Reg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" ***************** ========= reg query "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe FP_NO_HOST_CHECK REG_SZ NO OS REG_SZ Windows_NT Path REG_EXPAND_SZ C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Ulead Systems\Ulead DVD MovieFactory 3 SE;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE REG_SZ AMD64 TEMP REG_EXPAND_SZ %SystemRoot%\TEMP TMP REG_EXPAND_SZ %SystemRoot%\TEMP USERNAME REG_SZ SYSTEM windir REG_EXPAND_SZ %SystemRoot% PROCESSOR_LEVEL REG_SZ 21 PROCESSOR_IDENTIFIER REG_SZ AMD64 Family 21 Model 1 Stepping 2, AuthenticAMD PROCESSOR_REVISION REG_SZ 0102 NUMBER_OF_PROCESSORS REG_SZ 6 TRACE_FORMAT_SEARCH_PATH REG_EXPAND_SZ \\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat DFSTRACINGON REG_EXPAND_SZ FALSE PSModulePath REG_EXPAND_SZ %SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ AMDAPPSDKROOT REG_SZ C:\Program Files (x86)\AMD APP\ VS100COMNTOOLS REG_SZ C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\Tools\ ========= End of Reg: ========= ========= reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Users Default REG_EXPAND_SZ %SystemDrive%\Users\Default Public REG_EXPAND_SZ %SystemDrive%\Users\Public ProgramData REG_EXPAND_SZ %SystemDrive%\ProgramData HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18 Flags REG_DWORD 0xc State REG_DWORD 0x0 RefCount REG_DWORD 0x1 Sid REG_BINARY 010100000000000512000000 ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19 ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\LocalService Flags REG_DWORD 0x0 State REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20 ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\NetworkService Flags REG_DWORD 0x0 State REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-327346500-4025672244-3197130516-1000 ProfileImagePath REG_EXPAND_SZ C:\Users\Roman Flags REG_DWORD 0x0 State REG_DWORD 0x0 Sid REG_BINARY 01050000000000051500000044E9821334E2F2EF145790BEE8030000 ProfileLoadTimeLow REG_DWORD 0x0 ProfileLoadTimeHigh REG_DWORD 0x0 RefCount REG_DWORD 0x5 RunLogonScriptSync REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-327346500-4025672244-3197130516-1001 Flags REG_DWORD 0x1 State REG_DWORD 0x0 Sid REG_BINARY 01050000000000051500000044E9821334E2F2EF145790BEE9030000 ProfileLoadTimeLow REG_DWORD 0x0 ProfileLoadTimeHigh REG_DWORD 0x0 RefCount REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-327346500-4025672244-3197130516-500 ProfileImagePath REG_EXPAND_SZ C:\Users\Administrator Flags REG_DWORD 0x0 State REG_DWORD 0x304 Sid REG_BINARY 01050000000000051500000044E9821334E2F2EF145790BEF4010000 ProfileLoadTimeLow REG_DWORD 0x0 ProfileLoadTimeHigh REG_DWORD 0x0 RefCount REG_DWORD 0x0 RunLogonScriptSync REG_DWORD 0x0 ========= End of Reg: ========= ========= reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" ========= HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders !Do not use this registry key REG_SZ Use the SHGetFolderPath or SHGetKnownFolderPath function instead Local AppData REG_SZ C:\Users\Roman\AppData\Local My Video REG_SZ K:\ AppData REG_SZ C:\Users\Roman\AppData\Roaming My Pictures REG_SZ D:\ROMAN - obrazy Desktop REG_SZ C:\Users\Roman\Desktop History REG_SZ C:\Users\Roman\AppData\Local\Microsoft\Windows\History NetHood REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Network Shortcuts Cookies REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Cookies Favorites REG_SZ C:\Users\Roman\Favorites SendTo REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\SendTo Start Menu REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu My Music REG_SZ G:\Muzyka Programs REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Recent REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Recent CD Burning REG_SZ C:\Users\Roman\AppData\Local\Microsoft\Windows\Burn\Burn1 PrintHood REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Printer Shortcuts Startup REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Administrative Tools REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools Personal REG_SZ D:\ Cache REG_SZ C:\Users\Roman\AppData\Local\Microsoft\Windows\Temporary Internet Files Templates REG_SZ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Templates Fonts REG_SZ C:\Windows\Fonts Common Programs REG_SZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs ========= End of Reg: ========= ========= reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" ========= HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders AppData REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming Cache REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files Cookies REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies Desktop REG_EXPAND_SZ %USERPROFILE%\Desktop Favorites REG_EXPAND_SZ %USERPROFILE%\Favorites History REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Microsoft\Windows\History Local AppData REG_EXPAND_SZ %USERPROFILE%\AppData\Local My Music REG_EXPAND_SZ G:\Muzyka My Pictures REG_EXPAND_SZ D:\ROMAN - obrazy My Video REG_EXPAND_SZ K:\ NetHood REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts Personal REG_EXPAND_SZ D:\ PrintHood REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts Programs REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs Recent REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent SendTo REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo Startup REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Start Menu REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu Templates REG_EXPAND_SZ %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates {374DE290-123F-4565-9164-39C4925E467B} REG_EXPAND_SZ %USERPROFILE%\Downloads CD Burning REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Microsoft\Windows\Burn\Burn1 ========= End of Reg: ========= ========= reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" ========= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders Common Start Menu REG_SZ C:\ProgramData\Microsoft\Windows\Start Menu CommonVideo REG_SZ C:\Users\Public\Videos CommonPictures REG_SZ C:\Users\Public\Pictures Common Programs REG_SZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs CommonMusic REG_SZ C:\Users\Public\Music Common Administrative Tools REG_SZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools Common Startup REG_SZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Common Desktop REG_SZ C:\Users\Public\Desktop Common Documents REG_SZ C:\Users\Public\Documents OEM Links REG_SZ C:\ProgramData\OEM Links Common Templates REG_SZ C:\ProgramData\Microsoft\Windows\Templates Common AppData REG_SZ C:\ProgramData ========= End of Reg: ========= ========= reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" ========= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Common Desktop REG_EXPAND_SZ %PUBLIC%\Desktop Common Documents REG_EXPAND_SZ %PUBLIC%\Documents CommonPictures REG_EXPAND_SZ %PUBLIC%\Pictures CommonMusic REG_EXPAND_SZ %PUBLIC%\Music CommonVideo REG_EXPAND_SZ %PUBLIC%\Videos {3D644C9B-1FB8-4f30-9B45-F670235F79C0} REG_EXPAND_SZ %PUBLIC%\Downloads Common Start Menu REG_EXPAND_SZ %ProgramData%\Microsoft\Windows\Start Menu Common Programs REG_EXPAND_SZ %ProgramData%\Microsoft\Windows\Start Menu\Programs Common Startup REG_EXPAND_SZ %ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup Common AppData REG_EXPAND_SZ %ProgramData% Common Templates REG_EXPAND_SZ %ProgramData%\Microsoft\Windows\Templates ========= End of Reg: ========= ==== End of Fixlog 11:42:52 ====