﻿Fix result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by eduar (2016-04-13 17:21:49) Run:1
Running from C:\Users\eduar\Desktop
Loaded Profiles: eduar (Available Profiles: eduar)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: c:\programdata\msiql.exe
c:\programdata\msiql.exe
File: c:\programdata\testlive.exe
c:\programdata\testlive.exe
File: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
HKU\S-1-5-21-1488272672-2433312044-1902149314-1001\...\Run: [msiql] => c:\programdata\msiql.exe /RUNNING
HKU\S-1-5-21-1488272672-2433312044-1902149314-1001\...\Run: [testLive] => c:\programdata\testlive.exe /RUNNING
2016-04-13 16:32 - 2016-04-13 16:32 - 00011772 _____ C:\Users\eduar\Desktop\FRST.txt
2016-04-13 14:59 - 2016-04-13 14:59 - 00002336 _____ C:\Users\eduar\Desktop\sken.txt
2016-04-13 09:01 - 2016-04-13 09:04 - 00000000 ____D C:\AdwCleaner
2016-04-13 08:59 - 2016-04-13 09:01 - 03465280 _____ C:\Users\eduar\Desktop\AdwCleaner.exe
2016-04-10 13:17 - 2016-04-12 08:58 - 00000000 ____D C:\Program Files\trend micro
2016-04-10 13:17 - 2016-04-10 13:17 - 00000000 ____D C:\rsit
2016-04-10 12:46 - 2016-04-10 13:16 - 01222144 _____ C:\Users\eduar\Desktop\RSITx64.exe
Folder: C:\Users\eduar\AppData\Roaming\gplyra
2016-04-10 10:39 - 2016-04-10 10:40 - 00000000 ____D C:\Users\eduar\AppData\Roaming\gplyra
Folder: C:\ProgramData\Windows Update
File: C:\ProgramData\hp.exe
Folder: C:\Users\eduar\AppData\Roaming\dlg
File: C:\Users\eduar\AppData\Roaming\my_intel.sys
File: C:\Users\eduar\AppData\Roaming\sp_data.sys
CMD: type C:\ProgramData\webad.xml
Folder: C:\WINDOWS\system32\Drivers\etc
CMD: type C:\WINDOWS\system32\Drivers\etc\hosts
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: c:\programdata\msiql.exe ========================

"c:\programdata\msiql.exe" => not found.
====== End of File: ======

"c:\programdata\msiql.exe" => not found.

========================= File: c:\programdata\testlive.exe ========================

"c:\programdata\testlive.exe" => not found.
====== End of File: ======

"c:\programdata\testlive.exe" => not found.

========================= File: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe ========================

File is digitally signed
MD5: 83A7349CB85635074D283C3256C33F5D
Creation and modification date: 2015-10-30 09:18 - 2015-10-30 09:18
Size: 2100064
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======

HKU\S-1-5-21-1488272672-2433312044-1902149314-1001\Software\Microsoft\Windows\CurrentVersion\Run\\msiql => value removed successfully
HKU\S-1-5-21-1488272672-2433312044-1902149314-1001\Software\Microsoft\Windows\CurrentVersion\Run\\testLive => value removed successfully
"C:\Users\eduar\Desktop\FRST.txt" => not found.
C:\Users\eduar\Desktop\sken.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\eduar\Desktop\AdwCleaner.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\eduar\Desktop\RSITx64.exe => moved successfully

========================= Folder: C:\Users\eduar\AppData\Roaming\gplyra ========================


====== End of Folder: ======

C:\Users\eduar\AppData\Roaming\gplyra => moved successfully

========================= Folder: C:\ProgramData\Windows Update ========================

2016-04-10 10:40 - 2016-04-10 11:39 - 0000000 ____D () C:\ProgramData\Windows Update\tmp

====== End of Folder: ======


========================= File: C:\ProgramData\hp.exe ========================

File not signed
MD5: 6688A191E46C63B6D8D83F1DDBF70D49
Creation and modification date: 2016-04-10 10:40 - 2016-04-06 00:37
Size: 0114176
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


========================= Folder: C:\Users\eduar\AppData\Roaming\dlg ========================


====== End of Folder: ======


========================= File: C:\Users\eduar\AppData\Roaming\my_intel.sys ========================

File not signed
MD5: CA4A865B04D84129AC08664560AA7CCD
Creation and modification date: 2016-03-22 12:11 - 2016-03-22 12:11
Size: 0000021
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


========================= File: C:\Users\eduar\AppData\Roaming\sp_data.sys ========================

File not signed
MD5: 7BDC3C37E27FF1A8625D9D3C3BF43B32
Creation and modification date: 2016-03-22 12:10 - 2016-04-13 17:13
Size: 0000081
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


=========  type C:\ProgramData\webad.xml =========

󴡠캩쩢𾣣𯪫쨭쨩켣𨭵𻩮칾㻻⮪⼻켺켺쯤쯤쏠컢컢𻩮칾㢩⯢⯣㠣⼤󿥸쯤켺켺쯤쯤죪㻩𻩮칾㸾⯯켺켺쯤쯤쏠컢컢𻩮칾㸾⯯㤸㍹៸⤸쯤쉪죪썹쎣켺켺쯤쯤죪㻩𻩮칾㨹⯯켺켺쯤쯤쏠컢컢𻩮칾㨹⯯쯤잣켺켺쯤쯤죪㻩𻩮칾㯤⯯켺켺쯤쯤쏠컢컢𻩮칾㯤⯯㎹㍹⤸쯤셢싹츣쎹쏭켺켺쯤쯤죪㻩𻩮칾㫭⯯켺켺쯤쯤쏠컢컢𻩮칾㫭⯯쯤셢섣잩켺켺쯤쯤죪㻩𻩮칾㾣⯯켺켺쯤쯤쏠컢컢𻩮칾㾣⯯쯤옹싾윾켺켺쯤쯤죪㻩𻩮칾㥦⯯켺켺쯤쯤쏠컢컢𻩮칾㥦⯯㤸㏣ሥ㚥ሥ⤸쯤캿윭쎭켺켺쯤쯤죪㻩𻩮칾㻤⯯켺켺쯤쯤쏠컢컢𻩮칾㻤⯯㤸㜣⤸쯤오윣쥢켺켺쯤쯤죪㻩𻩮칾㫹⯯켺켺쯤쯤쏠컢컢𻩮칾㫹⯯㤸㡣㙢⤸쯤샪쏭썹쟵켺켺쯤쯤죪㻩𻩮칾㿤⯯㤸㈥켺켺쯤쯤쏠컢컢𻩮칾㿤⯯㤸㛩⤸쯤옣쎹쎩슭쁭앣잩켺켺쯤쯤죪㻩𻩮칾㿶⢩켺켺쯤쯤쏠컢컢𻩮칾㿶⢩㤸㛩ሩ⤸쯤쉺웤쟸켺켺쯤쯤죪㻩𻩮칾㠹⯯켺켺쯤쯤쏠컢컢𻩮칾㠹⯯㪠㍯⤸쯤숩켺켺쯤쯤죪𻩮칾㠹⯯㪠㍯⤸쯤오섩켺켺쯤쯤죪𻩮칾㠹⯯㪠㟤⤸쯤젩쿤쥢츤쿧켺켺쯤쯤죪𻩮칾㠹⯯㪠㟤⤸쯤쮾켺켺쯤쯤죪𻩮칾㠹⯯㪠㟤⤸쯤졣켺켺쯤쯤죪𻩮칾㠹⯯㪠㟤⤸쯤쨣켺켺쯤쯤죪𻩮칾㠹⯯㪠㟤⤸쯤쿹쾭켺켺쯤쯤죪㻩𻩮칾㢩⯯켺켺쯤쯤쏠컢컢𻩮칾㢩⯯⤸쯤썿켺켺쯤쯤죪𻩮칾㢩⯯⤸쯤오윥켺켺쯤쯤죪𻩮칾㢩⯯⤸쯤숾켺켺쯤쯤죪𻩮칾㢩⯯⤸쯤쟠켺켺쯤쯤죪𻩮칾㢩⯯⤸쯤섹켺켺쯤쯤죪𻩮칾㢩⯯⤸쯤켺켺쯤쯤죪㻩𻩮칾㿥⯯켺켺쯤쯤쏠컢컢𻩮칾㿥⯯ど⤸쯤섩켺켺쯤쯤죪𻩮칾㿥⯯ど⤸쯤섩켺켺쯤쯤죪𻩮칾㿥⯯㈥⤸쯤줩켺켺쯤쯤죪㻩𻩮칾⯣켺켺쯤쯤쏠컢컢𻩮칾⯣㪠㟤⤸쯤쨣켺켺쯤쯤죪㻩𻩮칾㿩⯯켺켺쯤쯤쏠컢컢𻩮칾㿩⯯⤸쯤켺켺쯤쯤죪㻩𻩮칾㡭⯯켺켺쯤쯤쏠컢컢𻩮칾㡭⯯㤸㏣ሥ㍥ᄅ⤸쯤슣옾썥켺켺쯤쯤죪𻩮칾㡭⯯㤸㏣ሥ㍠⤸쯤츣윾죾썠썠켺켺쯤쯤죪𻩮칾㡭⯯㤸㏣ሥ㚥ሥ⤸쯤옾썾켺켺쯤쯤죪𻩮칾㡭⯯㤸㏣ሥ㍠⤸쯤옥쪣쁭섣켺켺쯤쯤죪㻩𻩮칾㸣⯯켺켺쯤쯤쏠컢컢𻩮칾㸣⯯㤸㏤ᆩ⤸쯤쀣쭸슾솩샻켺켺쯤쯤죪㻩𻩮칾㯨⯯켺켺쯤쯤쏠컢컢𻩮칾㯨⯯㪠㍯⤸쯤숩켺켺쯤쯤죪𻩮칾㯨⯯㪠㍯⤸쯤오섩켺켺쯤쯤죪𻩮칾㯨⯯㪠㟤⤸쯤젩쿤쥢츤쿧켺켺쯤쯤죪𻩮칾㯨⯯㪠㟤⤸쯤쮾켺켺쯤쯤죪𻩮칾㯨⯯㪠㟤⤸쯤졣켺켺쯤쯤죪𻩮칾㯨⯯㪠㟤⤸쯤쨣켺켺쯤쯤죪𻩮칾㯨⯯㪠㟤⤸쯤쿹쾭켺켺쯤쯤죪㻩𻩮칾㤹⯯켺켺쯤쯤쏠컢컢𻩮칾㤹⯯㪠㍯⤸쯤숩켺켺쯤쯤죪𻩮칾㤹⯯㪠㍯⤸쯤오섩켺켺쯤쯤죪𻩮칾㤹⯯㪠㟤⤸쯤젩쿤쥢츤쿧켺켺쯤쯤죪𻩮칾㤹⯯㪠㟤⤸쯤쮾켺켺쯤쯤죪𻩮칾㤹⯯㪠㟤⤸쯤졣켺켺쯤쯤죪𻩮칾㤹⯯㪠㟤⤸쯤쨣켺켺쯤쯤죪𻩮칾㤹⯯㪠㟤⤸쯤쿹쾭켺켺쯤쯤죪㻩𻩮칾㻻⫣⯯켺켺쯤쯤쏠컢컢𻩮칾㻻⫣⯯㤸㈥⤸쯤쭢삹켺켺쯤쯤죪𻩮칾㻻⫣⯯㤸㛩⤸쯤섩켺켺쯤쯤죪𻩮칾㻻⫣⯯㤸㛩⤸쯤켺켺쯤쯤죪㻩𻩮칾㻻ⶹ⯯켺켺쯤쯤쏠컢컢𻩮칾㻻ⶹ⯯㪠㍯⤸쯤숩켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㍯⤸쯤오섩켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㟤⤸쯤젩쿤쥢츤쿧켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㟤⤸쯤쮾켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㟤⤸쯤졣켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㟤⤸쯤쨣켺켺쯤쯤죪𻩮칾㻻ⶹ⯯㪠㟤⤸쯤쿹쾭켺켺쯤쯤죪㻩𻩮칾㨭⯯켺켺쯤쯤쏠컢컢𻩮칾㨭⯯ど⤸쯤섩켺켺쯤쯤죪𻩮칾㨭⯯ど⤸쯤섩켺켺쯤쯤죪𻩮칾㨭⯯㈥⤸쯤줩켺켺쯤쯤죪㻩𻩮칾㻻⨥⯯켺켺쯤쯤쏠컢컢𻩮칾㻻⨥⯯㪠㍯⤸쯤숩켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㍯⤸쯤오섩켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㟤⤸쯤젩쿤쥢츤쿧켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㟤⤸쯤쮾켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㟤⤸쯤졣켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㟤⤸쯤쨣켺켺쯤쯤죪𻩮칾㻻⨥⯯㪠㟤⤸쯤쿹쾭켺켺쯤쯤죪㻩𻩮칾㨥⯯켺켺쯤쯤쏠컢컢𻩮칾㨥⯯⤸쯤썿켺켺쯤쯤죪𻩮칾㨥⯯⤸쯤오윥켺켺쯤쯤죪𻩮칾㨥⯯⤸쯤숾켺켺쯤쯤죪𻩮칾㨥⯯⤸쯤쟠켺켺쯤쯤죪㻩𻩮칾㨩⯯켺켺쯤쯤쏠죪컢컢𻩮칾㨩⯯㿧ᯭ㏣⤸쯤쟹썮켺켺쯤쯤죪㻩𻩮칾㼣⯯켺켺쯤쯤쏠컢컢𻩮칾㼣⯯㤸㈥⤸쯤쭢삹켺켺쯤쯤죪𻩮칾㼣⯯㤸㛩⤸쯤섩켺켺쯤쯤죪𻩮칾㼣⯯㤸㛩⤸쯤켺켺쯤쯤죪㻩㨭㾣
========= End of CMD: =========


========================= Folder: C:\WINDOWS\system32\Drivers\etc ========================

2015-10-30 09:24 - 2016-04-10 15:32 - 0000821 _____ () C:\WINDOWS\system32\Drivers\etc\hosts
2016-04-10 15:32 - 2016-04-10 10:30 - 0001006 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ccebak
2016-04-10 10:31 - 2016-04-10 10:30 - 0001006 _____ () C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-10-30 09:24 - 2015-10-30 09:21 - 0003683 _____ () C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-10-30 09:24 - 2015-10-30 09:21 - 0000407 _____ () C:\WINDOWS\system32\Drivers\etc\networks
2015-10-30 09:24 - 2015-10-30 09:21 - 0001358 _____ () C:\WINDOWS\system32\Drivers\etc\protocol
2015-10-30 09:24 - 2015-10-30 09:21 - 0017463 _____ () C:\WINDOWS\system32\Drivers\etc\services

====== End of Folder: ======


=========  type C:\WINDOWS\system32\Drivers\etc\hosts =========

# Copyright (c) 1993-2004 Microsoft Corp.
#
# AutoGenerated by Microsoft (R) Malware Protection Engine.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
::1             localhost 
========= End of CMD: =========

C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully

=========  dir "C:\PROGRA~1" =========

 Volume in drive C has no label.
 Volume Serial Number is 7498-5E1D

 Directory of C:\PROGRA~1

13.04.2016  17:22    <DIR>          .
13.04.2016  17:22    <DIR>          ..
22.03.2016  10:59    <DIR>          7-Zip
22.03.2016  11:56    <DIR>          ASUS
13.04.2016  09:04    <DIR>          Common Files
22.03.2016  11:50    <DIR>          CONEXANT
22.03.2016  11:54    <DIR>          Elantech
22.03.2016  11:01    <DIR>          Internet Explorer
24.03.2016  10:22    <DIR>          Java
31.03.2016  21:07    <DIR>          LibreOffice 5
31.03.2016  21:04    <DIR>          Microsoft Office
10.04.2016  12:15    <DIR>          Microsoft Silverlight
22.03.2016  22:35    <DIR>          MPC-HC
22.03.2016  10:44    <DIR>          MSBuild
22.03.2016  10:44    <DIR>          Reference Assemblies
22.03.2016  11:50    <DIR>          SRS Labs
22.03.2016  14:13    <DIR>          Stellarium
13.02.2016  14:58    <DIR>          Windows Defender
22.03.2016  11:01    <DIR>          Windows Journal
13.02.2016  14:58    <DIR>          Windows Mail
22.03.2016  11:01    <DIR>          Windows Media Player
22.03.2016  11:01    <DIR>          Windows Multimedia Platform
30.10.2015  09:24    <DIR>          Windows NT
13.02.2016  14:58    <DIR>          Windows Photo Viewer
22.03.2016  11:01    <DIR>          Windows Portable Devices
               0 File(s)              0 bytes
              25 Dir(s)  134951129088 bytes free

========= End of CMD: =========


=========  dir "C:\PROGRA~2" =========

 Volume in drive C has no label.
 Volume Serial Number is 7498-5E1D

 Directory of C:\PROGRA~2

13.04.2016  09:04    <DIR>          .
13.04.2016  09:04    <DIR>          ..
10.04.2016  17:43    <DIR>          ASUS
13.04.2016  09:04    <DIR>          Common Files
22.03.2016  13:10    <DIR>          Intel
22.03.2016  11:01    <DIR>          Internet Explorer
22.03.2016  11:47    <DIR>          JMicron
10.04.2016  11:54    <DIR>          Malwarebytes Anti-Malware
10.04.2016  12:15    <DIR>          Microsoft Silverlight
31.03.2016  21:04    <DIR>          Microsoft.NET
22.03.2016  10:44    <DIR>          MSBuild
22.03.2016  10:44    <DIR>          Reference Assemblies
25.03.2016  10:55    <DIR>          Skype
13.02.2016  14:58    <DIR>          Windows Defender
13.02.2016  14:58    <DIR>          Windows Mail
13.02.2016  14:58    <DIR>          Windows Media Player
22.03.2016  11:01    <DIR>          Windows Multimedia Platform
30.10.2015  09:24    <DIR>          Windows NT
13.02.2016  14:58    <DIR>          Windows Photo Viewer
22.03.2016  11:01    <DIR>          Windows Portable Devices
               0 File(s)              0 bytes
              20 Dir(s)  134951129088 bytes free

========= End of CMD: =========


=========  dir "C:\PROGRA~3" =========

 Volume in drive C has no label.
 Volume Serial Number is 7498-5E1D

 Directory of C:\PROGRA~3

13.04.2016  09:04    <DIR>          Application Data
22.03.2016  12:08    <DIR>          Atheros
30.10.2015  09:24    <DIR>          Comms
06.04.2016  00:37           114176 hp.exe
22.03.2016  13:27    <DIR>          Intel
22.03.2016  13:10    <DIR>          Intel(R) Update Manager
10.04.2016  11:54    <DIR>          Malwarebytes
31.03.2016  21:04    <DIR>          Microsoft Help
13.02.2016  15:51    <DIR>          Microsoft OneDrive
31.03.2016  17:24    <DIR>          Microsoft Toolkit
24.03.2016  10:23    <DIR>          Oracle
22.03.2016  11:56    <DIR>          P4G
31.03.2016  18:36    <DIR>          Package Cache
31.03.2016  21:04    <DIR>          regid.1991-06.com.microsoft
05.04.2016  18:57    <DIR>          Skype
30.10.2015  09:24    <DIR>          SoftwareDistribution
13.02.2016  15:46    <DIR>          USOPrivate
13.02.2016  15:46    <DIR>          USOShared
10.04.2016  10:40            16815 webad.xml
10.04.2016  10:40    <DIR>          Windows Update
               2 File(s)        130991 bytes
              18 Dir(s)  134951129088 bytes free

========= End of CMD: =========


=========  dir "%localappdata%" =========

 Volume in drive C has no label.
 Volume Serial Number is 7498-5E1D

 Directory of C:\Users\eduar\AppData\Local

13.04.2016  17:21    <DIR>          .
13.04.2016  17:21    <DIR>          ..
22.03.2016  10:12    <DIR>          ActiveSync
10.04.2016  10:58    <DIR>          app
11.04.2016  18:42    <DIR>          Apps
22.03.2016  11:56    <DIR>          ASUS
04.04.2016  22:39    <DIR>          Comms
22.03.2016  18:52    <DIR>          Diagnostics
10.04.2016  19:59    <DIR>          ElevatedDiagnostics
29.03.2016  10:40    <DIR>          Google
10.04.2016  10:36    <DIR>          Microsoft
31.03.2016  17:09    <DIR>          Microsoft Help
22.03.2016  10:16    <DIR>          MicrosoftEdge
13.04.2016  17:21            29696 MSGBOX.EXE
22.03.2016  10:39    <DIR>          NetworkTiles
08.04.2016  23:02    <DIR>          Package Cache
13.04.2016  08:53    <DIR>          Packages
01.04.2016  09:58    <DIR>          PackageStaging
22.03.2016  14:14    <DIR>          PeerDistRepub
22.03.2016  13:42    <DIR>          Programs
22.03.2016  10:10    <DIR>          Publishers
22.03.2016  11:50    <DIR>          SRS Labs
22.03.2016  18:30    <DIR>          stellarium
13.04.2016  17:21    <DIR>          Temp
22.03.2016  10:10    <DIR>          TileDataLayer
10.04.2016  10:44    <DIR>          UCBrowser
08.04.2016  23:02    <DIR>          Viber
10.04.2016  11:43    <DIR>          VirtualStore
               1 File(s)         29696 bytes
              27 Dir(s)  134951124992 bytes free

========= End of CMD: =========


=========  dir "%appdata%" =========

 Volume in drive C has no label.
 Volume Serial Number is 7498-5E1D

 Directory of C:\Users\eduar\AppData\Roaming

13.04.2016  17:22    <DIR>          .
13.04.2016  17:22    <DIR>          ..
22.03.2016  10:10    <DIR>          Adobe
10.04.2016  10:33    <DIR>          dlg
10.04.2016  11:05             5120 GiftBag.db
22.03.2016  13:12    <DIR>          LibreOffice
22.03.2016  11:06    <DIR>          Macromedia
22.03.2016  22:35    <DIR>          MPC-HC
22.03.2016  12:11                21 my_intel.sys
09.04.2016  23:13    <DIR>          Skype
13.04.2016  17:13                81 sp_data.sys
22.03.2016  18:31    <DIR>          Stellarium
24.03.2016  10:23    <DIR>          Sun
11.04.2016  11:04    <DIR>          ViberPC
               3 File(s)          5222 bytes
              11 Dir(s)  134950993920 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 455.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:22:53 ====