Virus? Programme werden installiert

Start::
CloseProcesses:
HKLM\...\RunOnce: [ndubl4cron4] => C:\Program Files (x86)\UHUJ\117822354.exe [374784 2020-06-12] () [Datei ist nicht signiert]
Unlock: C:\Program Files (x86)\UHUJ
File: C:\Program Files (x86)\UHUJ\117822354.exe
VirusTotal: C:\Program Files (x86)\UHUJ\117822354.exe
C:\Program Files (x86)\UHUJ
Unlock: C:\Users\Testen\AppData\Roaming\trhgdf.exe
VirusTotal: C:\Users\Testen\AppData\Roaming\trhgdf.exe
C:\Users\Testen\AppData\Roaming\trhgdf.exe
Unlock: C:\ProgramData\L8DIAW0RU8s63.exe
VirusTotal: C:\ProgramData\L8DIAW0RU8s63.exe
C:\ProgramData\L8DIAW0RU8s63.exe
C:\Users\Testen\AppData\Roaming\focusvpnep
C:\Users\Testen\AppData\Roaming\defendsstatie
C:\Users\Testen\AppData\LocalLow\3098htrhpen8ifg0
C:\ProgramData\Garbage Cleaner
C:\ProgramData\frd
C:\3iwerj34jfewkjde3kwek56ks
C:\334iuwr4943rjfreuf
S3 mracsvc; C:\Windows\System32\mracsvc.exe [19136152 2020-02-17] (Mail.Ru LLC -> LLC Mail.Ru)
C:\Windows\System32\mracsvc.exe
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [18367968 2020-02-17] (Mail.Ru LLC -> LLC Mail.Ru)
C:\WINDOWS\System32\drivers\mracdrv.sys
Task: {17DC1198-17AF-410F-89C7-5CA1BC165FA3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
C:\Windows\System32\Tasks\Avast Software
C:\Program Files\Common Files\AVAST Software
Task: {8014D5BA-87FD-456C-9187-3DC40DB0A4BA} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
C:\Windows\System32\Tasks\AVG
C:\Program Files\Common Files\AVG
Task: {A2DF092D-9ACB-4E25-9ADA-6EC701F9264F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-17] (Mozilla Corporation -> Mozilla Foundation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
Folder: C:\ProgramData\Java
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
CMD: sc config WinDefend start= auto
CMD: sc start WinDefend
CMD: sc start WdNisSvc
powershell: Set-MpPreference -DisableRealtimeMonitoring $False
powershell: Set-MpPreference -PUAProtection Enabled
Hosts:
RemoveProxy:
SystemRestore: On
EmptyTemp:
End::
         

SearchAll: UHUJ;trhgdf;L8DIAW0RU8s63;Garbage Cleaner;GarbageCleaner