[Solved] Windows 10 Trojan:Win32/Fuerboos.C!cl Win32/Occamy.C

Hello
Please check the logs.
Every time Dr.Web CureIt! finds something. Malwarebytes sometimes finds something and sometimes shows it's clean. Windows defender occasionally shows that it has found a threat such as:
- Trojan.Eps.38782
- Trojan: Win32 / Fuerboos.C! Cl
- Trojan: Win32 / Occamy.C
- Trojan: Win32 / Woreflint.A! Cl
- Trojan: Win32 / Emelent.B! Cl
- Trojan.WebPick9115
Often, before the end of the scan with any program, the message "The computer has encountered a problem and needs to be restarted" pops up.

Utworz punkt przywracania systemu.

Odinstaluj NarutoOnline 2.4.1.5251

Wykonaj Fixlist.txt dla FRST:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3872729047-4223950186-2412060388-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
Task: {8C965156-17C8-40B0-A65B-7BC5CAD98FEB} - System32\Tasks\MainPM => powershell -ExecutionPolicy ByPass -File pm.ps1
Task: {DC1CA028-21DC-480C-9DBD-DE4FE42D10D2} - System32\Tasks\update64 => C:\Program Files\SystemaRev\RevServicesX\updaterev.exe [2018-05-14] (SystemaRev)
HKU\S-1-5-21-3872729047-4223950186-2412060388-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
HKU\S-1-5-21-3872729047-4223950186-2412060388-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3990528 2017-10-04] (Napisy24.pl)
HKU\S-1-5-21-3872729047-4223950186-2412060388-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6168768 2016-09-15] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-3872729047-4223950186-2412060388-1001\...\MountPoints2: {5d0a8908-55d7-11e7-af27-1c3947d4a9a6} - "F:\autorun.exe"
HKU\S-1-5-18\...\Run: [] => [X]
FF user.js: detected! => C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\472p7bwi.default\user.js [2017-06-30]
S3 update64; C:\Program Files\SystemaRev\RevServicesX\updaterev.exe [594432 2018-05-14] (SystemaRev) [Brak podpisu cyfrowego]
R5 hagalkcj;

Now Windows defender showed me the threats:
2 x Trojan: Win32 / Emelent.B! Cl file: C: \ Windows \ winime.exe
3 x PWS: Win32 / Fareit file: C: \ Windows \ winime.exe
Trojan: Win32 / Azden.B! Cl file: C: \ TDSSKiller_Quarantine \ 15.05.2018_13.29.51 \ susp0001 \ svc0000 \ tsk0000.dta
Dr.Web CureIt! detected nothing.
Logs below.

New frst.txt is missing!

My bug is already adding.

Pod Windows raczej nie usuniesz tych rootkitow.

Uruchom Frst pod WinRe: https://www.fixitpc.pl/topic/4414-diagnostyka-infekcji-na-niestartuj%C4%85cych-windows/

Wykonaj Fixlist.txt:
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aljlbvyr.sys:changelist [260]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia

I made a fixlist from Windows and WinRe logs in the attachment.

Fixlist.txt last for FRST:
Task: {0CCCF149-76AB-4A27-A7D5-140D0E810E00} - \ CreateExplorerShellUnelevatedTask -> File missing File missing

Everything works. Thanks a lot for your help