[SOLVED] System Interrupts process using 70% of CPU until I open task manager ?

[GeorgeMontas]

Today my laptop's fans started going crazy so I instantly opened task manager to check if something was wrong and there was a process running for a few seconds called System Interrupts which was using 70% of the cpu but then went down after about two seconds of having the task manager opened. Before this happened karpesky cloud security warned me about a trojan that was in my computer so I deleted it as fast as possible but my desktop went completly black and a lot of pop-up errors started appearing. After deleting the trojan I thought everything was going to be fine but now this is happening. I read that System Interrupts is not a virus (and I can pretty much confirm that because I ran several scans with Avast, Malwarebytes and kapesky and neither of them detected anything) but I don't know how to fix this and it has me really stressed out.

I'll apreciate any help I can get and thanks in advance to anyone that can help me with this issue.

Also, sorry if this doesn't qualify as an Antivirus thread but I didn't know where else to post it and I'am desperate.

 

[GeorgeMontas]

Hey, maybe something about the drivers is messed up in my computer. Remember that when Karpesky detected malware my whole desktop went black and I could only see google chrome and karpesky, also a lot of error messages started popping up on my screen, maybe that has something to do with my issue.

 

[mdd1963]

Get whatever files are important backed up to somewhere else... (preferably two copies on two separate drives/locations)

Nuke and pave.

Nothing is surviving a 'nuke and pave' (deleting all partitions/quick formatting/full reinstall of everything....)

 

[GeorgeMontas]

It seems that if I change my performance control settings to default it runs quieter but the cpu is at around 80 degrees while idle which is concerning. Also what really has me stressed is that I could have malware installed without me even knowing. I guess I'll try cleaning the fans later on to see if it makes any difference, I'll also try to run daily eset scans to see if it detects anything.

 

[Johnwmel]

"I have Important files on my computer and I don't have a backup"
You can always take the drive out & slave it to another comp & get your stuff. Use an usb sata hard drive adapter or anything that connects the drive to another comp.
usb sata hard drive adapter
https://cutt.ly/1bC7lkW

 

[digitalgriffin]

Today my laptop's fans started going crazy so I instantly opened task manager to check if something was wrong and there was a process running for a few seconds called System Interrupts which was using 70% of the cpu but then went down after about two seconds of having the task manager opened. Before this happened karpesky cloud security warned me about a trojan that was in my computer so I deleted it as fast as possible but my desktop went completly black and a lot of pop-up errors started appearing. After deleting the trojan I thought everything was going to be fine but now this is happening. I read that System Interrupts is not a virus (and I can pretty much confirm that because I ran several scans with Avast, Malwarebytes and kapesky and neither of them detected anything) but I don't know how to fix this and it has me really stressed out.

I'll apreciate any help I can get and thanks in advance to anyone that can help me with this issue.

Also, sorry if this doesn't qualify as an Antivirus thread but I didn't know where else to post it and I'am desperate.

I hate to say it, but hiding CPU usage when task manger comes up is a common tactic of viruses. They also hide when they see virus scanners starting. You might have a potential miner on your machine. Execute a full drive scan.

 

[digitalgriffin]

Honestly, I think that the best option will be to wipe the computer but I don't want to do it because I have Important files on my computer and I don't have a backup. Also, I've read about many people that have wiped their computer and even then the problem persisted.

Grab a 256MB USB stick and transfer your files that are im

It seems that if I change my performance control settings to default it runs quieter but the cpu is at around 80 degrees while idle which is concerning. Also what really has me stressed is that I could have malware installed without me even knowing. I guess I'll try cleaning the fans later on to see if it makes any difference, I'll also try to run daily eset scans to see if it detects anything.

Okay this might not be a virus. 80C while idle could also be your thermal paste is failing so it is thermal throttling causing high CPU usage. The way to tell is look at you GPUz and check the MHz to see if it's making stock speed or throttled speed. Some modern CPU's can go as low at 500MHz when they thermal throttle making the system sluggish.

It's still very odd that all this goes away when you run task manager. So it could be either at this point.

 

[Stephanie_Sy]

Updating your BIOS is the final go

 

[mdd1963]

If you have WIn10 installer media on USB flash drive, and are installing to SSD, installing Win10 takes about 4-5 min these days...

If your fans ramp up consistently until you open task manager, I'd guess there is a 99+% chance that your system is infected.

Gather needed drivers for your hardware (mainboard, GPU, etc.) ahead of time...

There are hundreds of tutorials on installing WIn10 available on YOutube...

 

[Johnwmel]

"I have Important files on my computer and I don't have a backup"
Once you have done your recovery of your files, proceed with this.

Extract from your logs.
"AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}"

They are all fighting each other, just one is all you need, I use Windows Defender.
Kasperksy Lab Products Remover
https://www.softpedia.com/get/Tweak/Uninstallers/Kaspersky-Anti-Virus-Remover.shtml

Removal tool for Kaspersky applications (kavremover)

To completely remove a Kaspersky application from your computer, download and run the free kavremover tool.

support.kaspersky.com

http://www.bleepingcomputer.com/download/kasperksy-lab-products-remover/

McAfee Consumer Products Removal tool
http://service.mcafee.com/FAQDocument.aspx?id=TS101331

Download McAfee Removal Tool (mcpr) 10.4.103.0

Download McAfee Removal Tool (mcpr) - Completely remove McAfee applications installed on your computer, including leftover files and folders by following several steps

www.softpedia.com

Download McAfee Consumer Products Removal tool

The McAfee Consumer Products Removal tool allows you to remove McAfee consumer products in the event that they become damaged or are unable to uninstall properly through the Windows control panel.

www.bleepingcomputer.com

 

[Johnwmel]

After sorting out your AV's, proceed with Farbar.

Copy & Paste the text below ( starting CreateRestorePoint: ) save it into Notepad on your Desktop & name it fixlist.txt
NOTE: It is important that Notepad is used. The fix will not work if Word or some other program is used.
NOTE: It is important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

CreateRestorePoint:
emptytemp:
closeprocesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S3 ThrottleStop; C:\Users\jorge\AppData\Local\Temp\ThrottleStop.sys [50216 2021-05-02] (TechPowerUp LLC -> ) <==== ATTENTION
S2 AMDRyzenMasterDriverV14; \??\C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys [X]
U3 aswbdisk; no ImagePath
Links version 1.0 (HKU\S-1-5-21-7150012-2595585322-3432577390-1001\...\Links_is1) (Version: 1.0 - Links) <==== ATTENTION
FirewallRules: [UDP Query User{3A664EA0-A8DA-4F32-A7E8-6972C2EA3F00}C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{573DDB96-AE2F-4326-8384-20B0EEAED9FB}C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{1250C6B8-5F55-48C2-B364-B0A0CEFA6DB4}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [{A255D2E3-2348-4536-B142-5B59263603C7}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [UDP Query User{4CB0CA02-F1AA-4EB7-93E7-A867859E12AF}C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{898E9EEA-0998-48B1-A8FB-B33677290588}C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\jorge\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{79134B7F-7E3A-40C8-888E-80115F8852D3}] => (Block) C:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [{5AAD18EF-158A-4F4E-B59A-C8E7628610BB}] => (Block) C:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [UDP Query User{F4E61F37-0B32-4591-92A0-7815D65CDD6E}C:\games\monopoly plus\monopoly.exe] => (Allow) C:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [TCP Query User{BBAE5185-6871-41E6-9092-F0B71ECF4A0F}C:\games\monopoly plus\monopoly.exe] => (Allow) C:\games\monopoly plus\monopoly.exe => No File
FirewallRules: [{774BE290-DF43-40D4-A0D6-EF1C83033A24}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{1ED020A3-383B-421B-BEF6-8E27BF7BBA64}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{7BFB9D4A-4742-4ACA-9850-ACBBFA276885}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{1E0E5A2A-817C-42B9-BA57-07990F5E0786}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{6F27136F-9AD0-4F31-A193-9A068AD29CCF}] => (Block) C:\games\rust\skinclient.exe => No File
FirewallRules: [{986DC07B-EB52-485C-9265-E94AC8B5EB4B}] => (Block) C:\games\rust\skinclient.exe => No File
FirewallRules: [UDP Query User{DBBBEF59-3D8E-4F6D-9C2A-A2BB6BA912A3}C:\games\rust\skinclient.exe] => (Allow) C:\games\rust\skinclient.exe => No File
FirewallRules: [TCP Query User{29E53CB5-C380-414B-8353-744BB9099A48}C:\games\rust\skinclient.exe] => (Allow) C:\games\rust\skinclient.exe => No File
FirewallRules: [{F25BED18-D1D2-40EC-A94D-E679D55FF68C}] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{09AFA960-E983-4049-B4D3-D9A10038716D}] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [UDP Query User{3A00D46A-C29B-4B59-8ACB-D4C2C3D36D40}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [TCP Query User{62D7FB92-C183-4FED-96EF-90DAA2F36284}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{F4CC69E7-FF9C-4C83-8509-4CDBB357E508}] => (Block) C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [{A33A9579-7EF9-4BB6-8A33-ED5CDDDF164B}] => (Block) C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{80A682A0-7F64-4D21-9197-AFF0DA119FD7}C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{91257A5F-6878-4046-B978-3C88D5B7FF65}C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) C:\program files\epic games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [{C145967A-CD21-45BA-9911-FBB80621BDF7}] => (Block) C:\games\pummel party\pummelparty.exe => No File
FirewallRules: [{D9C9DBBA-CE16-4BEB-8E20-E22B109A5FEA}] => (Block) C:\games\pummel party\pummelparty.exe => No File
FirewallRules: [UDP Query User{F4133933-7D66-40BF-A51B-337B920155F9}C:\games\pummel party\pummelparty.exe] => (Allow) C:\games\pummel party\pummelparty.exe => No File
FirewallRules: [TCP Query User{2AE20E17-8915-4534-980A-F72906B2DA3B}C:\games\pummel party\pummelparty.exe] => (Allow) C:\games\pummel party\pummelparty.exe => No File
FirewallRules: [{3C7ECF3F-7A50-4224-AB0D-165B3941278E}] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [{136FF0A2-067F-47C7-BF8F-D9E66846ED49}] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{792443FC-1F85-445B-9001-2E63B6FAE320}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{66C116B0-0667-454C-924A-B204538BFDFC}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [{EA0777DF-C013-4223-A57F-E698B9F03D4F}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{4A93797A-8CE9-46F4-AF55-1AB55F5148A7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{C008A968-F12B-4D85-ABE9-11E9F1F13887}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{88C7F585-14E6-458A-B040-F497AE1B8F81}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{FCD4BE99-EC1C-450A-B8EB-4AB853D92CEE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{F4594E1D-43C6-4ACB-9CB1-8113B1744996}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{33B16989-7563-4650-AEAD-73E353A22CAD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{8B1EA8C6-45FC-41E5-848C-39EB042FFDB4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{D1FBBBCD-D1BC-461C-8831-473C06629CF6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{996F39A9-16A3-490F-8D8F-6015322FA0DB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [UDP Query User{7175FE4B-4CF6-4AEB-99DF-347B1810E7C8}C:\users\jorge\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\jorge\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{1D148F50-324B-493F-AF6D-33B879BBAE76}C:\users\jorge\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\jorge\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [{D1F53656-97BA-499E-B7FF-503D313510B6}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{CECCB3BE-C08E-4973-92A4-3427B0D37166}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{D47222BA-82DF-42B7-9380-CF6765D91AE0}] => (Allow) C:\Users\jorge\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{23AD6A08-E642-4160-B0B7-747B338E1846}] => (Allow) C:\Users\jorge\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{321657E2-1673-48DB-8C19-3525CE10AF87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3ED98559-8BE2-406A-8699-4325D4E8D614}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BA51A66C-1C49-42CA-A261-B33840B1885C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.4.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\omen.exe => No File
FirewallRules: [{F1D396B4-EB61-46A1-9D34-A636C37A9473}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.4.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\omen.exe => No File
FirewallRules: [{8468FE29-780E-43C2-84AA-3235A11EC66E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.4.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\omen.exe => No File
FirewallRules: [{9A4CF2A4-AF71-400D-94C4-896296C869F2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.4.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\omen.exe => No File
FirewallRules: [TCP Query User{3650C22C-1EA3-463D-ABF3-1C78089994D5}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D23489B9-785C-4A16-A83A-08169787A55F}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7D817F7B-E8E6-407C-857E-0385B38B0093}C:\program files (x86)\common files\oracle\java\javapath_target_70243000\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_70243000\java.exe => No File
FirewallRules: [UDP Query User{56E93439-81FE-4C6C-9B43-363FDE7FE8AE}C:\program files (x86)\common files\oracle\java\javapath_target_70243000\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_70243000\java.exe => No File
FirewallRules: [TCP Query User{A587BF84-1D55-47B9-86EE-A942B1784D7E}C:\users\jorge\downloads\anydesk.exe] => (Allow) C:\users\jorge\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{F761A0B2-37AA-4803-8342-4DFB31334E7C}C:\users\jorge\downloads\anydesk.exe] => (Allow) C:\users\jorge\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{A1346FFA-FE54-4778-9164-C3C4570C7507}C:\users\jorge\onedrive\escritorio\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe] => (Allow) C:\users\jorge\onedrive\escritorio\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe => No File
FirewallRules: [UDP Query User{8B3DFCCE-9B85-4397-8DB6-C992B58130C7}C:\users\jorge\onedrive\escritorio\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe] => (Allow) C:\users\jorge\onedrive\escritorio\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe => No File
FirewallRules: [TCP Query User{1D92F935-6EB9-489D-B308-6D8B38B47098}C:\games\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe] => (Allow) C:\games\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe => No File
FirewallRules: [UDP Query User{FF25FB9A-F70F-4246-BF60-175FF51D019B}C:\games\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe] => (Allow) C:\games\zelda mm3d 4k 1.2 (1080p)\zelda mm3d 4k.exe => No File
FirewallRules: [TCP Query User{22FD803C-AEA8-494B-AA6C-C696F8A018A1}C:\users\jorge\appdata\local\temp\rar$exa21012.41407\visualboyadvance.exe] => (Allow) C:\users\jorge\appdata\local\temp\rar$exa21012.41407\visualboyadvance.exe => No File
FirewallRules: [UDP Query User{5421B28E-D737-48EB-8592-5D9E31642377}C:\users\jorge\appdata\local\temp\rar$exa21012.41407\visualboyadvance.exe] => (Allow) C:\users\jorge\appdata\local\temp\rar$exa21012.41407\visualboyadvance.exe => No File
FirewallRules: [TCP Query User{B67F3A40-8268-4BA2-9C65-DD8FCD0A5876}C:\users\jorge\onedrive\escritorio\visualboyadvance.exe] => (Allow) C:\users\jorge\onedrive\escritorio\visualboyadvance.exe => No File
FirewallRules: [UDP Query User{487B71AE-2009-4CC0-BFE3-C2E14D425CA0}C:\users\jorge\onedrive\escritorio\visualboyadvance.exe] => (Allow) C:\users\jorge\onedrive\escritorio\visualboyadvance.exe => No File
FirewallRules: [TCP Query User{993B2856-762D-4762-B0BE-2023FE5F159A}C:\users\jorge\onedrive\escritorio\docs\visualboyadvance.exe] => (Allow) C:\users\jorge\onedrive\escritorio\docs\visualboyadvance.exe => No File
FirewallRules: [UDP Query User{279C2795-22BD-4B06-815C-EBC19AAA121C}C:\users\jorge\onedrive\escritorio\docs\visualboyadvance.exe] => (Allow) C:\users\jorge\onedrive\escritorio\docs\visualboyadvance.exe => No File
FirewallRules: [TCP Query User{EC75FFAE-16A5-4B0C-AE92-AC9D930C1242}C:\program files\dolphin\dolphin.exe] => (Allow) C:\program files\dolphin\dolphin.exe => No File
FirewallRules: [UDP Query User{4286CEBC-F7A5-4866-9120-3B4D042919F4}C:\program files\dolphin\dolphin.exe] => (Allow) C:\program files\dolphin\dolphin.exe => No File
FirewallRules: [TCP Query User{70011EFE-6BF3-45DF-B018-62BF1B595AFA}C:\users\jorge\onedrive\escritorio\docs\dolphin-x64\dolphin.exe] => (Allow) C:\users\jorge\onedrive\escritorio\docs\dolphin-x64\dolphin.exe => No File
FirewallRules: [UDP Query User{63271D4D-CB68-4D16-B48E-A066DAA7A11C}C:\users\jorge\onedrive\escritorio\docs\dolphin-x64\dolphin.exe] => (Allow) C:\users\jorge\onedrive\escritorio\docs\dolphin-x64\dolphin.exe => No File
FirewallRules: [{652E3677-D7F0-493A-AD96-361EDC71184C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe => No File

Open FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that, let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please Copy & Paste the contents into your reply.
Refer these SS if needed.

https://imgur.com/xTu6PFk

View: https://i.imgur.com/xTu6PFk.gif
or http://fs5.directupload.net/images/160724/72ewmng9.gif

https://imgur.com/VI0Kepw

View: https://i.imgur.com/VI0Kepw.gif
or http://fs5.directupload.net/images/160724/ydize94g.gif

https://imgur.com/v9Vo7ph

View: https://i.imgur.com/v9Vo7ph.gif
or http://fs5.directupload.net/images/160724/74v8epf5.gif

https://imgur.com/BrZoLf8

View: https://i.imgur.com/BrZoLf8.gif
or http://fs5.directupload.net/images/160724/64qho6nj.gif

https://imgur.com/duo27RF

View: https://i.imgur.com/duo27RF.gif
or http://fs5.directupload.net/images/160724/2bspfra3.gif

 

[mdd1963]

Honestly, I think that the best option will be to wipe the computer but I don't want to do it because I have Important files on my computer and I don't have a backup. Also, I've read about many people that have wiped their computer and even then the problem persisted.

With 2, 3, and 4 TB external USB hard drives at about $50-$65 these days, there is little reason for not having two (or better yet, 3!) copies of anything worth having...

If Kaspersky (you can add HItman Pro 64 and Malwarebytes Antimalware) is finding something, that is not a good sign...

You can play with assorted tools for 4-6 hours, or, back up the data you need, and, given USB installer media and an SSD for the OS, WIn10 can be reinstalled in 10 minutes. (Yes, reinstalling required drivers ideally takes some research/file downjoading ahead of time; gather these drivers from laptop manufacturer at manufacturer's support section)