I found an odd folder in my C:/Users/User/Appdata/Local/Temp folder called 7ZipSfx.000, and when I searched it up it seemed to be linked to multiple trojans.
Now, as soon as I saw this I started to investigate what happened. The folder was created at 8:43:14 PM, on August 29, 2021. This was shortly after I reinstalled Windows.
After this, I checked Event Viewer to see what was going on and see if I could get any support from the logs in Event Viewer. Surely enough, two services had generated Logon events and a Security Group Management event was created by C:\Windows\System32\VSSVC.exe, which supposedly stands for Volume Shadow Copy Service, and is a Microsoft signed file.
A couple seconds later in the Event Viewer, hundreds of Audit Policy Changes had occurred, all caused by C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe, changing the security descriptors. There were then User Account Management tasks logged, which were caused by avp.exe, belonging to Kaspersky Security Cloud.
Shortly after this, vault credentials were read.
Should I be concerned? Is this the work of a virus, or is it simply just a Windows update occurring, or Windows Defender/Kaspersky updating their databases? I have been very paranoid and stressed about malware on my computer since I was infected last week, and would like some input on the matter. I will not be available on my computer all day, but I will be willing to provide more detail on the event viewer logs. Thanks!