Good evening, bruceyfamily!
I think I might have found the problem. Your Windows license key is still activated and valid, so you're clear there. One of the reasons I was only able to temporarily terminate the malware process is because of AM_Delta_Patch. Microsoft developed it as an update for Windows Defender (which is part of the "Anti-Malware Service Executable" process, found in Task Manager.) That appears to have been in the "urgent update" that caused the watermark. Your antivirus is the virus -- which, again, makes no sense.
You can turn off the malware process with RKill, but it'll just turn back on when Windows updates, that's the bad news. The good news is that you may be able to completely halt AM_Delta_Patch, but it means turning off Windows Updates -- I only recommend this if you can get a solid antivirus program that can effectively replace Windows Defender.
Note: If you turn Windows Update back on, there's a good chance of being re-infected with AM_Delta_Patch.
1. Download TDSSKiller by Kaspersky (BleepingComputer)
A) Click on the "EXE Version" button to download the program onto your computer. After download finishes, double-click the icon (or right-click on the icon, and choose "Open") to start.
If prompted by your computer, allow TDSSKiller permission to continue.
C) Accept the Terms of License, and allow TDSSKiller to finish initializing.
D) On the main screen, click the link that says "Change Parameters". On the following screen, check the box marked "Detect TDLFS file system" and then "OK". (NOTE: Do not change any other settings, otherwise it may cause unexpected issues.)
E) Click "Scan", and allow to finish. Resolve any threats that TDSSKiller detects. Do not reboot your computer, the malware process will restart if you do.
2) Download RKill (BleepingComputer)
BleepingComputer has a list of different-named copies of RKill available on the page, because certain malware will terminate filenames they recognize. Just go down the list, one by one, and follow the instructions.
A) Click on the filename you wish to download. When finished, double-click the icon (or right-click on the icon and select "Open") to start.
If prompted by your computer, allow RKill permission to continue.
C) When the popup window appears, press any key to begin the scan. RKill may fail to create a restore point the first time, but that's okay; it shouldn't have any issues after that. The scan results log will appear as a text file on your desktop. Do not reboot your computer, the malware process will restart if you do.
D) Again, do this with each file version in BleepingComputer's list. Windows Defender detects AM_Delta_Patch as the trojan variant "Behavior:Win32/Powessere.D", so other system areas may be infected. Do not reboot or turn off your computer each time.
3) Download HitmanPro by Sophos (Sophos)
A) Click on "Free 30-Day Free Trial (Remove Malware Now)", and allow download to finish. When finished, double-click the icon (or right-click on the icon and select "Open") to start. NOTE: there are two versions -- HitmanPro.exe (for 32-bit Windows) and HitmanPro_x64.exe (for 64-bit Windows).
Click "Next" to begin. At the HitmanPro setup screen, you will be asked if you want to install the 30-day free trial; click "Yes, create a copy of HitmanPro so I can regularly scan this computer (recommended)." After you have completed your selection, click "Next" to continue.
C) HitmanPro will begin scanning, please allow to finish. The RKill file versions will likely flag as "Trojans", this means you were successful (RKill terminates malware processes, so these files are now safely deactivated.) It may also detect malware that isn't related to AM_Delta_Patch, make sure the actions are set to "Quarantine" (or "Delete", if possible).
D) Cick "Next" to begin removal, and reboot your computer to finish.
4) Turn off Windows Update
NOTE: THIS WILL TURN OFF WINDOWS DEFENDER -- DO THIS ONLY IF YOU ARE INSTALLING A REPLACEMENT ANTI-VIRUS SOFTWARE IMMEDIATELY AFTER THIS STEP!! (Using a computer without any anti-virus software is not recommended. BleepingComputer and I are not responsible for any issues that may arise from not installing a replacement anti-virus software, and no guarantees are made regarding the quality or effectiveness of the anti-virus software you use.)
A) In your computer's Control Panel, select "System and Security" > "Windows Update" > "Change Settings".
On the "Important Updates" drop-down box, select "Never check for updates (not recommended)".
C) Uncheck the other notification boxes, and click "OK".
D) If prompted, verify your changes. Windows will still try to search for new updates, but it won't download or install them (due to settings change). Just close the window.
E) Immediately install your preferred replacement anti-virus software, and make sure it works properly.
I apologize if these instructions are a bit messy, it's the first time I've ever written a technical how-to. For additional assistance in any of the above-listed programs, please consult a seasoned BC member. Hope this helps you.