I have followed your directions and was able to manually remove the Boinc components from my Windows 10 PC. But I am also getting multiple IP issues that may be related to the same malware. Perhaps the malware has installed and/or modified task scheduler triggers that are outside the AppData/Roaming directory structure. For example, do you know anything about the Remove_NetIPsecMainModeSA Windows security association (SA) scheduled task that suspiciously (to me) runs every three minutes?