Help I've been hacked beyond belief!
I got my Acer Travelmate 215-53 series with Windows 10 on it. Everything was going fine until one day I notice files were disappearing from my desk top. There was a unknown One Drive open and chunks of my files were disappearing. I didn't connected from the net. Check out my internet connection to see if anyone was connected all seemed good. Ran some virus scans to make sure nothing was left my laptop but it came up clean. I checked out my security and tightened things where I could. I didn't know it but I had just experienced a life changing event. A couple of days went by and things started to get weird. I would see a folder I didn't remember having but I wasn't sure thought I was just being paranoid. I use the laptop to do my job and I work half day but 7 days a week so unless I was sure I had problem I wasn't going to take it in work is quite demanding. I made sure I had good protection, Windows Defender, Kapersky and Malwarebytes. Double checked all my updates where good. But things just got weirder. More things started to look different and I when my antivirus apps were unexpectedly all switched I knew I had problems. I cranked them back on to the highest possible levels of protection and ran scans daily and watched my network closely but that didn't help, things started going bad fast. The number of processes running became excessive, Microsoft Edge started using large chunks of resources and nothing I could do could shut it down. Uninstalling was impossible. I noticed processes had been running on my laptop at the very early hours of the morning when my laptop was powered off and I was asleep. Then certain setting on my laptop became greyed out, I had noticed settings like my firewall where set to lower levels and I had to set them back up. I noticed a lot of new files created in my registry but the dates were impossible 1999, 2004, 1980s I managed to nail down a file that was definitely a issue. Rpcnet and variations of it. No matter what I did to it just laughed at me and kept going. I noticed other shady files I removed would reappear. PowerShell just uvanished. I suddenly didn't have permission to delete some files. I had strangely name users and it seemed that every user account including the default ones where busy making changes to my laptop. I discovered I had been demoted and placed in another group with supposed admin privileges but I had now power to override actions by other users. Everytime I changed some setting or fought back things would get way uworse and I would have even less privileges. The more I changed setting back the more setting became greyed out. It became ridiculous, my C: vanished and I had shortcuts appear on my desktop I didn't put there. My browser started to look strange. There were slight inconsistencies in the Google logo and on the Microsoft site. I had tried doing a factory reset but it just would reboot and nothing changed. My microphone was active at strange times and when I needed it to do calls for my job it wouldn't work. I couldn't function anymore. I don't get paid if I don't work and I'm new so I was trying to fight it with every I could. I suspected I had a rootkit when my password protected bios started changing settings on it's own. I had AMT and I read it was a risk so I disabled it which apparently can't be undone. It undid itself. I took my laptop in had a full deep wipe and had the bios flashed to kill off any malware hiding in my firmware. I took it back home and I spent ages hardening it up according to best practices suggested. The next day everything was fine and then I saw Rpcnet had returned and this time the it went downhill fast. I took it back and accused the IT guy of doing a poor job and not following strict procedure. Had it wiped again and flashed but this time the strictest protocols were followed. It didn't even last 24 hours before it was back. Then I noticed my Samsung A25 had weird icons on the folder and settings greyed out. Trivial apps had God like privileges and weird apps and system apps started appearing. Bluetooth and why would turn themselves back on. I couldn't change certain settings my browser looked fake. I spent a lot of time on ChatGPT and I started noticing it would crash when I was trying to research how to sort out my laptop or phone. My wife who had only connected via Bluetooth phone was next. Then I checked the spare phone and it had the same story and it hadn't been online. I lost access to my Gmail and Microsoft accounts soon after I had noticed that my phone was logged into my email accounts twice. Once as this user and then again as Samsung A25 and besides that I had other users connected. I had had enough and a friend had bootable rescue USB but with Linux which I had never even seen in my life but I was desperate. Full wipe twice more but still it just came back harder than before. I was losing pay everyday I couldn't work and the boss was getting impatient. So I pulled together all the cash I had and bought a new laptop. I checked it out at the shop disabled WiFi and Bluetooth in the shop and tool it home. The next day I powered it up and within an hour I knew it was also infected which was not supposed to be possible. The phones were powered off when I turned the laptop on. Hello! I am still alive, think it's been a horrible mint. Riana and I lost almost all our accounts, Facebook, LinkedIn, Gmails, ect ect. Opened so many new accounts in a panic and just got mixed up with all the passwords and the phones have been factory reset a good few times and I didn't know which emails were the recovery emails for the other accounts. It was hectic, apps would just appear that weren't there before or there would be two of the same app, the Google logo would be the wrong colour, and I would get a log in page on a website that I've never been to before and my name would already be filled in. Would get these persistent sms' with links. I was so naive, I've never worried about this sort of thing, I had one password for all my accounts and I've had the same on for like 20 years, i added a extra digit to it a few years back but I always thought that nobody would be interested in my stuff. I thought stuff like this only happened in the movies. That laptop had the malware first and after I picked it up on there a couple of days later I noticed my files had these new logos on them but I ignored it. It was when it started acting strangely I started looking at it and found out some of my settings became greyed out. I didn't remember it being like that before but I started turning off my Bluetooth and WiFi and disabling apps that were using unusually high amounts of data. No matter how many times I out off Bluetooth and WiFi the settings would change back. I started restricting permissions on apps on my phone because my camera app was accessing my contacts, microphone and was using data, when the emergency app started doing the same. I got a app that measures the data usage of apps in real time and I would disable suspect apps and prevent them from using background data as a extra precaution and I would check and they would be using data still. The laptop was the worst. I had such a struggle just open the website I make calls from, the microphone would work all of a sudden and I checked and it was set to work with a application I couldn't get it back. The other one was I would see that downloaded and I would look into it and there were 4 that were downloaded but they were downloaded at around 3am when my laptop was powered off. I did not have permission to go into certain files and I could stop certain processes. Weird files would appear on my desktop. The weirdest was there was stuff on my laptop that was only on my phone. I never got around to putting any personal things on my laptop. I've already had it repaired twice but it would be pointless spending more than the thing was worth in the first place. I really didn't want to lose my job, losing a job after not having one for so long and I have had some horrible experiences with losing jobs its quite a sensitive spot and I was really really hurt and scared after the SA Paramedics thing. So I was not going to lose this one so I worked for hours and hours and hours to get it back. I got so close but I would fix something and the next day the settings and ability to do what I did before to fix it would be greyed out or I would not have the right permissions. I was using a recovery USB drive to boot into a OS that wasn't compromised, the all of a sudden I couldn't. The laptop just ignored the USB. I eventually discovered that the settings in the bios had changed to not allow booting from a USB device. Really I thought this shit only happened in the movies. But I don't think it's so much it is a very sophisticated malware, because I was trying to download apps to help sort my laptop out and certain very useful ones would download for a bit and then stop. It would say download cancelled but then there would also be a strike through the app. I just thought it was weird at first but after trying to download certain things as much as 10 times and the same thing happening everytime I knew it wasn't normal. I found these files on my laptop with computer code in the and I would check them out, there were more and more all the time all about dodgy sounding stuff but inbetween the code I often found dialogue between two people, making jokes and sarcastic remarks about "Bug boy" that's very usual to find in computer coding and especially as the file wasn't downloaded by me and I didn't even have a clue what code it was. I put on the best antivirus software I could get and set all the settings to the highest protection levels and I would notice that it wasnt running. Then I would check and it had been disabled, so I would turn it back on again. Same thing would happen a few times and then eventually the settings button would turn grey and clicking on them would do nothing. The weirdest was I decided I was going to copy all the weird files and computer coding to my USB and show it to someone. I stared copy and pasting it after a few files the copy option was gone. Greyed out and clicking on it would do nothing. So I got clever and I opened the files and used save as to save them to my usb and then the save button went grey and didn't respond anymore. I found a lot of EFI files that weren't mine on my computer and I stopped being able to boot into my laptop. That's just some of it. I would not a chance believe this if it didn't happen to me. Everyone I've approached looks at me like I'm mad. I don't know what to do