Can I please get your assistance? I am a Windows 7 Professional standalone computer and I've been compromised by something that seems to using a remote access point and doing a good job at evading detection. I first noticed the issue in my event logs where there were hundreds of error entries from an entity called "gatherer" which I have never seen before. I'm now noticing that permissions seem to be changing and it is running much slower on the internet. I am a premium user of Malwarebytes and it is set to protect me in real time. It shows nothing unusual.
Today I was unable to delete a couple folders even though they were ones that I created on my desktop which was very surprising to me. I even went into safe mode and it still did not let me delete one of those folders, which sat in my downloads folder. Even after trying to set it as administrator, it still would not delete in safe mode. I also could not delete the Qoobox folder of combofix even in safe mode even though the program was not installed. I have always been able to delete it in safe mode. The last time I tried to run combofix it failed saying it was outdated despite that it was the brand new version at the time. It is important to me that I always have my computer prepared to run combofix because it is the best program I've found when all else fails. Today I'm not sure it will run at all because of those changed permissions that don't want to let me access even the leftover files.
Today I ran Hijack this. It gave me an error message right away that said the following: "for some reason your system denied write access to the hosts file. If any hijacked domains are in this file, hijack this may not be able to fix this". I looked at the host file and it had just one line entry in it and it looked normal to me but I have no idea where that message came from. In the running process list were a number of entries of api shell components running along with a process named the following: Windows\system32\RpcRtRemote.dll
I am not part of a domain and I don't allow anything remotely to use my computer, and yet they seem to be getting better at finding remote access points. I'm concerned that it is a sophisticated intrusion using virtual drivers. I noticed the other day another profile which I don't recall seeing before since it was only mine before. There have been a couple weird events recently where the monitor started scrolling color bands and I couldn't even shut the system down except with a hard reset button in the back. It happened like 3 times when I was on the google chrome browser. I thought it was hardware related but it hasn't been happening often enough to think it is really that. I also noticed entries of a subsystem running that I've not seen before so it seems to be more sophisticated but I don't really know. I'd rather deal with it before it does real damage to my system.
I'm turning to your expertise because it is beyond my capabilities. I am a victim of identity theft not only from the Equifax breach, where my info was found on the dark web so my alert levels are definitely set to high at this point.
Please assist me. Thank you kindly.