I have a 2014 MSI ghost Pro 60 gaming laptop that was purchased at a hock shop used.
I've noticed several things on this system, such as hive file modifications, extra Drive partitions, strange events in the event logs, and general internet slowdown, popups claiming im infected, etc.
looking through the event logs I noticed a file, I was investigating mentions rootkits in a google search;
also I'm seeing stuff like this:
>User Logoff Notification for Customer Experience Improvement Program
>The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
>The following boot-start or system-start driver(s) did not load:
I DO download alot of stuff, so yeah, thats probably part of the issue as some sites I goto could be labled "nafarius", at best....
I was trying to set up a pen testing system with metasploit, so I thought I may have become infected that way.
The drives are pretty full of both my own and previous owner's crap/games files, etc. If I do need to do a wipe thats fine, although I hope that the factory partition would still be intact if that is the case. My important files are on backup drives.
I just started downloading a bunch of scanners/rootkit detectors, etc when I remembered your site, and thought perhaps you guys could look at it with me.
Thanks for any services you might render.
Where should I start?