EVERYONE, I would encourage all of you here to listen to Kelvin_Stone, as well as me. PLEASE, do not be dismissive. I am in a very similar situation, but i’ll provide a bunch of logs. BTW, Kelvin, I feel for you on the black sheep thing. My wool is actually so dark when other black sheep see me they bleat sighs of relief in thankfulness that they aren’t this dark. LOL. But, onto the matters of importance… My issues started even before I switched to Linux. I used to do independent investigations into many things and publish my findings, which consistently rattled the cages of some very large and dangerous animals. I hung the gloves up years ago for various reasons. However, I started looking into the whole Convid-19 program when it became apparent that it was being taken well beyond fear-mongering on the “news”. In doing so I ended up discovering some sensitive information connecting a number of certain individuals and groups (including politicians, radio hosts, false religious leaders, and military intelligence agents posing as activists and social media content creaotors) that are currently working together on a large-scale psychological operation to socially engineer certain demographics by way of political astroturfing, as well as surveilling and influencing the public (especially activists and influencers) by electronic means, social platforms, and infiltration. Thats the tip of the iceberg. Since then, I have been through multiple laptops and even more phones. The issue is always the same, much like Kelvin_Stone. Persistent rootkit(s) that survive clean re-installs. With Windows the big giveaways are an abundance of remote log-ons from a dozen or more users/groups, files disappearing or becoming inexplicably corrupted, and when I’d factory reset or clean re-install the OS there is a split-second flash of what looks like the hollow outline of a Command Prompt or File Explorer window on the screen after it “wipes” the drive and the “new” install begins. After the “new” install, the system is the same version it was previously, even though i’ve tried to go from Windows 10 to 11 and from 11 to 10. I have pulled at least 2 brand new laptops out of the box and witnessed them be in an already-corrupted state as soon as I turned them on. One gave an error notification the second it was powered on and then immediately rebooted itself, and the others were also corrupted with rootkits and/or altered BIOS or firmware before I could even get through the set up process and get to the desktop for the first time. I’ve experienced the same issues with numerous cell phones. These machines were brand new out of the sealed boxes, never previously turned on, and were never connected to the internet, not even during set-up. I looked into how to bypass that nonsense in Windows. After multiple machines I did more research, hence me moving to Linux. I actually want to run Qubes+Whonix with Parrot running inside Qubes, but at the time that was too much new knowledge to take on all at once while trying to figure out to recover files safely and so on. Parrot sounded secure enough to use on its own for at least a short period of time, so i created a Parrot live bootable USB, ran it for a couple days. It seemed to be safe but I can’t know if it was for sure. I did the install to my system and after I did an update I noticed that Anonsurf started consistently displaying an error message when I would click “Yes” in response to the “Do you want to kill harmfull applications?” dialogue. As soon as I click “Yes”, it says “Error trying to kill harmful applications”, but will then go green and say it is enabled. As well, like Kelvin, I cannot log into my router securely. I get the exclamation point in the triangle error, telling me the connection is not secure, every time i go to the the log-in page. All this being said, although my BIOS is compromised, I am not sure if the rootkit/malware is only on my hard drive or if it is in the firmware (although I am leaning towards it being a hard drive issue at the moment). I am wondering if its possible to clean up a compromised install or if I have to do a clean re-install, and how to clean up the malware if possible, and if someone can provide me with a verified clean ISO or how I can get one that is legitimate, considering every time I download a version of Parrot it ends up being compromised and always installs as Parrot 5.14.0, even if I download old versions such as 4.6 or 4.8, etc. I will post some of the output logs I got when running RKHunter and Lynis. These will be long strings of info. Any advice would be greatly appreciated, and if anyone has a way to get me a live-bootable USB of Qubes+Whonix and a 2nd one with Parrot (using USB sticks with secure firmware and physical write-protection lock switches) i’d be happy to compensate someone, unless one of you kind folks out there feel like doing me the favor without charge, as going through 10 or more devices over the last 9 months or so has decimated my finances. Thanks to anyone who read all of that and can offer any help. See logs below.
RkHunter 3-19-22.log (152.8 KB)
Xorg.0.log (71.8 KB)