whistleblower
New Member
Newbie trying to sort through this... Please bear with me because I'm trying to learn but don't know nearly enough...yet.
With your kindness, I'm hoping I can get some answers so I know what to do about this...
Can any of you tell me what I should do first to rid this computer of whatever is saved in it somewhere that's screwing up every OS I try to use?
Root Terminal - systemctl output:
With your kindness, I'm hoping I can get some answers so I know what to do about this...
Can any of you tell me what I should do first to rid this computer of whatever is saved in it somewhere that's screwing up every OS I try to use?
- Running a freshly created TAILS live USB (verified on separate computer -- booted perfectly first as a live USB on separate computer with no issues)
- Put said fresh new TAILS live USB (or live Parrot USB) into the bad computer... it looks normal when first booting, then the log starts scrolling on the screen, and it gets to "rootfs" and mentions squashfs and then it hangs up for a long time... Screen goes gray, and everything changes. The same TAILS USB (or Parrot USB) that just booted perfectly on the clean computer looks and runs differently on this one
- Examples of computer issues: desktop background and even the icons appear slightly different, permissions are restricted and different, synaptic package manager has a ton of packages on it, date/time altered to wrong time, specific functions like netstat are disabled, iptables has crazy configuration that overrides the ufw that I can handle as a newbie, and even if I set an Administrator password on TAILS or Parrot live distro USB, when I'm running Linux, I'm locked out of viewing several folders and functions on the desktop, saying that I don't have Administrator privileges/or my password is invalid, and I get warnings from cloud services I need for work everyday that I'm signed on from two locations or I'm not working on the latest version of my file or I have to do extra security steps because they think my computer has been hacked... I get notices that over 1500 dpkgs need to be updated, but if I let them go through, even more stuff gets restricted and changed. My email accounts and online phone number account shows messages as received/read when I haven't logged in, etc. When viewing the various files and folders on the desktop, a very large number of files are there, and a Windows Network appears, etc., but I'm not permitted to even open any of those files or even something if I save to my own desktop... And the freaky thing right now is that on Parrot, there's this clipboard on the taskbar saving random things I type, and I can't make it go away... URLs, phrases that have to do with computer issues, etc... and it doesn't matter which live distro I use, even if it's freshly created and tests perfectly on different machines right before I use it on the one in question... I'm sure I'm forgetting something, but that's what I can rattle off for now...
- Based on tutorials, I tried to flash a manufacturer's updated BIOS with a burned ISO on a USB, but it didn't appear to make any changes (manufacturer put out a new BIOS in .exe format and did my best to convert it and flash it, not sure)
- Tried to follow YouTube tutorial on "shorting" the U22 spot on the motherboard to reset the BIOS/CMOS(?) but that didn't change anything either to my knowledge. But seeing the inside of a computer and taking a good look at the motherboard was a cool experience... Anyway...
- Computer tech replaced my hard drive and reset Windows after what he called a rootkit/bootkit situation last summer, but the problems persisted, so I deleted Windows OS and switched to running a live Linux USB only without a hard drive for now while I figure this out. It used to be that a fresh live USB would work for a couple days before it went haywire, but now it's as soon as I boot it on this particular machine in question... Months later, I'm still having significant issues but I can't afford to buy another computer at the moment <pounds head on desk in frustration>
- Tried to go through DPKG in terminal and google each dpkg and remove the bad ones that appear on this machine, but they come back every time I restart the machine (meaning that if I run TAILS on a clean computer, there are just the good dpkgs, but if I run it on the bad computer, there's a huge quantity of dpkgs that appear in the terminal, even if I never plug in the ethernet cable) For example, following a forum thread I learned that: sudo apt-get remove -y --purge zenity* will make hundreds of dpkgs delete, and even more when I do the apt autoremove command after it. Same with libmoosex* and librevenge* and other ones. But I don't know the chicken from the egg to know what to handle first.
- Tried a clean live USB distro as Parrot OS, same non-distro items and tweaks to the OS are showing up, even when the computer is not connected to the internet.
- I tried removing the wifi adapter with built-in bluetooth, since a tech I'd used earlier this year said they were hacking my Windows OS through bluetooth vulnerability, but it's still happening even with an ethernet cable connection direct to cable modem with no wifi and no adapter in place.
- I don't know security well enough to understand BIOS to Kernel and such, but I'm learning as fast as I can, since this is a persistent problem.
Root Terminal - systemctl output:
Code:
┌─[root@parrot]─[/home/user]
└──╼ #systemctl
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executab
sys-devices-pci0000:00-0000:00:0e.0-sound-card0.device loaded active plugged
sys-devices-pci0000:00-0000:00:12.0-ata2-host1-target1:0:0-1:0:0:0-block-sr0
sys-devices-pci0000:00-0000:00:14.0-0000:01:00.0-net-eth0.device loaded acti
sys-devices-pci0000:00-0000:00:15.0-usb1-1\x2d2-1\x2d2:1.0-host2-target2:0:0
sys-devices-pci0000:00-0000:00:15.0-usb1-1\x2d2-1\x2d2:1.0-host2-target2:0:0
sys-devices-platform-serial8250-tty-ttyS0.device loaded active plugged /sy
sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sy
sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sy
sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sy
sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/
sys-devices-virtual-block-pktcdvd0.device loaded active plugged /sys/devic
sys-devices-virtual-misc-rfkill.device loaded active plugged /sys/devices/
sys-subsystem-net-devices-eth0.device loaded active plugged RTL810xE PCI E
-.mount loaded active mounted /
dev-hugepages.mount loaded active mounted Huge Pages File System
dev-mqueue.mount loaded active mounted POSIX Message Queue File
proc-sys-fs-binfmt_misc.mount loaded active mounted Arbitrary Executable F
run-live-medium.mount loaded active mounted /run/live/medium
run-live-overlay.mount loaded active mounted /run/live/overlay
run-live-rootfs-filesystem.squashfs.mount loaded active mounted /run/live/
run-user-1000.mount loaded active mounted /run/user/1000
sys-kernel-debug.mount loaded active mounted Kernel Debug File System
tmp.mount loaded active mounted /tmp
usr-lib-live-mount-medium.mount loaded active mounted /usr/lib/live/mount/
usr-lib-live-mount-overlay.mount loaded active mounted /usr/lib/live/mount
usr-lib-live-mount-rootfs-filesystem.squashfs.mount loaded active mounted
usr-lib-live-mount.mount loaded active mounted /usr/lib/live/mount
systemd-ask-password-console.path loaded active waiting Dispatch Password
systemd-ask-password-wall.path loaded active waiting Forward Password Requ
init.scope loaded active running System and Service Manage
session-1.scope loaded active running Session 1 of user user
session-3.scope loaded active running Session 3 of user user
accounts-daemon.service loaded active running Accounts Service
alsa-restore.service loaded active exited Save/Restore Sound Card S
alsa-state.service loaded active running Manage Sound Card State (
arpwatch.service loaded active exited arpwatch service
● beef-xss.service loaded failed failed beef-xss
binfmt-support.service loaded active exited Enable support for additi
blk-availability.service loaded active exited Availability of block dev
● console-setup.service loaded failed failed Set console font and keym
cron.service loaded active running Regular background progra
dbus.service loaded active running D-Bus System Message Bus
[email protected] loaded active running Getty on tty1
haveged.service loaded active running Entropy daemon using the
● hostapd-wpe.service loaded failed failed hostapd-wpe - Modified ho
ifupdown-pre.service loaded active exited Helper to synchronize boo
keyboard-setup.service loaded active exited Set the console keyboard
kmod-static-nodes.service loaded active exited Create list of required s
lightdm.service loaded active running Light Display Manager
live-config.service loaded active exited live-config configures a
lvm2-monitor.service loaded active exited Monitoring of LVM2 mirror
ModemManager.service loaded active running Modem Manager
networking.service loaded active exited Raise network interfaces
NetworkManager.service loaded active running Network Manager
polkit.service loaded active running Authorization Manager
resolvconf.service loaded active exited Nameserver information ma
rngd.service loaded active running Start entropy gathering d
rsyslog.service loaded active running System Logging Service
rtkit-daemon.service loaded active running RealtimeKit Scheduling Po
selinux-autorelabel-mark.service loaded active exited Mark the need to re
● smartd.service loaded failed failed Self Monitoring and Repor
snapd.seeded.service loaded active exited Wait until snapd is fully
sysstat.service loaded active exited Resets System Activity Da
systemd-journal-flush.service loaded active exited Flush Journal to Persi
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-modules-load.service loaded active exited Load Kernel Modules
systemd-random-seed.service loaded active exited Load/Save Random Seed
systemd-remount-fs.service loaded active exited Remount Root and Kernel F
systemd-sysctl.service loaded active exited Apply Kernel Variables
systemd-sysusers.service loaded active exited Create System Users
systemd-tmpfiles-setup-dev.service loaded active exited Create Static Dev
systemd-tmpfiles-setup.service loaded active exited Create Volatile Files
systemd-udev-trigger.service loaded active exited udev Coldplug all Devic
systemd-udevd.service loaded active running udev Kernel Device Manage
systemd-update-utmp.service loaded active exited Update UTMP about System
systemd-user-sessions.service loaded active exited Permit User Sessions
udisks2.service loaded active running Disk Manager
ufw.service loaded active exited Uncomplicated firewall
unattended-upgrades.service loaded active running Unattended Upgrades Shut
upower.service loaded active running Daemon for power manageme
[email protected] loaded active exited User Runtime Directory
[email protected] loaded active running User Manager for UID 1000
wpa_supplicant.service loaded active running WPA supplicant
xplico.service loaded active running Xplico
-.slice loaded active active Root Slice
system-getty.slice loaded active active system-getty.slice
system.slice loaded active active System Slice
user-1000.slice loaded active active User Slice of UID 1000
user.slice loaded active active User and Session Slice
dbus.socket loaded active running D-Bus System Message Bus
dm-event.socket loaded active listening Device-mapper event daemo
lvm2-lvmpolld.socket loaded active listening LVM2 poll daemon socket
pcscd.socket loaded active listening PC/SC Smart Card Daemon A
snapd.socket loaded active listening Socket activation for sna
syslog.socket loaded active running Syslog Socket
systemd-initctl.socket loaded active listening initctl Compatibility Nam
systemd-journald-audit.socket loaded active running Journal Audit Socket
systemd-journald-dev-log.socket loaded active running Journal Socket (/dev
systemd-journald.socket loaded active running Journal Socket
systemd-rfkill.socket loaded active listening Load/Save RF Kill Switch
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
uuidd.socket loaded active listening UUID daemon activation so
basic.target loaded active active Basic System
cryptsetup.target loaded active active Local Encrypted Volumes
getty.target loaded active active Login Prompts
graphical.target loaded active active Graphical Interface
local-fs-pre.target loaded active active Local File Systems (Pre)
local-fs.target loaded active active Local File Systems
multi-user.target loaded active active Multi-User System
network.target loaded active active Network
nss-user-lookup.target loaded active active User and Group Name Looku
paths.target loaded active active Paths
remote-fs.target loaded active active Remote File Systems
slices.target loaded active active Slices
sockets.target loaded active active Sockets
sound.target loaded active active Sound Card
swap.target loaded active active Swap
sysinit.target loaded active active System Initialization
time-set.target loaded active active System Time Set
time-sync.target loaded active active System Time Synchronized
timers.target loaded active active Timers
apt-daily.timer loaded active waiting Daily apt download activi
e2scrub_all.timer loaded active waiting Periodic ext4 Online Meta
exim4-base.timer loaded active waiting Daily exim4-base housekee
logrotate.timer loaded active waiting Daily rotation of log fil
man-db.timer loaded active waiting Daily man-db regeneration
systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Tempor
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
130 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.
┌─[✗]─[root@parrot]─[/home/user]
└──╼ #
[code]