New Linux user requests guidance. Near boomer warning in effect.

Credits
58
Hi Everyone. I recently switched to Linux after 20+ yrs of Windows for a number of reasons but I think I am having trouble installing Kubuntu 20.04. Everything goes fine but a day or two later it appears as if its been replaced with Ubuntu or Linux 5.11 or something like that. Kubuntu does not show up on the boot menu. I have had some people trying to make life online difficult so I need to know if they did an end run around me to ensure my system remains vulnerable. Let me know what info you need and I will post it.
 


arochester

Moderator
Staff member
Gold Supporter
Credits
2,348
Kubuntu is from the same family as Ubuntu, but with a KDE interface. What do you get if you choose to boot "Ubuntu"?
 
Credits
58
I realize that it was but being new I did not know what to expect. The main reason I asked is because my wifi shuts down claiming weak signal, bluetooth activates on its own and I have a hotspot that I did not set up and cannot change. How do I get full root access for a few hours(Admin I guess)t so I can change whatever I please.Sound also cuts out. Sometimes I can reactivate the sound but I always have to reinstall when wifi goes just to get it back. I seem to have a lot of browser problems with the firefox that came with it. I lost 3 gmail accounts last week because the passwords that it saved (&I wrote down) no longer worked.
 
Credits
58
Ubuntu just upgraded all their flavors of 20.04 to 20.04.3 what falls under Ubuntu - Have a look here
Thanks. I will check them out. I may end up choosing a different release. I am not sure I like the plasma desktop but I want to give it a chance.
 

Lord Boltar

Well-Known Member
Credits
5,921
bluetooth activates on its own - I have a hotspot that I did not set up and cannot change.
if you do not use it you can turn it off
For your Bluetooth have a look here - https://wiki.kubuntu.org/Bluetooth
For your Hotspot that you did not create does anyone else have access to your computer? Hotspot has to be created - you can delete it by opening the Network Manager and look under WiFi if you see it highlight that connection and there is a + or - button down toward the bottom left click the - button to delete it
 
Credits
58
Thanks for the BT info. I am the only person with physical access to the machine. Found a new 802.11 connection. Should a system set up a BT/Ethernet Loopback Network connections? I am deleting it so lets see what hap........
P.S. I think I forgot to hit reply again. My bad.
 

Lord Boltar

Well-Known Member
Credits
5,921
Should a system set up a BT/Ethernet Loopback Network connections?
The loopback device is a special, virtual network interface that your computer uses to communicate with itself. It is used mainly for diagnostics and troubleshooting, and to connect to servers running on the local machine.
When a network interface is disconnected--for example, when an Ethernet port is unplugged or Wi-Fi is turned off or not associated with an access point - no communication on that interface is possible, not even communication between your computer and itself. The loopback interface does not represent any actual hardware, but exists so applications running on your computer can always connect to servers on the same machine.
 
Credits
58
The loopback device is a special, virtual network interface that your computer uses to communicate with itself. It is used mainly for diagnostics and troubleshooting, and to connect to servers running on the local machine.
When a network interface is disconnected--for example, when an Ethernet port is unplugged or Wi-Fi is turned off or not associated with an access point - no communication on that interface is possible, not even communication between your computer and itself. The loopback interface does not represent any actual hardware, but exists so applications running on your computer can always connect to servers on the same machine.
Ok. Understood. Do you think that where I have a Realtek 8821CE 802.11ac adapter may be causing a problem. They may have fixed this but I seem tto remember reading about people having problems with this. I have also noticed that my firewall will not respond to certain commands. I tried to pull up a detailed port list and it claims command is unrecognized or that no such thing exists. Also my machine claims to not be using IPv4 or IPv6 for internet access in the plasma settings. So whats it using or why is it not listing it?Thank you for the help btw.
 

Lord Boltar

Well-Known Member
Credits
5,921
Realtek 8821CE 802.11ac and Firewall
Have you checked for updated drivers through software&updates? open that and click on Additional Drivers it should find them. It use to be an issue with older 4.14 kernels but Buntu has added the drivers though the Software&Updates
As far as the firewall goes use the syanptic package manager and install gufw or
Code:
sudo apt install gufw
this will add a GUI to the uwf firewall making the process simpler
 
Credits
58
Have you checked for updated drivers through software&updates? open that and click on Additional Drivers it should find them. It use to be an issue with older 4.14 kernels but Buntu has added the drivers though the Software&Updates
As far as the firewall goes use the syanptic package manager and install gufw or
Code:
sudo apt install gufw
this will add a GUI to the uwf firewall making the process simpler
When entered I get the response:
dpkg: error: unknown option -o
 

AntrygWindrose

New Member
Credits
161
Try running
Code:
sudo dpkg --configure -a
see if that fixes it then
Code:
sudo apt update
then
Code:
sudo apt upgrade
then try to reinstall
Code:
sudo apt install gufw
Hi. I made it back. I used some linux document viewers and I was able to find the weird files that makes me think I was hacked or something was damaged from a failed windows update. Now remember that these exact files were on my system before I ever touched a linux product. Tell me what you think.

pmtimer: 0x%lx bad_reads: %d
\0pmtimer\0kern/i386/tsc_pmtimer.c\0timer is broken; giving up.
\0pmtimer delta is 0x%lx
\0tsc delta is 0x%lx
\0pmtimer delta is 0x%lx (%u iterations)
\0tsc delta is implausible: 0x%lx
\0No FADT found; not using pmtimer.
\0FADT does not specify pmtimer; skipping.
\0allocation outside 32-bit range\0invalid arch-dependent ELF magic\0reloc offset is out of the segment\0relocation out of range\0relocation 0x%x is not implemented yet\0closing %s
\0efidisk\0disk/efi/efidisk.c\0opening %s
\0not a efidisk\0no such device\0m = %p, last block = %llx, block size = %x, io align = %x
\0invalid buffer alignment %d\0invalid sector size %d\0opening %s succeeded
\0d%d\0hd%d\0iterating %s
\0fd%d\0cd%d\0reading 0x%lx sectors at the sector 0x%llx from %s
\0no media in `%s'\0failure reading sector 0x%llx from `%s'\0writing 0x%lx sectors at the sector 0x%llx to %s
\0failure writing sector 0x%llx to `%s'\0%s,%s\0/%sVendor(%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x)[%x: \0]\0%02x \0set_virtual_address_map failed\0could not set EFI variable `%s'\0mods\0malformed EFI Device Path node has length=%d\0/EndEntire
\0/EndThis
\0/EndUnknown(%x)
\0/PCI(%x,%x)\0/PCCARD(%x)\0/MMap(%x,%llx,%llx)\0Hardware\0/Ctrl(%x)\0/UnknownHW(%x)\0/ACPI(%x,%x)\0/ACPI(\0%x,\0%s,\0%x)\0%s)\0/UnknownACPI(%x)\0/ATAPI(%x,%x,%x)\0/SCSI(%x,%x)\0/FibreChannel(%llx,%llx)\0/1394(%llx)\0/USB(%x,%x)\0/USBClass(%x,%x,%x,%x,%x)\0/I2O(%x)\0/MacAddr(%02x:%02x:%02x:%02x:%02x:%02x,%x)\0/IPv4(%u.%u.%u.%u,%u.%u.%u.%u,%u,%u,%x,%x\0,%u.%u.%u.%u,%u.%u.%u.%u\0)\0/IPv6(%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x,%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x,%u,%u,%x,%x\0,%u,%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\0/InfiniBand(%x,%llx,%llx,%llx)\0/UART(%llu,%u,%x,%x)\0/Sata(%x,%x,%x)\0Messaging\0/URI(%s)\0/DNS(%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x)\0/DNS(%d.%d.%d.%d)\0/UnknownMessaging(%x)\0/HD(%u,%llx,%llx,%02x%02x%02x%02x%02x%02x%02x%02x,%x,%x)\0/CD(%u,%llx,%llx)\0Media\0/File((null))\0/File(%s)\0/Protocol(%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x)\0/UnknownMedia(%x)\0/BIOS(%x,%x,%s)\0/UnknownBIOS(%x)\0/UnknownType(%x,%x)
\0Could not malloc memory to remember EFI allocation. Exiting GRUB won't free all memory.
\0couldn't retrieve memory map\0memory map buffer is too small\0couldn't terminate EFI services\0Trying to terminate EFI services again
\0cannot get EFI memory map size\0cannot allocate memory\0cannot get memory map\0cannot allocate conventional memory %p with %u pages\0too little memory\0cannot set text mode\0console\0RSDT\0FACP\0XSDT\0y\0lockdown\0lockdown_verifier\0no TSC found\0unaligned pointer %p\0double free at %p\0alloc magic is broken at %p: %lx\0out of range pointer %p\0null in the ring\0free magic is broken at %p: 0x%x\0out of memory\0overflow is detected\0requested buffer size is too large\0overflow is detected\0new read is position beyond the end of the written data\0%s: the command is not allowed when lockdown is enforced\0\0/\0\0%s%s \0(%s) \0unknown\0
\0invalid argument\0(%s): Filesystem is %s.
\0one argument expected\0%s=%s
\0not an assignment\0Set an environment variable.\0[ENVVAR=VALUE]\0set\0Remove an environment variable.\0ENVVAR\0unset\0List devices or files.\0[ARG]\0ls\0Insert a module.\0MODULE\0insmod\0%s,%s\0root\0variable `%s' isn't set\0%s read failed
\0disk\0kern/disk.c\0Closing `%s'.
\0Opening `%s'...
\0sector sizes of %d bytes aren't supported yet\0no such partition\0Opening `%s' failed.
\0disk `%s' not found\0attempt to read or write outside of partition\0attempt to read or write outside of disk `%s'\0Read out of range: sector 0x%llx (%s).
\0`%s' is already loaded\0module at %p, size 0x%lx
\0modules\0kern/dl.c\0ELF header smaller than expected\0invalid arch-independent ELF magic\0this ELF file is not of the right type\0ELF sections outside core\0relocating to %p
\0.module_license\0incompatible license\0LICENSE=GPLv3\0.modname\0LICENSE=GPLv3+\0LICENSE=GPLv2+\0no module name found\0.moddeps\0grub_mod_init\0grub_mod_fini\0unknown symbol type `%d'\0relocation without symbol table\0flushing 0x%lx bytes at %p
\0module name: %s
\0init function: %p
\0symbol `%s' not found\0Secure Boot forbids loading module from %s\0prefix\0variable `%s' isn't set\0%s/x86_64-efi/%s.mod\0mismatched names\0\0error: %s.
\0assert: error stack overflow detected!
\0missing `%c' symbol\0attempt to read past the end of file\0attempt to seek outside of the file\0invalid file name `%s'\0beyond the total sectors\0Detecting %s...
\0fs\0kern/fs.c\0/\0%s detection failed.
\0unknown filesystem\0blocklist\0\0%s\0root\0(%s)%s\0cmdpath\0x86_64-efi\0prefix\0normal\0%s%s\0overflow is detected\0unrecognized number\0positional arguments are not supported\0unexpected format\0too many arguments\0(null)\0debug\0all\0%s:%d: \0invalid format\0arguments types do not match\0
Aborted.\0 Press any key to exit.\0overflow is detected.\0peek out of range\0overflow is detected\0\0%d\0sub-partition %s%d of (%s,%s) ends after parent.
\0partition\0kern/partition.c\0Unknown command `%s'.
\0help\0Try `help' for usage
\0> \0grub rescue> \0
\0Entering rescue mode...
\0SecureBoot\0No SecureBoot variable
\0secureboot\0kern/efi/sb.c\0SecureBoot: %d
\0SetupMode\0No SetupMode variable
\0SetupMode: %d
\0efi_wrap_0\0efi_wrap_1\0efi_wrap_10\0efi_wrap_2\0efi_wrap_3\0efi_wrap_4\0efi_wrap_5\0efi_wrap_6\0efi_wrap_7\0grub_acpi_find_fadt\0grub_byte_checksum\0grub_calloc\0grub_command_list\0grub_current_context\0grub_device_close\0grub_device_iterate\0grub_device_open\0grub_disk_cache_table\0grub_disk_close\0grub_disk_dev_list\0grub_disk_dev_register\0grub_disk_dev_unregister\0grub_disk_firmware_fini\0grub_disk_firmware_is_tainted\0grub_disk_get_size\0grub_disk_open\0grub_disk_read\0grub_disk_write_weak\0grub_divmod64\0grub_dl_head\0grub_dl_load\0grub_dl_load_core_noinit\0grub_dl_ref\0grub_dl_ref_count\0grub_dl_unload\0grub_dl_unref\0grub_dma_free\0grub_dma_get_phys\0grub_dma_get_virt\0grub_efi_allocate_any_pages\0grub_efi_allocate_fixed\0grub_efi_allocate_pages_max\0grub_efi_allocate_pages_real\0grub_efi_compare_device_paths\0grub_efi_duplicate_device_path\0grub_efi_find_last_device_path\0grub_efi_find_mmap_size\0grub_efi_finish_boot_services\0grub_efi_free_pages\0grub_efi_get_device_path\0grub_efi_get_filename\0grub_efi_get_loaded_image\0grub_efi_get_memory_map\0grub_efi_get_variable\0grub_efi_image_handle\0grub_efi_is_finished\0grub_efi_locate_handle\0grub_efi_locate_protocol\0grub_efi_net_config\0grub_efi_open_protocol\0grub_efi_print_device_path\0grub_efi_secure_boot\0grub_efi_set_text_mode\0grub_efi_set_variable\0grub_efi_set_virtual_address_map\0grub_efi_stall\0grub_efi_system_table\0grub_efidisk_get_device_handle\0grub_efidisk_get_device_name\0grub_env_export\0grub_env_get\0grub_env_set\0grub_env_unset\0grub_env_update_get_sorted\0grub_err_printed_errors\0grub_errmsg\0grub_errno\0grub_error\0grub_error_pop\0grub_error_push\0grub_exit\0grub_fatal\0grub_file_close\0grub_file_filters\0grub_file_get_device_name\0grub_file_open\0grub_file_progress_hook\0grub_file_read\0grub_file_seek\0grub_free\0grub_fs_autoload_hook\0grub_fs_list\0grub_fs_probe\0grub_get_time_ms\0grub_getkey\0grub_getkey_noblock\0grub_gettext\0grub_is_lockdown\0grub_isspace\0grub_list_push\0grub_list_remove\0grub_lockdown\0grub_machine_acpi_get_rsdpv1\0grub_machine_acpi_get_rsdpv2\0grub_machine_fini\0grub_malloc\0grub_memalign\0grub_memalign_dma32\0grub_memcmp\0grub_memmove\0grub_memset\0grub_millisleep\0grub_mm_base\0grub_modbase\0grub_named_list_find\0grub_net_open\0grub_net_poll_cards_idle\0grub_parser_cmdline_state\0grub_parser_split_cmdline\0grub_partition_get_name\0grub_partition_iterate\0grub_partition_map_list\0grub_partition_probe\0grub_pci_find_capability\0grub_pci_iterate\0grub_pci_make_address\0grub_pmtimer_wait_count_tsc\0grub_print_error\0grub_printf\0grub_printf_\0grub_printf_fmt_check\0grub_puts_\0grub_real_dprintf\0grub_realloc\0grub_reboot\0grub_refresh\0grub_register_command_lockdown\0grub_register_command_prio\0grub_register_variable_hook\0grub_snprintf\0grub_strchr\0grub_strcmp\0grub_strcpy\0grub_strdup\0grub_strlen\0grub_strncmp\0grub_strndup\0grub_strrchr\0grub_strtoul\0grub_strtoull\0grub_strword\0grub_term_highlight_color\0grub_term_inputs\0grub_term_inputs_disabled\0grub_term_normal_color\0grub_term_outputs\0grub_term_outputs_disabled\0grub_term_poll_usb\0grub_tsc_rate\0grub_unregister_command\0grub_vprintf\0grub_vsnprintf\0grub_xasprintf\0grub_xputs\0grub_xvasprintf\0grub_zalloc\0memcmp\0memcpy\0memmove\0memset
 

Lord Boltar

Well-Known Member
Credits
5,921
pmtimer (Power Management Timer) ls part of the kernel
No FADT found error it looks like ACPI problem is BIOS based - have you tried to update your BIOS?
allocation outside 32-bit range \invalid arch-dependent ELF magic\ - this is a grub error

To me it looks like most of your problem is with the grub - but I am no genius in this area - have you tried to repair it - https://help.ubuntu.com/community/Boot-Repair
 

AntrygWindrose

New Member
Credits
161
pmtimer (Power Management Timer) ls part of the kernel
No FADT found error it looks like ACPI problem is BIOS based - have you tried to update your BIOS?
allocation outside 32-bit range \invalid arch-dependent ELF magic\ - this is a grub error

To me it looks like most of your problem is with the grub - but I am no genius in this area - have you tried to repair it - https://help.ubuntu.com/community/Boot-Repair
Late last year I was suddenly unable to access my BIOS. I know it appears as a grub error but these exact same files were on my system last year when I was still using Windows. I bought it new and never installed any other OS on it until recently. I am going to say something off the wall and I admit I could be mistaken but I have found logs where it appears to claim that the wireless/BT module is able to send and receive data directly from the processor. (without having a conductor between them).
After a while I began to think someone injected that script into the system just to keep me paranoid about my pc but in April of this year my pc got a mind of its own. The 2 worst events were these:
1. My firewall and connected device platform services locked me out of changing them. When I started tearing into the files the system suddenly updated the file and said "Secret defender and antivirus pages discovered. Activating kill switch value =5000ms or something like that. I did not have long to read it but I was still surprised when my disk erased itself. All of it except mini nt console. I bought a new copy and installed it and everything was just like when I bought it but hours later it restarted and poof. The old install was back.
2. I was preparing to make an ISO on a USB stick but every time I got near the button to complete the creation a black popup window blocked me. So I asked what they wanted (yes. I know how that sounds) and stated if you can hear me bring up the terminal window. It immediately flashed on twice. No Joke.
Things are much better after I moved and installed a Linux based OS but I do not totally trust that I am still going to be messed with if there is embedded code or hardware flaw. I used robocopy to remove the remaining files from the SSD, and did a wipe and reformat before putting Kubuntu in and those log files still appear.
One thing I forgot to mention about the file I pulled that off of is that it has a recursive quality. I tried to go further down the page but it would suddenly put me back to the end of the script I sent you. What is that?
 
Last edited:

Lord Boltar

Well-Known Member
Credits
5,921
"Secret defender and antivirus pages discovered. Activating kill switch value =5000ms
Block at first sight only uses the cloud protection back-end for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud back-end to determine if the file is a previously undetected file.
If the cloud back-end is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs more analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or not a threat.
Have a look here - https://docs.microsoft.com/en-us/mi...rosoft-defender-antivirus?view=o365-worldwide

Have you tried a rootkit scanner? - https://www.sophos.com/en-us/products/free-tools/sophos-anti-rootkit.aspx

To access the BIOS From Windows 10 - Look Here - https://recoverit.wondershare.com/computer-problems/fix-cant-enter-bios-in-windows-10.html
 
Last edited:

Fanboi

Active Member
Credits
3,488
Not reading the whole thread (TL;DR), so I skimmed it,but here's some things I picked up (sorry if they were answered already). Anyway, incoming wall of text (I'll put it in spoiler tags to keep it neat)...

PRELUDE
Read this to the end before sarting the process... Honestly, I think you should just reinstall your system (with something other than a *buntu), so it makes no sense to repair/reinstall GRUB. So, from the grounds up, let's do a new start (if you could kill Windows for good as well, that'd be great).

BIOS
You shouldn't be "unable" to access your BIOS, and if you really cannot from the post screen, it has nothing to do with GRUB or any other bootloader. Maybe your board's firmware was corrupted, though I have only seen proof of concept videos, I've never come across it IRL.
Regardless, flashing your BIOS/UEFI firmware will fix the problem, give you access to the BIOS again, and you should keep your board up to date with the latest firmware.
So, use another PC to download the latest firmware from the manufacturer's website and place it on a FAT32 formatted USB stick. Disconnect any SSDs/HDDs. On the back I/O panel of your PC should be a "special" USB port with a flash button nearby. Power off, plug the stick in, hold the flash button down while powering on and wait until an LED indicator comes on. The leave it alone. Do not remove the flashstick or interrupt the power. If you interfere with this process, you may brick you board. Do not do anything to it when it reboots because it may do this a few times (mine did it thrice last update). Just wait until it posts normally.
Once it can post normally, unplug the BIOS update flashstick and plug in the flashstick with your Linux distro on it (if you don't have it because you only had one flshdrive, use another PC write any Linux OS image to it). Then enter the BIOS and set your boot priority to the flashstick that has the Linux OS on it.

BOOTLOADER
So far as the bootloader goes, many boards' firmware saves the location of the EFIs, and panics when it can't find them (my laptop does this). You can manually set the device and location to search, but it's pointless because we're redoing everything. Just delete all EFI entries in your motherboard's list and, again, ensure to set the boot order to prioritise the bootable flashdrive.
Pointless note for future reference:
To repair GRUB (should you have bootloader issues in the future):
Do so by running "grub-install <device>" as root from your liveCD/liveUSB (find the <device> with lsblk).


RECONNECT SSDS & HDDS AND/OR BACKUP
You can now power off and reconnect storage devices. Now, before going further, it goes without saying that you've (or you'll) backed up important data/settings on an external device, not your OS HDD/SDD or a partition on it.
At this point, you get to wipe your OS drive completely because you'll be reinstalling things from scratch. If you need Windows, you should probably re-install it first. Then get back to installing a better Linux OS.

THE OS
Personally, I would just forget about Kubuntu or any *buntu, time for OS shopping:
Linux Mint: Based on Ubuntu, it is somehow way less buggy, more professional, and IMO more user-friendly. It's very good (9/10) at hardware detection. Do not confuse this with LMDE, Linux Mint Debian Edition. We'll get to Debian. Mint is generally my first choice for professional clients and I haven't had a complaint to date. Installation is just a few clicks. Simplicity, but less choice than, say, Debian.
Debian: Well, Debian come in branches, but because it aims to be stable, we'll focus on the "stable" branch. Debian is a rock solid OS. It is almost impossible to break. It is my recommendation even for servers. But there are two prices to pay. The first is that software is sometimes outdated to keep it stable and the second is Debian strives to provide a "free as in libre" system. Consequences are that it is not optimized for gaming and has slightly less OTB hardware support. The latter can be overcome by using backports and the repo for proprietary software/drivers. Choosing the netinstall image allows you to download components as it installs, so the base image is tiny. The "firmware" so-called unofficial flavour provides proprietary drivers and has good (8/10) hardware detection. Offers quite a lot of preconfigured DEs, like GNOME 3, KDE, XFCE, LXDE/QT which you'll be prompted for during install.
Manjaro: Yes, this is Arch-based, but it is not as "difficult" (Arch is easier than it seems) and it is miles more stable. Your case sounds like it could use Manjaro. It needs some cosmetic surgery after install, but it is a very good OS for ex-Windows users (despite the things spouted by Ubuntu fans). The hardware detection is excellent (10/10) and the install is super simple and very user-centric to the point it tells you to choose (where available) between OSS and proprietary drivers for hardware found. It bosts tons of software because of the Arch roots, is very up-to-date, and despite being a rolling release, is reasonably stable.
Whichever you choose, you'll need to write the image to a flashdrive/optical disk. You can boot live if you still have your Kubuntu stick and dd the OS to the flashdrive you used for the BIOS update. If they are the same, use another PC and download your OS of choice and write it to the USB flashdrive.
You can then boot the PC and install your distro!

MISC
First, I don't think you were "hacked". That's usually target-specific and only takes place if you're a big shot celeb, billionaire, or political figure. You may have gotten malware, but TBH, I think someone just derped something badly. To be safe, just stay in Linux and look through all your backed up data and delete anything vaguely suspect. Any malware that damaged you should theoretically be gone now, but be cautioned about running executables in Windows or Windows period.

About wireless network hotspots and wireless devices not turning off: That's Ubuntu's shitty Network Manager erroneously trying to connect to anything. In today's world, there are at least 5 - 10 wireless networks in range at any given time wherever you go unless you make it to Tibet...No, they probably got WiFi, too. Like your WLAN adaptor, your BT adaptor will likely misbehave as well under Ubuntu. There's probably a correct setting, but I wouldn't know because I manage my networks manually via the "interfaces" file ( /etc/network/interfaces, usually) and Ubuntu seems to ignore this, just as it ignores any CLI attempts to override its systems. This is why I like Debian: it is simple and there's nothing I can't do 10x easier in the CLI. This will not be an issue in Debian and has never been so for any PC I've used Manjaro or Mint on either.

About Drivers: Firstly, Realtek are pretty much de facto for board components and supposed to be supported OTB. I've had some issues with Debian when it comes to very new hardware because Debian focuses on stability (the "stable" branch) of the software and systems with everything in that branch of their repos for each generation/iteration. OTOH, I'm 100% sure that Manjaro will support everything OTB and about 95% sure Linux Mint will. Try running Manjaro live.

About the ISO on the USB stick: Can't you borrow someone's Mac? Or a Linux/BSD/other *nix machine? It's a lot easier to run dd than mess with a GUI. For dd, "dd if=your/flashdrive/not/a/partition/on/it of=your/iso/file bs=4096" (you can use 8192, but if you're unsure use 4096 which is the "sweet spot" for flashdrives of 4 to 64 GB apparently, I cannot confirm nor deny this).

I hope this helps you fix everything the simple and easy way. Attacking each problem and plugging a leak here while there's another there isn't worth the time/effort. In that situation, a complete clean start is optimal.
 

AntrygWindrose

New Member
Credits
161
Block at first sight only uses the cloud protection back-end for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud back-end to determine if the file is a previously undetected file.
If the cloud back-end is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs more analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or not a threat.
Have a look here - https://docs.microsoft.com/en-us/mi...rosoft-defender-antivirus?view=o365-worldwide

Have you tried a rootkit scanner? - https://www.sophos.com/en-us/products/free-tools/sophos-anti-rootkit.aspx

To access the BIOS From Windows 10 - Look Here - https://recoverit.wondershare.com/computer-problems/fix-cant-enter-bios-in-windows-10.html
Well that explains why and how it reinstalled.

Still though I have to wonder why the install file used Linux terminology. I thought arch and grub and elf magic were specific to Linux.

I meant to ask about the rootkit because something using either rootkt or rtkit flashes up as a process for a few seconds then leaves. It also either changes PID numbers or impersonates them. Surely its not named rootkit.

I had a password on the BIOS but I will check out the info. I will also do rootkit scanner.
Not reading the whole thread (TL;DR), so I skimmed it,but here's some things I picked up (sorry if they were answered already). Anyway, incoming wall of text (I'll put it in spoiler tags to keep it neat)...

PRELUDE
Read this to the end before sarting the process... Honestly, I think you should just reinstall your system (with something other than a *buntu), so it makes no sense to repair/reinstall GRUB. So, from the grounds up, let's do a new start (if you could kill Windows for good as well, that'd be great).

BIOS
You shouldn't be "unable" to access your BIOS, and if you really cannot from the post screen, it has nothing to do with GRUB or any other bootloader. Maybe your board's firmware was corrupted, though I have only seen proof of concept videos, I've never come across it IRL.
Regardless, flashing your BIOS/UEFI firmware will fix the problem, give you access to the BIOS again, and you should keep your board up to date with the latest firmware.
So, use another PC to download the latest firmware from the manufacturer's website and place it on a FAT32 formatted USB stick. Disconnect any SSDs/HDDs. On the back I/O panel of your PC should be a "special" USB port with a flash button nearby. Power off, plug the stick in, hold the flash button down while powering on and wait until an LED indicator comes on. The leave it alone. Do not remove the flashstick or interrupt the power. If you interfere with this process, you may brick you board. Do not do anything to it when it reboots because it may do this a few times (mine did it thrice last update). Just wait until it posts normally.
Once it can post normally, unplug the BIOS update flashstick and plug in the flashstick with your Linux distro on it (if you don't have it because you only had one flshdrive, use another PC write any Linux OS image to it). Then enter the BIOS and set your boot priority to the flashstick that has the Linux OS on it.

BOOTLOADER
So far as the bootloader goes, many boards' firmware saves the location of the EFIs, and panics when it can't find them (my laptop does this). You can manually set the device and location to search, but it's pointless because we're redoing everything. Just delete all EFI entries in your motherboard's list and, again, ensure to set the boot order to prioritise the bootable flashdrive.
Pointless note for future reference:
To repair GRUB (should you have bootloader issues in the future):
Do so by running "grub-install <device>" as root from your liveCD/liveUSB (find the <device> with lsblk).


RECONNECT SSDS & HDDS AND/OR BACKUP
You can now power off and reconnect storage devices. Now, before going further, it goes without saying that you've (or you'll) backed up important data/settings on an external device, not your OS HDD/SDD or a partition on it.
At this point, you get to wipe your OS drive completely because you'll be reinstalling things from scratch. If you need Windows, you should probably re-install it first. Then get back to installing a better Linux OS.

THE OS
Personally, I would just forget about Kubuntu or any *buntu, time for OS shopping:
Linux Mint: Based on Ubuntu, it is somehow way less buggy, more professional, and IMO more user-friendly. It's very good (9/10) at hardware detection. Do not confuse this with LMDE, Linux Mint Debian Edition. We'll get to Debian. Mint is generally my first choice for professional clients and I haven't had a complaint to date. Installation is just a few clicks. Simplicity, but less choice than, say, Debian.
Debian: Well, Debian come in branches, but because it aims to be stable, we'll focus on the "stable" branch. Debian is a rock solid OS. It is almost impossible to break. It is my recommendation even for servers. But there are two prices to pay. The first is that software is sometimes outdated to keep it stable and the second is Debian strives to provide a "free as in libre" system. Consequences are that it is not optimized for gaming and has slightly less OTB hardware support. The latter can be overcome by using backports and the repo for proprietary software/drivers. Choosing the netinstall image allows you to download components as it installs, so the base image is tiny. The "firmware" so-called unofficial flavour provides proprietary drivers and has good (8/10) hardware detection. Offers quite a lot of preconfigured DEs, like GNOME 3, KDE, XFCE, LXDE/QT which you'll be prompted for during install.
Manjaro: Yes, this is Arch-based, but it is not as "difficult" (Arch is easier than it seems) and it is miles more stable. Your case sounds like it could use Manjaro. It needs some cosmetic surgery after install, but it is a very good OS for ex-Windows users (despite the things spouted by Ubuntu fans). The hardware detection is excellent (10/10) and the install is super simple and very user-centric to the point it tells you to choose (where available) between OSS and proprietary drivers for hardware found. It bosts tons of software because of the Arch roots, is very up-to-date, and despite being a rolling release, is reasonably stable.
Whichever you choose, you'll need to write the image to a flashdrive/optical disk. You can boot live if you still have your Kubuntu stick and dd the OS to the flashdrive you used for the BIOS update. If they are the same, use another PC and download your OS of choice and write it to the USB flashdrive.
You can then boot the PC and install your distro!

MISC
First, I don't think you were "hacked". That's usually target-specific and only takes place if you're a big shot celeb, billionaire, or political figure. You may have gotten malware, but TBH, I think someone just derped something badly. To be safe, just stay in Linux and look through all your backed up data and delete anything vaguely suspect. Any malware that damaged you should theoretically be gone now, but be cautioned about running executables in Windows or Windows period.

About wireless network hotspots and wireless devices not turning off: That's Ubuntu's shitty Network Manager erroneously trying to connect to anything. In today's world, there are at least 5 - 10 wireless networks in range at any given time wherever you go unless you make it to Tibet...No, they probably got WiFi, too. Like your WLAN adaptor, your BT adaptor will likely misbehave as well under Ubuntu. There's probably a correct setting, but I wouldn't know because I manage my networks manually via the "interfaces" file ( /etc/network/interfaces, usually) and Ubuntu seems to ignore this, just as it ignores any CLI attempts to override its systems. This is why I like Debian: it is simple and there's nothing I can't do 10x easier in the CLI. This will not be an issue in Debian and has never been so for any PC I've used Manjaro or Mint on either.

About Drivers: Firstly, Realtek are pretty much de facto for board components and supposed to be supported OTB. I've had some issues with Debian when it comes to very new hardware because Debian focuses on stability (the "stable" branch) of the software and systems with everything in that branch of their repos for each generation/iteration. OTOH, I'm 100% sure that Manjaro will support everything OTB and about 95% sure Linux Mint will. Try running Manjaro live.

About the ISO on the USB stick: Can't you borrow someone's Mac? Or a Linux/BSD/other *nix machine? It's a lot easier to run dd than mess with a GUI. For dd, "dd if=your/flashdrive/not/a/partition/on/it of=your/iso/file bs=4096" (you can use 8192, but if you're unsure use 4096 which is the "sweet spot" for flashdrives of 4 to 64 GB apparently, I cannot confirm nor deny this).

I hope this helps you fix everything the simple and easy way. Attacking each problem and plugging a leak here while there's another there isn't worth the time/effort. In that situation, a complete clean start is optimal.
[/QUOTE
Not reading the whole thread (TL;DR), so I skimmed it,but here's some things I picked up (sorry if they were answered already). Anyway, incoming wall of text (I'll put it in spoiler tags to keep it neat)...

PRELUDE
Read this to the end before sarting the process... Honestly, I think you should just reinstall your system (with something other than a *buntu), so it makes no sense to repair/reinstall GRUB. So, from the grounds up, let's do a new start (if you could kill Windows for good as well, that'd be great).

BIOS
You shouldn't be "unable" to access your BIOS, and if you really cannot from the post screen, it has nothing to do with GRUB or any other bootloader. Maybe your board's firmware was corrupted, though I have only seen proof of concept videos, I've never come across it IRL.
Regardless, flashing your BIOS/UEFI firmware will fix the problem, give you access to the BIOS again, and you should keep your board up to date with the latest firmware.
So, use another PC to download the latest firmware from the manufacturer's website and place it on a FAT32 formatted USB stick. Disconnect any SSDs/HDDs. On the back I/O panel of your PC should be a "special" USB port with a flash button nearby. Power off, plug the stick in, hold the flash button down while powering on and wait until an LED indicator comes on. The leave it alone. Do not remove the flashstick or interrupt the power. If you interfere with this process, you may brick you board. Do not do anything to it when it reboots because it may do this a few times (mine did it thrice last update). Just wait until it posts normally.
Once it can post normally, unplug the BIOS update flashstick and plug in the flashstick with your Linux distro on it (if you don't have it because you only had one flshdrive, use another PC write any Linux OS image to it). Then enter the BIOS and set your boot priority to the flashstick that has the Linux OS on it.

BOOTLOADER
So far as the bootloader goes, many boards' firmware saves the location of the EFIs, and panics when it can't find them (my laptop does this). You can manually set the device and location to search, but it's pointless because we're redoing everything. Just delete all EFI entries in your motherboard's list and, again, ensure to set the boot order to prioritise the bootable flashdrive.
Pointless note for future reference:
To repair GRUB (should you have bootloader issues in the future):
Do so by running "grub-install <device>" as root from your liveCD/liveUSB (find the <device> with lsblk).


RECONNECT SSDS & HDDS AND/OR BACKUP
You can now power off and reconnect storage devices. Now, before going further, it goes without saying that you've (or you'll) backed up important data/settings on an external device, not your OS HDD/SDD or a partition on it.
At this point, you get to wipe your OS drive completely because you'll be reinstalling things from scratch. If you need Windows, you should probably re-install it first. Then get back to installing a better Linux OS.

THE OS
Personally, I would just forget about Kubuntu or any *buntu, time for OS shopping:
Linux Mint: Based on Ubuntu, it is somehow way less buggy, more professional, and IMO more user-friendly. It's very good (9/10) at hardware detection. Do not confuse this with LMDE, Linux Mint Debian Edition. We'll get to Debian. Mint is generally my first choice for professional clients and I haven't had a complaint to date. Installation is just a few clicks. Simplicity, but less choice than, say, Debian.
Debian: Well, Debian come in branches, but because it aims to be stable, we'll focus on the "stable" branch. Debian is a rock solid OS. It is almost impossible to break. It is my recommendation even for servers. But there are two prices to pay. The first is that software is sometimes outdated to keep it stable and the second is Debian strives to provide a "free as in libre" system. Consequences are that it is not optimized for gaming and has slightly less OTB hardware support. The latter can be overcome by using backports and the repo for proprietary software/drivers. Choosing the netinstall image allows you to download components as it installs, so the base image is tiny. The "firmware" so-called unofficial flavour provides proprietary drivers and has good (8/10) hardware detection. Offers quite a lot of preconfigured DEs, like GNOME 3, KDE, XFCE, LXDE/QT which you'll be prompted for during install.
Manjaro: Yes, this is Arch-based, but it is not as "difficult" (Arch is easier than it seems) and it is miles more stable. Your case sounds like it could use Manjaro. It needs some cosmetic surgery after install, but it is a very good OS for ex-Windows users (despite the things spouted by Ubuntu fans). The hardware detection is excellent (10/10) and the install is super simple and very user-centric to the point it tells you to choose (where available) between OSS and proprietary drivers for hardware found. It bosts tons of software because of the Arch roots, is very up-to-date, and despite being a rolling release, is reasonably stable.
Whichever you choose, you'll need to write the image to a flashdrive/optical disk. You can boot live if you still have your Kubuntu stick and dd the OS to the flashdrive you used for the BIOS update. If they are the same, use another PC and download your OS of choice and write it to the USB flashdrive.
You can then boot the PC and install your distro!

MISC
First, I don't think you were "hacked". That's usually target-specific and only takes place if you're a big shot celeb, billionaire, or political figure. You may have gotten malware, but TBH, I think someone just derped something badly. To be safe, just stay in Linux and look through all your backed up data and delete anything vaguely suspect. Any malware that damaged you should theoretically be gone now, but be cautioned about running executables in Windows or Windows period.

About wireless network hotspots and wireless devices not turning off: That's Ubuntu's shitty Network Manager erroneously trying to connect to anything. In today's world, there are at least 5 - 10 wireless networks in range at any given time wherever you go unless you make it to Tibet...No, they probably got WiFi, too. Like your WLAN adaptor, your BT adaptor will likely misbehave as well under Ubuntu. There's probably a correct setting, but I wouldn't know because I manage my networks manually via the "interfaces" file ( /etc/network/interfaces, usually) and Ubuntu seems to ignore this, just as it ignores any CLI attempts to override its systems. This is why I like Debian: it is simple and there's nothing I can't do 10x easier in the CLI. This will not be an issue in Debian and has never been so for any PC I've used Manjaro or Mint on either.

About Drivers: Firstly, Realtek are pretty much de facto for board components and supposed to be supported OTB. I've had some issues with Debian when it comes to very new hardware because Debian focuses on stability (the "stable" branch) of the software and systems with everything in that branch of their repos for each generation/iteration. OTOH, I'm 100% sure that Manjaro will support everything OTB and about 95% sure Linux Mint will. Try running Manjaro live.

About the ISO on the USB stick: Can't you borrow someone's Mac? Or a Linux/BSD/other *nix machine? It's a lot easier to run dd than mess with a GUI. For dd, "dd if=your/flashdrive/not/a/partition/on/it of=your/iso/file bs=4096" (you can use 8192, but if you're unsure use 4096 which is the "sweet spot" for flashdrives of 4 to 64 GB apparently, I cannot confirm nor deny this).

I hope this helps you fix everything the simple and easy way. Attacking each problem and plugging a leak here while there's another there isn't worth the time/effort. In that situation, a complete clean start is optimal.
I am going to do another total wipe and update the bios as suggested. Even though I have done this before I had never unplugged the ssd before doing so and I also have never seen a button near any special port unless you mean the usb 3.1 and it has 2 tiny lit indentations 1 which is on constantly and the other flashes. I do have a few other questions besides the buttons however.

Machine: HP-15dy1031wm , Intel Ice lake i3 1005G1 processor, SK hynix BC511 HFM256GDJTNI-82A0A SSD, RTL8821CE 802.11ac PCIe Wireless Network Adapter, 12GB memory

1, Will doing the bios as suggested completely remove Windows from the system?
2. Do the bios update and reinstall downloads absolutely have to be done on a pure linux machine?
3. Do I need to download the bios from somewhere besides hp support since windows came with the machine?
4. Best place for safe linux os downloads?
5. Since the ssd is guid partitioned do I need to mess with new tables or types?
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!


Latest posts

Top