MX Linux Forum

Posted: **Fri Jul 04, 2025 4:20 pm**

I think my MX system might be infected by a virus, or some sort malware.
Sometimes conky displays a unusually large amount of amount of network activity. (wlan0 down)
Firefox is closed and I am not updating my system.
I have one problem and four questions.
Qustion 1: I am quite sure an application exists that can tell me what program is using this
unusually large amount of bandwidth.(What would be the name of this program?)
Problem: Chroot Rescue Scan does not find the ext4 partition MX is installed on.
Qustion 2: I'm pretty sure that it should be possible to run Chroot from a terminal window and
tell (force / specify) it which partition(s) to scan. What is the correct syntax to perform this task?
Qustion 3: I am using clamav to check for virus / malware. (Nothing so far...)
Dos anyone know of another virus scanning application for linux.
Not really sure if it's good idea to install 2 antivirus applications on the same system.
I don't really want to perform a fresh install of MX.
How close are we to brand new version of MX
Thank you one and all in advance for any advice and suggestions.
I think my MX system might be infected by a virus, or some sort malware.
Sometimes conky displays a unusually large amount of amount of network activety. (wlan0 down)
Firefox is closed and I am not updating my system.
I have one problem and three questions.
Qustion 1: I am quite sure an application exists that can tell me what program issuing this
unusually large amount of bandwidth.(What would be the name of this program?)
Problem: Chroot Rescue Scan does not find the ext4 partition MX is installed on.
Qustion 2: I'm pretty sure that it sould be possible to run Chroot from a terminal window and
tell (force / specify) it which partition(s) to scan. What is the correct syntax to perform this task?
Qustion 3: I am using clamav to check for virus / malware. (Nothing so far...)
Dos anyone know of another virus scanning application for Linux?
Not really sure if it's good idea to install 2 antivirus applications on the same system.
I don't really want to perform a fresh install of MX.
Question 4: How close are we to brand new version of MX?

Code: Select all

System:
  Kernel: 6.4.0-1mx-ahs-amd64 [6.4.4-1~mx23+1] arch: x86_64 bits: 64 compiler: gcc v: 12.2.0
    parameters: BOOT_IMAGE=/boot/vmlinuz-6.4.0-1mx-ahs-amd64 root=UUID=<filter> ro quiet splash
    init=/lib/systemd/systemd
  Desktop: Xfce v: 4.20.0 tk: Gtk v: 3.24.38 info: xfce4-panel wm: xfwm v: 4.20.0 vt: 7
    dm: LightDM v: 1.32.0 Distro: MX-23.6_ahs_x64 Libretto July 31  2023 base: Debian GNU/Linux 12
    (bookworm)
Machine:
  Type: Laptop System: HP product: ���������������������������������������� v: Type1ProductConfigId
    serial: <superuser required> Chassis: type: 10 serial: <superuser required>
  Mobo: HP model: 81F5 v: 66.43 serial: <superuser required> UEFI-[Legacy]: Insyde v: F.32
    date: 04/11/2018
Battery:
  ID-1: BAT1 charge: 11.7 Wh (91.4%) condition: 12.8/12.8 Wh (100.0%) volts: 12.0 min: 10.9
    model: 131-22-6E HS03031 type: Unknown serial: <filter> status: not charging
CPU:
  Info: model: AMD A8-7410 APU with AMD Radeon R5 Graphics bits: 64 type: MCP arch: Puma level: v2
    built: 2014-15 process: GF 28nm family: 0x16 (22) model-id: 0x30 (48) stepping: 1
    microcode: 0x7030106
  Topology: cpus: 1x cores: 4 smt: <unsupported> cache: L1: 256 KiB desc: d-4x32 KiB; i-4x32 KiB
    L2: 2 MiB desc: 1x2 MiB
  Speed (MHz): avg: 1495 high: 1729 min/max: 1000/2200 boost: disabled scaling:
    driver: acpi-cpufreq governor: ondemand cores: 1: 1111 2: 1622 3: 1520 4: 1729 bogomips: 17568
  Flags: avx ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm
  Vulnerabilities:
  Type: itlb_multihit status: Not affected
  Type: l1tf status: Not affected
  Type: mds status: Not affected
  Type: meltdown status: Not affected
  Type: mmio_stale_data status: Not affected
  Type: retbleed mitigation: untrained return thunk; SMT disabled
  Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl
  Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
  Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP: disabled, RSB filling,
    PBRSB-eIBRS: Not affected
  Type: srbds status: Not affected
  Type: tsx_async_abort status: Not affected
Graphics:
  Device-1: AMD Mullins [Radeon R4/R5 Graphics] vendor: Hewlett-Packard driver: radeon v: kernel
    alternate: amdgpu arch: GCN-2 code: Sea Islands process: GF/TSMC 16-28nm built: 2013-17 ports:
    active: HDMI-A-1,eDP-1 empty: none bus-ID: 00:01.0 chip-ID: 1002:9851 class-ID: 0300
  Device-2: Chicony HP TrueVision HD type: USB driver: uvcvideo bus-ID: 2-1.1:3
    chip-ID: 04f2:b56c class-ID: 0e02 serial: <filter>
  Display: x11 server: X.Org v: 1.21.1.7 compositor: xfwm v: 4.20.0 driver: X: loaded: radeon
    unloaded: fbdev,modesetting,vesa dri: radeonsi gpu: radeon display-ID: :0.0 screens: 1
  Screen-1: 0 s-res: 2966x900 s-dpi: 96 s-size: 785x239mm (30.91x9.41") s-diag: 821mm (32.31")
  Monitor-1: HDMI-A-1 mapped: HDMI-0 pos: right model: Acer G205HL serial: <filter> built: 2011
    res: 1600x900 hz: 60 dpi: 92 gamma: 1.2 size: 440x250mm (17.32x9.84") diag: 506mm (19.9")
    ratio: 16:9 modes: max: 1600x900 min: 720x400
  Monitor-2: eDP-1 mapped: eDP pos: primary,left model: AU Optronics 0x10ec built: 2014
    res: 1366x768 hz: 60 dpi: 101 gamma: 1.2 size: 344x193mm (13.54x7.6") diag: 394mm (15.5")
    ratio: 16:9 modes: max: 1366x768 min: 640x480
  API: OpenGL v: 4.5 Mesa 24.2.8-1mx23ahs renderer: KABINI (radeonsi LLVM 15.0.6 DRM 2.50
    6.4.0-1mx-ahs-amd64) direct-render: Yes
Audio:
  Device-1: AMD Kabini HDMI/DP Audio vendor: Hewlett-Packard driver: snd_hda_intel v: kernel
    bus-ID: 00:01.1 chip-ID: 1002:9840 class-ID: 0403
  Device-2: AMD FCH Azalia vendor: Hewlett-Packard driver: snd_hda_intel v: kernel
    bus-ID: 00:14.2 chip-ID: 1022:780d class-ID: 0403
  API: ALSA v: k6.4.0-1mx-ahs-amd64 status: kernel-api tools: alsamixer,amixer
  Server-1: PipeWire v: 1.0.0 status: active with: 1: pipewire-pulse status: active
    2: wireplumber status: active 3: pipewire-alsa type: plugin 4: pw-jack type: plugin
    tools: pactl,pw-cat,pw-cli,wpctl
Network:
  Device-1: Realtek RTL8188EE Wireless Network Adapter vendor: Hewlett-Packard driver: rtl8188ee
    v: kernel modules: wl pcie: gen: 1 speed: 2.5 GT/s lanes: 1 port: 3000 bus-ID: 02:00.0
    chip-ID: 10ec:8179 class-ID: 0280
  IF: wlan0 state: up mac: <filter>
  Device-2: Realtek RTL810xE PCI Express Fast Ethernet vendor: Hewlett-Packard driver: r8169
    v: kernel pcie: gen: 1 speed: 2.5 GT/s lanes: 1 port: 2000 bus-ID: 03:00.0 chip-ID: 10ec:8136
    class-ID: 0200
  IF: eth0 state: down mac: <filter>
Drives:
  Local Storage: total: 931.51 GiB used: 54.11 GiB (5.8%)
  SMART Message: Unable to run smartctl. Root privileges required.
  ID-1: /dev/sda maj-min: 8:0 vendor: HGST (Hitachi) model: HTS541010A9E680 size: 931.51 GiB
    block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 5400 serial: <filter>
    rev: A7L0 scheme: GPT
Partition:
  ID-1: / raw-size: 44.92 GiB size: 43.92 GiB (97.76%) used: 11.28 GiB (25.7%) fs: ext4
    dev: /dev/sda8 maj-min: 8:8
  ID-2: /home raw-size: 75.2 GiB size: 73.46 GiB (97.70%) used: 14.9 GiB (20.3%) fs: ext4
    dev: /dev/sda6 maj-min: 8:6
Swap:
  Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
  ID-1: swap-1 type: partition size: 12.06 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sda5
    maj-min: 8:5
Sensors:
  System Temperatures: cpu: 80.5 C mobo: N/A gpu: radeon temp: 76.0 C
  Fan Speeds (RPM): N/A
Repos:
  Packages: pm: dpkg pkgs: 2406 libs: 1200 tools: apt,apt-get,aptitude,nala,synaptic pm: rpm
    pkgs: 0 pm: flatpak pkgs: 0
  No active apt repos in: /etc/apt/sources.list
  Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
    1: deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
  Active apt repos in: /etc/apt/sources.list.d/debian.list
    1: deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
    2: deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
  Active apt repos in: /etc/apt/sources.list.d/google-chrome.list
    1: deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main
  Active apt repos in: /etc/apt/sources.list.d/mx.list
    1: deb http://mirror.umd.edu/mxlinux/mx/repo/ bookworm main non-free
    2: deb http://mirror.umd.edu/mxlinux/mx/repo/ bookworm ahs
  Active apt repos in: /etc/apt/sources.list.d/protonvpn-stable.sources
    1: deb https://repo.protonvpn.com/debian stable main
Info:
  Processes: 239 Uptime: 6d 10h 40m wakeups: 1 Memory: 6.73 GiB used: 2.79 GiB (41.4%)
  Init: systemd v: 252 target: graphical (5) default: graphical tool: systemctl Compilers:
  gcc: 12.2.0 alt: 12 Client: shell wrapper v: 5.2.15-release inxi: 3.3.26
Boot Mode: BIOS (legacy, CSM, MBR)

[/CODE]

Outlaw
"It has been my experience that folks who have no vices have very few virtues." --Abraham Lincoln

Posted: **Fri Jul 04, 2025 4:45 pm**

I like opensnitch. It blocks network connections by default, but a dialog window pops up when something wants to connect. It's in the Debian repos. Don't forget to install the GUI as well.

Posted: **Fri Jul 04, 2025 4:47 pm**

outlaw wrote:Question 4: How close are we to brand new version of MX?

The MX 23.6 snapshot was created on June 15th 2025. Snapshots include all upgrades & subsequent bug fixes. This greatly reduces the time spent in and updating bandwidth usage during an installation.

https://sourceforge.net/projects/mx-linux/files/Snapshots/

Posted: **Fri Jul 04, 2025 5:08 pm**

1) Run task manager to find out what is using the most bandwidth.
2) run man chroot for correct terminal syntax.
3) clamav needs clamtk for access and set up.
4) MX Linux 25 is anticipated sometime in 2025, but specific dates are not confirmed.

Posted: **Fri Jul 04, 2025 5:58 pm**

Code: Select all

System Temperatures: cpu: 80.5 C mobo: N/A gpu: radeon temp: 76.0

This is way too high. Allowing your CPU to overheat can cause erratic behaviour. You need, at the very least, to open the case and remove any dust build up (dust is an insulator) from the interior and the heatsink's radiator fins. Your CPU was released in 2015:
https://www.cpu-world.com/CPUs/Puma/AMD ... e_vignette
so your laptop is ten years old. Very likely the thermal paste between the CPU and the heatsink has been reduced to dust by now, so you should be prepared to replace it,

Posted: **Fri Jul 04, 2025 7:20 pm**

Shot in the Dark. Nothing really specified as to who what where an a possible why.
sounds like a little networking forensics - but one can only toss out some command line syntax in hopes you may in turn take these and research and must say being a cmdline junkie
my own approach would be in question the question.
Do you have more than one account. a family system where by others in house may sign into your system via various methods.
if Wifi is down - do you also have a Wired eth0 cabled link to your router / switch to your isp
some cmdline savvy can help to provide some , Hints Tips and Queues.
Some tools are necessary to also install possibly depending on your extent of cmdline keyboard ability. I can toss you some. one direct you ask? You would be to research some of the " lsof " command man lsof and try some syntax features.
let alone --- man command OR command --help # This will share syntax let alone how good the man and help are written may share examples. eg: lsof --help

another would be also to kill off Firefox if you think its running in a background process and someone else is commanding its use. so I'll list some in the well anything goes feature to post.

Suggestion to install "opensnitch" this is nice port monitor for anything requesting and open line or Port Out bound and alerts you immediately and that covers both TCP and UDP - so 0-65535 and 0-65535 lots of channels - anyone can hide an app
This will be fair bit and only scratches a little for forensic working tcpdump and fair many other tools are available. this will keep you busy possibly for a year researching and practicing but worthy for an attempt to start one on a different journey under the hood of linux. / *NIX
WARNING: script kiddies and this time of life "cyber attack" are all the very high. DO NOT answer any phone call you do not know of - do not answer to nor click to open any "EMAILS" you do not know the originator.
Script kiddies and hackers have the ability to bind scripts within their post to you to engage or ignite code when you click "Open" email so be for warned.

one other very important point "VNC " this is a remote control program one can run your keyboard from any where in the world as if they are sitting in your chair. (opendesk and others) At your Keyboard and can do it whilst also you un-aware they are in your machine. This list of cmdline I'm sharing may provide
such info to see if they are. Oh there are methods to drop just a single port. Sugg browse search Drop a single port in linux as example to search.. Linux provides so many various methods to kill a cat, wok your dog and show you magic all at the same multi-function time.
if you find a process that you did not open and see to by familiarizing these commands you can kill the process sudo kill -9 #pid this is achieved see below ps -ef
hope this helps and the many view. simply touches a few things you could learn to know.

It does not at all teach anything about hacking. So I'm safe your safe we learn to be safe. Try these and practice to see what they offer you and your listings of questions.
ps: the example to kill just foxit is Foxit PDF reader foxit can be replaced by any process name you find.

Code: Select all

  
ip -c a
ps -ef | grep "firefox" 
sudo kill -9 $(ps -ax | awk '/foxit/ { print $1 }')   # this will drop kill off firefox fairly gentle     sudo kill -9 pid#  does the same. 
netstat -an | grep  -e "established"                   # this might require sudo apt install net-tools -y
ss -s
ss -u -a
ss -t -a
ss -tulpe
sudo ss -t4 state established                            # may remove -t4  to just -t      " man  ss "
lsof -i :80  | grep LISTEN                                  # can chg grep to   grep -i listen this will cover case upper lower so better cmdline   80 is http port so have some of these share ports your not familiar with - replace 80 with anything else.  5900 0r 5800  as example both these are used for common VNC
lsof -i :portnumber
lsof -i tcp:portnumber
lsof -i udp:portnumber 
##freaky chicken cmd:  Link Stats  mite share better view 
ip -s link ls eth0                   #  link stats per Rx/Tx
ip -s -c link ls eth0              
ip -d -c link ls wlan0 / eth0  #copy from my notes chg eth0 with wlan0 vis-vs shown. one or the other. ?
 # old trusty  requires          #  sudo apt install net-tools -y    
ifconfig eth0 / wlan0            #  here see the Tx and Rx counters up arrow key repeats the same cmdln so repeat of it will show counters increment
last                                      # this will show by IPaddress who is accessing your system - not /var/log/wtmp and /var/log/utmp must be present for this to show information pertinent to cause. 
w
who 
whoami
nc                                       # net cat  man nc         - might need to be installed.    
htop   (top)                         # this will show usually all high process at the top of the display H will get you help to a plethora of feature. 

PS: check  /var/tmp  for unknown activity  script kiddies like to play out from here if by chance someone gained access to your system via email trickery.  and this just scratches the sniff. 
hardening linux  has a volumes catagory of many things you can do to protect yourself and some are not that hard to accomplish.  Good luck.

Posted: **Fri Jul 04, 2025 7:44 pm**

Some useful utilities to check out:

Show processes and their network utilization
- nethogs
- tcptrack

Show Processes, cpu, network, more
- system-monitoring-center Excellent gui tool, unfortunately it is no longer maintained. But, still working at this time!
- htop extremely useful. you can sort by process, bandwidth, etc.

For antivirus / malware the options are limited !
- ClamAV
- Raspirus ( Although their latest version appears to have broken running on this current debian OS's)
- Eset (although like so many others, they are backing out of the linux market )

Posted: **Sat Jul 05, 2025 10:22 am**

Sorry to have missed a few, A Question further into the meat of issue as to " having Multi - Anti-Virus apps installed " in one world of plenty that could be true depending on how developer's check their code against detecting any Mal-Practice against common OS alteration. Hence "Mal-warez" virus etc. Nothing really is immutable to the devious but
in Linux unless you venture to the also similar "Commercial product" "This might be a thought and possible detect the detector for detection of something in need for detection.
Rest assure this is safer to consider doing on Linux. multi Tools at your finger tips are key and very rich feature of all and any *NIX distro.
So ClamAV is nice. share my cmd syntax lower again. (note it is set and go for dinner come back to see results).

Lynis https://packages.cisofy.com/#package

This is more of a Hardening by default approach as are CIS industrial approach ( this is a deeper advance security level of hardening protocols more for admins ) a Home User can learn from this depending a want too. Many on the surface Hardening and security approach is easy for Browser Search. "Ask a good question" get many good answer.

rkhunter : This is good for checking Root Kits etc. 1.4.6 is latest version old it is yet its tooling for detect is good, needs a little research reading and applying some tweaks.
Chkrootkit : this is another feature quick check can set for auto play as wish.
Watch : this is a built in command app, for process and protocol networking app for simple - Lets just see what is bouncing on the wire etc approach.

Safe as mention - Please try not to fall into any "Social Engineering type Attack" That is as mention "Nothing you Do Not Know its source by" Junk it Sandbox it or simply delete at sight of it. Same with mobile phone scams or he check this or I have dinner arranged. ( anything is a TRAP ) so lil common sense.
Some more "Sharing" For those wish to caring about their system health - 1st are copies from my own ~/.bash_aliases file Bash Aliases are excellent for hot key cmdline speed

Code: Select all


alias rootChk1='sudo /usr/bin/rkhunter --propupd;sudo /usr/bin/rkhunter --update ; sudo /usr/bin/rkhunter --checkall'
alias rootChk2='sudo /usr/bin/rkhunter --check --rwo'
alias rootChk3='sudo /usr/sbin/chkrootkit -x | grep infected'
alias rootChk4='sudo /usr/local/lynis/lynis audit system'
alias rootChk5='clear;tput cup 0 22;echo "Scanning Root-FileSystem";sudo /usr/bin/clamscan -riv /*'       #  ending slash /* can be set too any directory name /home/meHome/*

alias | grep watch
alias Watch1='sudo watch -d -n0 "netstat -atnp | grep -i esta"'
alias Watch2='sudo watch netstat -tulpn'
alias Watch3='watch ss -tulpn'

alias Tdump1='clear;echo "TCP-Dump 24-pkts on EtherNet";sudo tcpdump -A -i wlan0 -c 24 -vv'
alias Tdump1a='clear;echo "TCP-Dump 24-pkts on EtherNet";sudo tcpdump -A -i eth0 -c 24 -vv|tee >> xxxxxxx'
alias Tdump2='clear;echo "TCP-Dump 24-pkts on WiFi";sudo tcpdump -A -i wlan0 -c 24 -vv'
alias tcpChk='echo -e "check tcpChk net.ipv4.tcp_rmem example";read junk;/usr/sbin/sysctl $1'

Shame we lost /dev/tcp command from the distro. This also can / could provide other granular cmdline savvy for viewing checking open ports etc.
tcpdump is another program app to be installed. sudo apt install tcpdump -y Sorry this is out side the code wall. ?

hope this will now provide many with lots of tools worthy to adapt to learning, add to your system tools and ease for hardship to research time. Time is delicate for many So
the share are all open joy, love for the mind soak Linux provides. Even for retire hobby likes. Enjoy. This is the meat and potato features from "Shell Terminal practice ".
old types might consider this " Dos on Steroids " . an then some.

Posted: **Sat Jul 05, 2025 10:24 am**

Code wall? You can post multiple code bits, the same way you did the first one.

Posted: **Sat Jul 05, 2025 10:27 am**

Thx. Least being a Detailed share all hide none. Left to Right a lot of info to absorb.

Remember :

Code: Select all

    man cmd 
man tcptrack   - sudo tcptrack -i eth0

Posted: **Sat Jul 05, 2025 11:50 am**

atomick wrote: Sat Jul 05, 2025 10:22 am
Shame we lost /dev/tcp command from the distro.

Try this

Code: Select all

/proc/net/tcp

Posted: **Sat Jul 05, 2025 12:31 pm**

thank you siamhie : at find of a script and cmdline used "ago" won't say along time ago in a ... but use the cmd fair bit eg:

Code: Select all

   (echo >/dev/tcp/localhost/22) &>/dev/null && echo "TCP port 22 open" || echo "TCP port 22 close"

replacing via

Code: Select all

  (echo >/proc/net/tcp/localhost/22) &>/dev/null && echo "TCP port 22 open" || echo "TCP port 22 close"
Believe I tried this when I ran a  sudo find -xdev -type f -name "tcp" -print   # Time I found /dev/tcp to be moved -yes- results showed /proc/net/"tcp"

As well just for fun tried replace my prev ScanPorts Script and wrapper to run thru various ports and finding the /proc/net/tcp does not function and Results are all the same.
/proc and content is set kernel direct. And the well some things can be changed "echo changed" per next - a quick

cd /proc/net then performing as root user not sudo.

Code: Select all

    file tcp  # result was "Empty" 
ls -lat                  # Also shows all files in this directory are all "Zero (0) byte " in size meaning no value usage. ? 

dr-xr-xr-x  6 root root 0 Jul  5 12:24 stat/
-r--r--r--  1 root root 0 Jul  5 12:24 tcp
-r--r--r--  1 root root 0 Jul  5 12:24 tcp6
-r--r--r--  1 root root 0 Jul  5 12:24 udp
-r--r--r--  1 root root 0 Jul  5 12:24 udp6
-r--r--r--  1 root root 0 Jul  5 12:24 udplite
-r--r--r--  1 root root 0 Jul  5 12:24 udplite6
-r--r--r--  1 root root 0 Jul  5 12:24 unix
                               ^^  - all column  
ls -lat | awk '{print $5}'    # nice column of all 0's

stat directory all files also again zero byte empty ? Both MX-23.6-ahs and virtualbox iso copy of same image. same source
Think I deduced Sorry to have seen /dev/tcp distro removed. and possibly more research to see about a recover or new pkg addition.
I use nmap in place of as another app to install. PS: I use a different ssh port than 22 but the example is easy to relate let alone translate too cmdln syntax shown:

Cheers and thank you.. we all learn Happy July 4th/5th from greater nord d'blanc. (white north).

Posted: **Sat Jul 05, 2025 1:50 pm**

funny pre-examples of /dev/tcp - in retesting and do not know if adding a new app tcpflow
may have helped and the way /proc/net/tcp is similar Directory format and content as /dev
much to my surprise - the command worked in checking my own local host for ssh port "22" as open or closed.

food for thought. Surprises and the many ways Linux helps to skin an issue. Learn something everyday.
yet a great deal of info with hope it inspires more to dig into things learn what is under the hood. cheers.

Posted: **Sat Jul 19, 2025 12:22 pm**

Unfortunately this problem has been resolved ... the laptop has died and is not worth repairing.

Outlaw
"It has been my experience that folks who have no vices have very few virtues." --Abraham Lincol

Posted: **Wed Jul 23, 2025 7:10 am**

outlaw wrote: Sat Jul 19, 2025 12:22 pm Unfortunately this problem has been resolved ... the laptop has died and is not worth repairing.

Outlaw
"It has been my experience that folks who have no vices have very few virtues." --Abraham Lincol

How do you know that your laptop died? https://www.hp.com/us-en/shop/tech-take ... nd-replace
If this battery is dead, everything is black! If this is ok and work again your laptop, check again all your bios settings and fast boot, secure boot disabled because sometimes you can not see your hard drive from Linux!

Posted: **Wed Jul 23, 2025 7:29 am**

@asinoro wrote:

How do you know that your laptop died? https://www.hp.com/us-en/shop/tech-take ... nd-replace
If this battery is dead, everything is black! If this is ok and work again your laptop, check again all your bios settings and fast boot, secure boot disabled because sometimes you can not see your hard drive from Linux!

A laptop or desktop with a dead CMOS battery will at least boot to the bios screen because the bios will have reverted to its default settings. If you are getting a black screen instead, you have additional problems.

Posted: **Wed Jul 23, 2025 7:37 am**

j2mcgreg wrote: Wed Jul 23, 2025 7:29 am @asinoro wrote:
How do you know that your laptop died? https://www.hp.com/us-en/shop/tech-take ... nd-replace
If this battery is dead, everything is black! If this is ok and work again your laptop, check again all your bios settings and fast boot, secure boot disabled because sometimes you can not see your hard drive from Linux!
A laptop or desktop with a dead CMOS battery will at least boot to the bios screen because the bios will have reverted to its default settings. If you are getting a black screen instead, you have additional problems.

Maybe you are right, in my experience once my laptop it looked completely dead also the screen, I replaced the battery myself and the laptop became alive again! It was, still exist from 2006, laptop made by local company.

MX Linux Forum

Possible Virus Infection (solved)

Possible Virus Infection (solved)

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection

Re: Possible Virus Infection (solved)

Re: Possible Virus Infection (solved)