Can someone look at this and tell me if it looks correct!?

Vandrovich

New Member
So to start, I am very very new at this. In fact I am more LOST than anything else. But I'd like to ask if there are any nice people out there that could please tell me if this looks normal and /or has not been altered in any way from it's original default text. I have had issues with others accessing my devices and completely ruining my photos and videos etc. This is the screen that comes up when I hit ”e" before the kernel choice in grub, to edit the startup script so I can reset my password. It seems different. Sorry about pic quality.
1572825376060517830838074452758.jpg
 


Vandrovich

New Member
Ok. But I'm saying how come the kernel line is different than what I see online for the kernel line in Linux mint Cinnamon? Is there anything you see in this that makes you come to a conclusion that this is a custom kernel boot with an intentional remote login or anything like that? I know I probably sound paranoid but my computer has been acting crazy and someone is manipulating my videos, adding wierd videos, and deleting many of my media as well. I have ran antivirus and antispyware etc. And it claims it's scanning however the scan takes like 30 seconds (for a full scan) etc. Also my computer security program turns off randomly etc
 

wizardfromoz

Super Moderator
Staff member
Gold Supporter
...the kernel line is different than what I see online for the kernel line in Linux mint Cinnamon?
G'day @Vandrovich and welcome to linux.org :)

What is your reference source for online, eg is it /etc/default/grub or other?

Which AV/AM product/s?

But I am right behind @neskepi 's comment for the meantime.

Chris Turner
wizardfromoz
 

JulienCC

Active Member
Your grub config seems normal to me.

Cleaning a system that has been compromised is a hard task. If possible boot from an external device, backup your files from there and do a clean install. If you are really paranoid you should also flash everything that is flashable on your machine (BIOS, HDD/SSD firmware...).

Considering what you've described this is most likely a script kiddie playing arround with a weak password and your ssh server, or something easy like this. Someone willing to hurt/steal would have operated stealthier.
 

Condobloke

Well-Known Member
In your first post you mentioned "adding wierd videos"........what did they add ? titles ?

Do you have any "clean " backup...?something that was backed up before any of this strange bahaviour started ?

Any pc enthusiasts living with you ?....or who visit from time to time ?
 

Members online


Top