|
Morning thread, looking for some advice on a recent incident. I've been trying out Stable Diffusion over the past couple of days. Yesterday evening, several of the models I'd been using on that day were flagged up by Windows Defender as containing a trojan (Trojan:Win32/Sirefef!cfg). I'd only been using those particular models during that afternoon. I deleted the flagged files, did a full scan of everything else (found nothing), and did an offline scan of the computer (found nothing). The scans were done with Windows Defender. I was also thinking of going back to an earlier system restore point. I was a bit surprised to find anything at all, as the models are commonly used and all from legitimate sources (one of the models was downloaded by the Webui client itself). All of them are very widely used and, astonishingly, not just for porn (the Controlnet ones finally give SD enough control that it could be used for architectural sketches and renderings). So a few of a couple of questions: Could this be some kind of cross infection by something I haven't found yet? Do I need to take any further measures than the above? Am I just being silly and these were the notorious "false positives" that I've heard people talking about? The models in question that had files that were flagged were the primary Controlnet models, available from: https://huggingface.co/lllyasviel/ControlNet/tree/main/models And Codeformer, a model designed to fix faces, which was downloaded directly by the Webui installed on the machine when enabled in the settings. The webui is available from: https://github.com/AUTOMATIC1111/stable-diffusion-webui
|
#
?
Feb 23, 2023 10:26
|
|
|
|
| # ? Apr 26, 2024 19:13 |
|
|
The detections on the models are almost certainly false positives. Anything malicious is more likely to be in the other components. You're probably fine.
|
|
#
?
Feb 23, 2023 12:39
|
|
|
yoloer420 posted:The detections on the models are almost certainly false positives. Anything malicious is more likely to be in the other components. Thanks for the reply! That's potentially reassuring. I'm never quite sure how to ensure the false positives are actually false positives... I was very careful with the various models I was using, but it's possible the actual interface I was using is suspect? Here's a very angry Reddit poster talking about it: https://www.reddit.com/r/StableDiffusion/comments/y71uyx/invokeai_vs_automatic1111/iss6nw0/ For reference, I was using the automatic1111 webui, which I assumed was safe enough because it was a) popular and b) opensource. However, there's enough Doubt in my mind now that I'll swap over to the more respectable InvokeAI. For all I know this little trojan is bouncing around happily within the Stable Diffusion community, and no-one is squashing it because it's been labelled incorrectly as a false positive.
|
|
#
?
Feb 23, 2023 13:03
|
|
|
I only use Windows Defender and Malwarebytes for protection, along with uBlock Origin. Am I safe with this trifecta? I've always assumed yes.
|
|
#
?
Mar 14, 2023 17:17
|
|
|
Qubee posted:I only use Windows Defender and Malwarebytes for protection, along with uBlock Origin. Am I safe with this trifecta? I've always assumed yes. Safe?
|
|
#
?
Mar 14, 2023 18:26
|
|
|
Aertuun posted:no-one is squashing it because it's been labelled incorrectly as a false positive. unlikely
|
|
#
?
Mar 14, 2023 18:28
|
|
|
Ran an offline defender scan which I do periodically today and it came back detecting autokms hacktools in windows/system32/sppextcomobj.exe which it removed. I remember autokms being a workaround for windows licensing but I last did that many years and fresh installs (edit: and machines) ago and I’m pretty sure it had its own dir so I’m weirded out. I also didn’t think this exe had anything to do with it in particular but I don’t really know windows. Anyway I guess I either goofed somewhere despite normal precautions or maybe defender is being goofy. I’m curious so I figured I ask what might be going on here if anybody knows Sleng Teng fucked around with this message at 15:49 on Apr 7, 2023 |
|
#
?
Apr 7, 2023 13:33
|
|
|
Was just about to make dinner tonight when I got a frantic text message from my grandma saying her computer got locked down and it's telling her not to turn it off. gently caress. I bought them a motherfucking iMac because I know they click on any loving link and don't know what the gently caress they're doing but "that's too hard, we'll stick to windows and risk having our entire life savings drained because mac is too hard. P.S. It happened again can you help save us." YES I CAN, USE THE loving IMAC FOR gently caress'S SAKE. Anyway so I went over there and it looks like some website in Edge had opened a full screen "WE'VE LOCKED YOUR COMPUTER, DON'T YOU DARE TURN IT OFF. PHONE THIS NUMBER TO GET YOUR COMPUTER BACK!" warning, complete with an text to speech voice making all sorts of demands through the speakers, which I basically alt+tabbed out of and closed the browser and everything seemed to be running completely normally... Or so I thought. I copied the offending website's URL from Edge history, tried it again for shits and giggles, and it came back 404. By "URL" it was basically just a random IP address with some funky hashtag per-session code after it. I deleted everything after the IP address itself and it resolved to some sort of Brazilian hosting page. My best guess is that it runs a unique per-session thing that wouldn't be traceable after the fact, hence why I wasn't able to reproduce it, but I don't really know the ins and outs of networking poo poo to be fully sure. My baseline assumption was that they just clicked too many stupid ads and got sent to this outwardly appearing malicious but otherwise harmless "ransomware lookalike" honeypot, but a few other things started popping out at me. My grandpa volunteered some knowledge without being prompted that he pays a company called Nerds On Site $5/month to monitor their computer. I asked "Then why am I here? What value are they to you if this keeps happening? How are they monitoring you? What do they have installed on here?" "Oh, I don't know. He came to my door and told me he does this job for the Canadian Tire on this side of town so I let him in." "So you accepted some guy's cold-call, he installed some random stuff on your computer, and you pay him $5/month on the basis that he told you he's the systems tech for Canadian Tire?" "Yes." "Did he prove that to you in any way?" "No." "Does that not seem suspicious to you that a nationwide chain is relying on some random guy for their IT support, instead of what is very likely an on-site team?" "Well if you put it like that..." GOD DAMNIT! So I had him show me one of this company's recent bills. It listed its service as "Webroot monitoring." I have no idea what the gently caress that is, so I google it. I find a program called Webroot SecureAnywhere. I don't see any immediate red flags, but the results I am finding all seem obfuscated or fake in some way to trick me into thinking it's meant to be doing something that a non-technologically oriented person might consider to be technologically advanced. I'm not a tech guru, but I've been around long enough to know when something isn't right. I searched "Webroot" on his computer and there it is. The first strange thing is that windows Add/Remove programs told me it was installed ten days ago on May 15th. Neither of my grandparents claim to have installed it, nor has anyone aside from them and myself touched that computer in the last ten days. I'm extremely confused how this program came to exist on their computer ten days ago if nobody physically installed it. Second red flag. I opened the "Webroot SecureAnywhere" program and started poking around to see what its deal was. It looks like a regular sort of AntiVirus program, maybe Nerds On Site put this here long ago and I was unaware? The problem with that hypothesis is that I'm sort of their go-to tech guy for basic poo poo. I installed some Ram and an NVMe for them about three weeks ago, and copied their entire OS onto the NVMe, and basically made it 100x faster for them to click every loving bullshit link in the universe. I did all of the cursory checks at the time to make sure they hadn't hosed themselves to death with virus and malware yet, and I don't recall seeing this Webroot program at the time, as I'm sure it would have registered in my brain that they had something like this to ostensibly protect them. Anyway, in the Webroot application, I find a tab that lists "Account information," so I click it, and discover it has a serial number listed, partially obscured, which suggests to me that someone has logged into this application in the last ten days and got the program signed in. I click a link that takes me to the program's login portal, and ask both of them "Do you recognize this login page, and can you log into it for me?" Neither of them have ever seen it before, don't know any login info. Okay, strange. There's a little button under the partially obscured serial number that says something like "Copy Keycode Info." I click it, expecting it to copy the serial number into clipboard for me to inspect, instead it shoots me an error that says: "The keycode is currently hidden and cannot be copied." What the gently caress? Then why would there be a button for me to copy the keycode? If this were a legit program, it would have done the thing it says. What the gently caress is going on here? The logic here is all screwy. So I head back to google and type that exact query bounded by quotations on both sides and get four (4) unique results across the entire internet, and all four are from variations on the theme of VirusTotal's hybrid-analysis / adaware quarantine service. Basically, that exact search string happened to show up in the exploded sample text of at least four viruses submitted to those websites. Which has me even more puzzled. Nerds On Site may have ostensibly installed this program, yet this program is throwing up red flags, and the exact text string of "The keycode is currently hidden and cannot be copied." is showing up in a few virus quarantine pages and nowhere else. That's when I came to this thread and started reading it for tips. I installed Wireshark, watched a quick tutorial that basically in a nutshell told me that "If you see a "data" category listed in the hierarchical sorting view under TCP or UDP, basically there's some hosed up poo poo happening bruh." So I captured all of the traffic over ethernet for a few minutes, sorted the data via hierarchy view, and saw that about 7% of all traffic was in this dreaded data category. I still don't know what this means. Then my grandma came in and started badgering me about "you must be tired, it's time for you to go home, thanks for fixing our computer," but because she's deaf I couldn't explain to her that it's not fixed, and had to relay through my grandpa that "No, it's not fixed, I think there's something incredibly wrong here, PLEASE DO NOT TURN THIS COMPUTER ON UNTIL SATURDAY!" Basically all of the "data" traffic was connecting to a single port in the 64000 region, and literally right when I started to get an idea of what might be happening here, it's 10pm and I'm tired as gently caress and they won't shut up and leave me alone so I had to leave, and now I'm trying this out here to ask if anyone has anything they could point me towards insofar as blocking that port or if there's a cmd command that I can execute to fry every capacitor on that motherboard and force them to use the iMac because holy loving poo poo I hate playing the family tech support role, but I also know that if I don't do it, they're just going to hire some random loving idiot off the street to make their lives even worse. I loving hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it I hate it. I started using a mac in 2008 and told them to gently caress off and figure it out, and over time I forgot what a breath of fresh air that was to not be the family IT guy. But now I have a windows computer again so guess who needs help? I love them both dearly but holy gently caress it's exhausting. They're turning 90 this year and they make a special trip to the bank every other week to reset their password because they forgot it. I wish I could just teach them how to use a Mac and never have to worry about this poo poo ever again. All they do is click button > look at funny email. The hurdle of jumping over to mac to do the most menial trivial bullshit is practically nonexistent, but it might as well be the grand loving canyon. The only reason I think I have even the slightest confidence in my ability to at least help out in this situation is because I find network security in the broad sense, and social engineering/pen-testing specifically, to be super interesting fields and therefor I like to stay informed about all of the ways people trick other people. Only problem is that this inevitably coincides with me discovering how easy it is to trick old people literally all the goddamn time because I have grandparents predating the invention of the Monopoly board game who, through the grace of god, have a computer with internet access. 
XYZAB fucked around with this message at 06:06 on May 26, 2023 |
|
#
?
May 26, 2023 05:49
|
|
|
XYZAB posted:"Oh, I don't know. He came to my door and told me he does this job for the Canadian Tire on this side of town so I let him in." I feel your pain. I'd be tempted to do a complete reinstall of the entire computer under those circumstances. It sounds like they shouldn't even be let near a computer unsupervised, but how does anyone achieve that...
|
|
#
?
May 26, 2023 07:05
|
|
|
XYZAB posted:*family tech support curse* I'd strongly consider copying out whatever data they want/need from the machine, putting it on external media (and scanning the poo poo out of it), then nuke and pave, followed by a fresh install where they don't have the admin password, and install something like Teamviewer or use the built-in Windows remote assistance function in case they actually need to install something that isn't malware on their limited user accounts. Or install Linux and skin it to look like Windows. They could even keep using Edge! My parents are late 70s, early 80s, but luckily I haven't had to deal with anything like the level of crap you're describing here.
|
|
#
?
May 26, 2023 07:29
|
|
|
Yep, that definitely sounds like a rootkit, export the family photos then flatten and reinstall. You might consider some parental monitoring software (get it?) to keep them out of trouble if you can't just tow their PC out of the house and force them to use the Mac.
|
|
#
?
May 26, 2023 08:08
|
|
|
My stepfather managed to get malware on his Mac, so even that isn't 100%.
|
|
#
?
May 26, 2023 08:25
|
|
|
Yeah nothing's immune, especially to social engineering. My mother (rest in peace, Mom) once got got on her Mac by a browser popup ad which used text-to-speech to loudly inform her that everything was wrong with her computer and she absolutely had to call a number. She called it and was walked through installing LogMeIn Rescue so the scammer could start observing and controlling her computer, which he immediately used to start fast talking her about all these things "wrong" with the Mac she was going to have to pay them to fix. Fortunately, before handing over CC info, some warning bells started going off and she began to balk. That's when the scammer turned abusive and nasty. She was really upset and scared when she phoned me right after hanging up on them. I couldn't find any evidence that they ended up with persistent remote control of the machine. I don't think that was ever the goal of that particular scam, it was just about conning elders confused by computers into paying for a service they didn't need. Still, I copied her data off and did the ol' nuke-and-pave. (I had never heard of LogMeIn before that incident. When I went searching, it seemingly was (is?) a legit remote admin tool, but I also found lots of evidence that the company behind it was deliberately turning a blind eye to all the scammers who'd bought licenses to use it in schemes like that one. So this is my anti-advertisement for LogMeIn. gently caress them, don't buy their poo poo.)
|
|
#
?
May 26, 2023 09:39
|
|
|
XYZAB posted:Was just about to make dinner tonight when I got a frantic text message from my grandma saying her computer got locked down and it's telling her not to turn it off. I'm sorry dude but this is one of the funniest things I've ever read. And I feel your pain. Adding to the cacophony of the advice to format and reinstall. Doesn't sound like it matters if you install Windows or Linux, since this is a combination of social engineering and someone physically being allowed onto the computer. Just make sure that you install uBlock Origin on the browser, hopefully that will block some of the phishing sites.
|
|
#
?
May 26, 2023 12:08
|
|
|
I've actually gone as far as giving my family piholes that block 99% of this stuff and my family computer support calls have gone down to nothing. They're not being targeted, it's just drive by bullshit that they're not smart enough to not click.
|
|
#
?
May 26, 2023 13:14
|
|
|
Mustache Ride posted:They're not being targeted, it's just drive by bullshit that they're not smart enough to not click. This sums up a lot of this thread it seems 
|
|
#
?
May 26, 2023 14:15
|
|
|
CaptainSarcastic posted:I'd strongly consider copying out whatever data they want/need from the machine, putting it on external media (and scanning the poo poo out of it), then nuke and pave, followed by a fresh install where they don't have the admin password, and install something like Teamviewer or use the built-in Windows remote assistance function in case they actually need to install something that isn't malware on their limited user accounts. What’s the go-to Windows virus scanning software these days? I’ve been able to stay completely oblivious of this stuff for 15 years and it seems like there’s been a huge divergence in that time between pseudo-fakeware/malware/bloatware consumer “virus scanners” that don’t do poo poo, and corporate virus suites that cost an arm and a leg but actually do the thing they advertise. Revoking their admin privilege sounds like a great idea after I nuke their current install though, so thanks for that idea. This is all a huge pain in the rear end for me even moreso than it might be for anyone else because I have an extremely painfully advanced case of dry eye disease, and the amount of time I have to spend in front of a screen literally makes my eyes feel like they’re being cut by a thousand razor blades. I might just opt to say “no more windows computer for you, I’m sorry, but the way you use it I would literally rather kill myself than keep dancing on this tightrope.” Not really, but I tend to not want to spend my time doing the things that aggravate my condition. I.e., tech poo poo, reading, etc. Again, though, if I don’t help them, it’s akin to just throwing them into the lion pit and them not understanding why they’re being eaten. Edit: Please tell me there’s a dedicated Linux distro skinned like Windows specifically for this situation. Alternatively what’s the go-to distro for something like this? Cup Runneth Over posted:Yep, that definitely sounds like a rootkit, export the family photos then flatten and reinstall. You might consider some parental monitoring software (get it?) to keep them out of trouble if you can't just tow their PC out of the house and force them to use the Mac. Please tell me there is also actually a thriving parental monitoring software industry, for the love of christ. XYZAB fucked around with this message at 17:07 on May 26, 2023 |
|
#
?
May 26, 2023 16:51
|
|
|
Windows Defender, which is built into Windows 10 and Windows 11.
|
|
#
?
May 26, 2023 18:07
|
|
|
My daughter (high school) had an assignment this week to spec out a PC build for a fictional graphic designer, and two of the items the teacher expected to see on the list were antivirus software (he recommended ESET) and malware removal software (MalwareBytes). I explained to my daughter that we are a Windows Defender house and that I would come and talk to the teacher if he objected. Some things are worth fighting for.
|
|
#
?
May 26, 2023 21:23
|
|
|
Subjunctive posted:My daughter (high school) had an assignment this week to spec out a PC build for a fictional graphic designer, and two of the items the teacher expected to see on the list were antivirus software (he recommended ESET) and malware removal software (MalwareBytes). I explained to my daughter that we are a Windows Defender house and that I would come and talk to the teacher if he objected. Some things are worth fighting for. Graphic design, you say? Isn't the answer "use a Macbook"?
|
|
#
?
May 26, 2023 21:30
|
|
|
Ynglaur posted:Graphic design, you say? Isn't the answer "use a Macbook"? We had that discussion and decided that it would probably not meet the requirements of the assignment. I think she mentioned it in her overview though.
|
|
#
?
May 26, 2023 21:35
|
|
|
Subjunctive posted:My daughter (high school) had an assignment this week to spec out a PC build for a fictional graphic designer, and two of the items the teacher expected to see on the list were antivirus software (he recommended ESET) and malware removal software (MalwareBytes). I explained to my daughter that we are a Windows Defender house and that I would come and talk to the teacher if he objected. Some things are worth fighting for.
|
|
#
?
May 26, 2023 21:53
|
|
|
Definitely the system builder’s responsibility to calibrate things before delivery. I don’t think my old Spyder or whatever still works any more, so I just use rtings’ profiles and live with it.
|
|
#
?
May 26, 2023 23:10
|
|
|
Subjunctive posted:Definitely the system builder’s responsibility to calibrate things before delivery. I don’t think my old Spyder or whatever still works any more, so I just use rtings’ profiles and live with it. Isn't the recommendation to regularly recheck the calibration because monitors wear out and age.
|
|
#
?
May 27, 2023 00:59
|
|
|
Saukkis posted:Isn't the recommendation to regularly recheck the calibration because monitors wear out and age. Yeah, that’s why I originally got the Spyder but the display I had at the time (some Dell thing) didn’t drift enough to be worth recalibrating before I forgot about doing it.
|
|
#
?
May 27, 2023 02:59
|
|
|
XYZAB posted:Please tell me there is also actually a thriving parental monitoring software industry, for the love of christ. Oh certainly https://www.pcmag.com/picks/the-best-parental-control-software
|
|
#
?
May 27, 2023 17:27
|
|
|
Cup Runneth Over posted:Oh certainly Those are tools for use by parents to supervise children, but we want tools to supervise parents.
|
|
#
?
May 27, 2023 17:36
|
|
|
XYZAB posted:Please tell me there is also actually a thriving parental monitoring software industry, for the love of christ. There is one built into Windows https://support.microsoft.com/en-us/account-billing/getting-started-with-microsoft-family-safety-b6280c9d-38d7-82ff-0e4f-a6cb7e659344
|
|
#
?
May 27, 2023 17:50
|
|
|
Subjunctive posted:Those are tools for use by parents to supervise children, but we want tools to supervise parents. Yes?
|
|
#
?
May 27, 2023 18:27
|
|
|
Subjunctive posted:Those are tools for use by parents to supervise children, but we want tools to supervise parents. 
|
|
#
?
May 27, 2023 19:19
|
|
|
Fine. 
|
|
#
?
May 27, 2023 19:45
|
|
|
Is this the right thread to ask about mobile security? I don't see a better thread, but if there is one, my apologies. The other day I was attempting to report a clearly malicious Facebook post on my phone (not targeted at me, it showed up in my feed because someone I don't know had their account hijacked and tagged someone I do know) and accidentally clicked it. I closed it immediately, I don't think the page even really got to load, but according to my history it went to an HTML file on some gibberish S3 host. The link in question was a currently-very-common scam, you've probably seen it. There are lots of news stories about it. This story does say it's a phishing thing, but some other news stories on the same subject suggest the possibility of direct malware delivery. My phone is an in-support flagship Android (Galaxy S22) patched up to date, with the most recent security update installed a few days prior to this event. My phone isn't rooted and isn't allowed to install software from anywhere but official stores, and I haven't installed anything lately. At no point was I redirected to any app store. I freaked out briefly, but had calmed down. However, I went to look at my calendar tonight to check whether an upcoming appointment was on it, and there were virtually no calendar events on it. I checked my account settings and found syncing for all Exchange functions (calendar, email, etc.) turned off. (My work calendar is my main calendar.) This is very strange, I would not do that intentionally and I have never seen it just turn itself off before. I was able to re-enable it and it is working fine. It showed the date and time it was last synced, but unfortunately I didn't think to take note of it except that it was a couple days ago. I don't think there are user-accessible logs of when stuff like that was turned off or on, so I don't think I can get that information anymore. I logged into my account on a desktop PC and checked for unexpected rules or sent messages, but didn't find any of either. I assume an attacker would immediately delete any sent messages from a hijacked account to prevent a victim from noticing, but I've notified my work security people to investigate. I don't know much about mobile security, and I am not really a security guy generally. I don't really have a handle on whether it's plausible for my device to be compromised, how to tell, or what I should be doing either way, nor what the implications are for accounts or other devices on it. I haven't seen any other weird activity on the phone, no weird DNS hijacks that I've noticed, no ad popups or anything like that. I don't see any recently installed or used programs I don't recognize. Samsung's website has instructions for running a security scan, but I don't have the options they say I should be pressing. I would think that if there were a current Android vulnerability allowing drive-by compromise from just clicking a link, there'd be buzz about it, but I don't think there is. I assumed the link was likely to be a phishing attempt to try to get Facebook credentials, but now I don't know, and the timing on this is making me quite nervous. I do have a young kid who is not generally allowed to use my phone unsupervised, but we do stuff like the Wordle together and I can't swear she didn't accidentally press something, or even that I didn't accidentally press something without knowing it. I don't see any unexpected activity on any of my accounts, but, like, I'm not going to see activity from a strange IP address if it's coming from my actual phone that's next to me. EDIT: If you were wondering, Facebook responded to my report, by informing me that the clearly malicious link did not violate their Community Standards. guppy fucked around with this message at 03:10 on May 29, 2023 |
|
#
?
May 29, 2023 02:37
|
|
|
I’m not a mobile security expert, but I think you’re fine unless you are a Target of Interest for well-equipped actors. I think Exchange just hosed up on an update or something and stopped syncing (or maybe in response to a weird server error that went away). You could try to pull logs from adb I guess but there’s no guarantee that anything interesting would be in there; malware that logged its activity to syslog would be hilarious, though not impossible. (I have been a Target of Interest, and it just meant that whenever my phone acted weird I took it to my company’s IT and they checked it out.)
|
|
#
?
May 29, 2023 02:45
|
|
|
I don't think I am likely to have been targeted for this, since it's a very common scam and I was neither the person whose account distributed the link nor the person it was distributed to. I have a hard time thinking someone would blow a 0-day on a spray-and-pray drive-by attack. If I were an intentional target, though, I still don't really know what I would do about it. Buy some AV app? Wipe my phone? Get a new phone? Get a new phone and change all my account passwords?
|
|
#
?
May 29, 2023 02:48
|
|
|
guppy posted:I don't think I am likely to have been targeted for this, since it's a very common scam and I was neither the person whose account distributed the link nor the person it was distributed to. I have a hard time thinking someone would blow a 0-day on a spray-and-pray drive-by attack. If I were an intentional target, though, I still don't really know what I would do about it. Buy some AV app? Wipe my phone? Get a new phone? Get a new phone and change all my account passwords? If you’re an intentional target you get a separate personal device, and you do basically nothing with the work device, and reinstall the OS as a tic. (If you’re an activist or someone whose personal identity rather than professional role is targeted, you uninstall everything and watch all of Runa Sandvik’s talks. Maybe get in touch with the EFF, I think they have people to help review stuff.)
|
|
#
?
May 29, 2023 02:51
|
|
|
I think I figured out what happened with Exchange, and I feel pretty dumb. I had booted my phone into Safe Mode, which I learned this week is a thing you can do, to double-check that I didn't see any newly installed or unrecognized apps. Safe Mode disables all third-party apps. One of the other things this did is revert my default keyboard from SwiftKey back to the Samsung one, which makes sense since SwiftKey is a third-party app. But apparently it also turns off Exchange syncing. It also leaves a few other lingering changes -- for example, it puts the phone into Airplane Mode, which persists on reboot until you turn it off again. I tested my theory by booting back to Safe Mode and then back to normal. Sure enough, keyboard reverted to default, Airplane Mode was still on, and Exchange sync was disabled again. I don't know why it does this, maybe it uses some kind of Exchange connector provided by Microsoft or something and that constitutes "third-party software" that therefore gets disabled. But it makes me feel quite a bit better, since it means that everything I've seen so far has a benign explanation.
|
|
#
?
May 29, 2023 10:46
|
|
|
XYZAB posted:This is all a huge pain in the rear end for me even moreso than it might be for anyone else because I have an extremely painfully advanced case of dry eye disease, and the amount of time I have to spend in front of a screen literally makes my eyes feel like they’re being cut by a thousand razor blades. I might just opt to say “no more windows computer for you, I’m sorry, but the way you use it I would literally rather kill myself than keep dancing on this tightrope.” Not really, but I tend to not want to spend my time doing the things that aggravate my condition. I.e., tech poo poo, reading, etc. Again, though, if I don’t help them, it’s akin to just throwing them into the lion pit and them not understanding why they’re being eaten. They're 90, just tell them Windows stopped selling new computers.
|
|
#
?
Jun 20, 2023 03:24
|
|
|
I know the OP says don't pay for an antivirus and they're all the same, but this thread is the only place I've ever heard that. I used to use NOD32 but stuck with Microsoft Defender for the last 6 or 7 years. NOD32 seems to score better than Microsoft Defender in lots of scanning tests. Would I be better off with NOD32?
|
|
#
?
Jul 10, 2023 22:52
|
|
|
WattsvilleBlues posted:I know the OP says don't pay for an antivirus and they're all the same, but this thread is the only place I've ever heard that. I used to use NOD32 but stuck with Microsoft Defender for the last 6 or 7 years. No.
|
|
#
?
Jul 10, 2023 22:58
|
|
|
|
| # ? Apr 26, 2024 19:13 |
|
|
i haven't heard about nod being actively bad for your pc, and honestly that's the highest praise you can give an antivirus these days lol defender is in that same category though, so just save the money imo
|
|
#
?
Jul 10, 2023 23:05
|
|
