Hi thread, I'm coming here hoping for some advice. I just got a couple really nice POS computers and I'm really impressed, I got them for really cheap. But they have Windows NT 6.4 installed. I'm seeing the manufacturer has released drivers for Windows 10, I'm wondering if anybody has any relevant experience with these, should I install 10 on them and alternatively, should I bother replacing the NT OS? Since these were nearly free, I want to take advantage of them for doing art, and install Painter on one, I'm so psyched to have a touchscreen for the first time. Here, it displays some info on the main screen RN: ED: NT 6.2 petit choux fucked around with this message at 16:40 on Jul 21, 2022 |
|
# ? Jul 21, 2022 15:25 |
|
|
# ? Jun 11, 2024 01:44 |
|
Koskun posted:Then get a USB thumb drive, grab the Win10 ISO from Microsoft, use Rufus to make a boot drive, and get to re-installing. In my experience, you download the Media Creation Tool from MS and it reformats whatever flash drive you point it towards. No need for Rufus. Unless that's a recommended extra step for a PC with a known rootkit (or whatever this is) infection? Can those types of malware hijack and infect the MCT process?
|
# ? Jul 21, 2022 16:12 |
|
petit choux posted:I want to take advantage of them for doing art, and install Painter on one I have no idea about putting 10 on them, but most POS terminals are not going to have sophisticated touchscreens that do multi-touch or pressure sensitivity or anything else art-caliber. That may be fine since you got them for free and aren't expecting too much.
|
# ? Jul 21, 2022 16:55 |
|
petit choux posted:ED: NT 6.2 Just for clarification, NT 6.2 is windows 8 and server 2012; NT as a product brand hasn't been a thing for a while. E: windows 8.0, even - 8.1 is apparently 6.3
|
# ? Jul 21, 2022 17:13 |
|
From the look of the taskbar/icons that's already windows 10 on there though. Windows 8 looked distinctly different.
|
# ? Jul 21, 2022 17:23 |
|
You can find out what version of Windows is on there by running winver either from the start menu search or the run box.
|
# ? Jul 21, 2022 17:56 |
Computer viking posted:Just for clarification, NT 6.2 is windows 8 and server 2012; NT as a product brand hasn't been a thing for a while. Klyith posted:I have no idea about putting 10 on them, but most POS terminals are not going to have sophisticated touchscreens that do multi-touch or pressure sensitivity or anything else art-caliber. That may be fine since you got them for free and aren't expecting too much. I can check on the pressure sensitivity again, but I'm only using MS Paint to try it out RN. And I was so pleasantly surprised when I ran my hand across the screen and each finger drew a line. I was not expecting such a good machine. These really appear to be kind of meant to be multipurpose computers that have been modded for POS, just way more power than necessary. Geemer posted:You can find out what version of Windows is on there by running winver either from the start menu search or the run box. Okay, let's plug one back in -- Win 10! OMG, what a hoot. They were courteous enough to leave the password off when they donated them too. And looking into the driver software, there is no pressure sensitivity, which I hadn't observed till now. Okay, but it still tracks pretty good on my hand and I can imagine using for some techniques. Also was considering attaching a high quality USB sound card and making one or both into dedicated DAWs/noisemakers.
|
|
# ? Jul 21, 2022 18:41 |
|
karoshi posted:WizTree is much faster, but not open source. as someone that is dreading the event report of sicko levels of disk space usage, it seems you support my continued use of WinDirTree
|
# ? Jul 21, 2022 20:37 |
|
Thanks for the assistance, I'm back up and running now. Took my time but the actual install and setting up was easy, hardest part was being sure about what I could wipe. It's a good exercise to have gone through in any case, I think. One question - I can make a restore point now that I know is clean, but if an infection happens later on can that get into the recovery files?
|
# ? Jul 22, 2022 20:13 |
|
Mozi posted:One question - I can make a restore point now that I know is clean, but if an infection happens later on can that get into the recovery files? If I had a PC with a definite infection I would not trust restore points. A full disk image would work though, using macrium reflect or other imaging software.
|
# ? Jul 22, 2022 20:25 |
Windows restore points are for fixing issues caused by bad driver or software installs/changes, not cleaning up malicious infections.
|
|
# ? Jul 22, 2022 20:30 |
|
nielsm posted:Windows restore points are for fixing issues caused by bad driver or software installs/changes, not cleaning up malicious infections. They can help as well. Do both things.
|
# ? Jul 22, 2022 20:55 |
|
That makes sense, having the install USB and chipset drivers/other utils USB anyways covers that pretty well. Final question - I spent years clicking through UAC prompts before finally just disabling them on this PC when I set it up for the first time a few months ago. I can't seem to correlate this infection with anything in particular (as far as downloading or installing anything goes). Is there any chance that would have saved me or probably not?
|
# ? Jul 22, 2022 21:09 |
|
Don't loving disable UAC! AAAAAÀAAA
|
# ? Jul 22, 2022 21:14 |
|
kirbysuperstar posted:Don't loving disable UAC! Not my problem
|
# ? Jul 22, 2022 21:29 |
|
Thread title strikes again.
|
# ? Jul 22, 2022 21:33 |
|
Hot_chicks.gif.exe is requesting administrator access.
|
# ? Jul 22, 2022 22:57 |
|
Mozi posted:Final question - I spent years clicking through UAC prompts before finally just disabling them on this PC when I set it up for the first time a few months ago. I can't seem to correlate this infection with anything in particular (as far as downloading or installing anything goes). Is there any chance that would have saved me or probably not? So TBQH I have no idea what the heck was going on with your system or if you even were malware infected -- the thing that defender caught is extremely generic and has no description on MS's site. The other company that uses the same nomenclature is Trend Micro, and their examples of "Trojan.HTML.PHISH.whatever" are passive phishing files. Not really an active trojan that was hacking yur gibson. Like, I'd be concerned if that showed up in a defender scan. It could be a sign of something worse that defender *can't* see, or could be an old email attachment. Who knows. Combined with the other weirdness, a pave & reinstall seemed like the safe option. ... That all said, don't disable UAC. Defender isn't reliable security without UAC to protect from system changes.
|
# ? Jul 22, 2022 23:22 |
Oh, thank you, everybody, I'm not able to proceed with these things at the moment but I'm pretty excited about them. Cheesr.
|
|
# ? Jul 23, 2022 02:38 |
|
Heads up, I found a weird edge case. If you're like me and you switch back and forth between two+ languages, and use Remote Desktop, KB5015807 breaks the language taskbar. At some point the highlighted parts will just disappear and it's not possible to fully force them to stick again (as per this support article). Uninstalling the KB fixes the issue, making it the first KB in years and years that I've had to do so for (as a non-admin). At least they're aware of it.
|
# ? Jul 23, 2022 03:06 |
|
Well it [UAC] is on again now... the thing is I've never, ever, ever see it prompt me for anything except when I actually wanted something to do something. Like it's never prevented something from happening when I didn't know something was happening. And I had it on all the time in Windows 7 too. Well over a decade of clicking through UAC prompts and never once having it pop up on something I wanted to deny.Klyith posted:So TBQH I have no idea what the heck was going on with your system or if you even were malware infected For a few days I'd been noticing some strangeness that could be chalked up to cosmic rays or whatever - mouse stuttering and weird hitching but not too bad, no real performance problems. When I went to shut down there was an untitled program with a default icon preventing shutdown until I forced it. The night before, the screen was disconnecting and re-connecting every so often. The next morning I was having those issues where after startup (and repeated after restarting) I could launch things from the desktop but not interact with windows or the start menu; after pressing ctrl-alt-del and escaping out of it I was able to use the computer normally. A quick Defender scan showed nothing but a full scan showed that trojan on a file I got from BitTorrent - but the torrent itself was over a decade old, the file itself had been downloaded since my previous computer, and the virus didn't exist when the torrent was created. So I figured it must have spread to there from something else. When I unplugged my ethernet cable I started getting frequent USB connection/disconnection noises; when I was messing around setting up a filter in Event Viewer to try to see what was causing it, I noticed almost constant accesses to the Windows Credential Manager (like dozens every few minutes) starting 3 days prior out of nowhere. Looking at the details I saw it was looking up my Microsoft user account (fortunately not really existing) and my BitWarden master key (not so great). I had already reset that master password and was working through my others; fortunately one of the benefits of 2-factor auth is I'm certain nothing was accessed without my knowing about it. These events continued even after Defender was no longer finding any issues after disabling Restore and restarting multiple times etc. When I scanned my external HDs with my laptop, they did find a few other trojans scattered around. In any case this was a good recovery exercise but I'm still not sure what exactly happened. Mozi fucked around with this message at 03:30 on Jul 23, 2022 |
# ? Jul 23, 2022 03:27 |
|
I've only ever seen my seatbelt lock up when I've braked really hard all of a sudden. I've never, ever had it lock up except when I actually wanted to stop in a hurry for fun. It's never locked up when I didn't know I was stopping. I should be fine to just remove my seatbelts, right?
|
# ? Jul 23, 2022 16:53 |
|
The time it takes you to click through UAC prompts is less than the time you spend cleaning up infections because you turned off UAC.
|
# ? Jul 23, 2022 17:54 |
|
the analogy i would use is, you spend a lot of time unlocking your door too
|
# ? Jul 23, 2022 18:02 |
|
People like that Andrew Zarian bloke probably recommend turning off UAC. I haven't listened to his Windows podcast in years but he kept talking about turning off the Windows Desktop Manager or whatever it is that hardware accelerates the UI. Madness.
|
# ? Jul 23, 2022 20:20 |
|
I’m sure there was some reason for it but when UAC was first implemented, it popped up constantly. Which was not good, it basically trained users to automatically click through warnings without reading them. Kind of like alarm fatigue in hospitals where they register as white noise to nurses if there are too many
|
# ? Jul 23, 2022 21:30 |
|
Fruits of the sea posted:I’m sure there was some reason for it but when UAC was first implemented, it popped up constantly. Which was not good, it basically trained users to automatically click through warnings without reading them. Kind of like alarm fatigue in hospitals where they register as white noise to nurses if there are too many I remember this. It would go off if you wanted to like.. change your wallpaper. Wasn’t it a Vista thing?
|
# ? Jul 23, 2022 21:38 |
|
Fruits of the sea posted:I’m sure there was some reason for it but when UAC was first implemented, it popped up constantly. Which was not good, it basically trained users to automatically click through warnings without reading them. Kind of like alarm fatigue in hospitals where they register as white noise to nurses if there are too many
|
# ? Jul 23, 2022 21:52 |
|
Yeah part of it was that XP-era software did stupid poo poo like write user data into /Program Files/ which required a UAC elevation under the stricter Vista permission model You still need to UAC to write to Program Files but programs generally don't do it anymore without a good reason
|
# ? Jul 23, 2022 21:55 |
Raygereio posted:It was designed to annoy you. Apparently the idea was that if users got angry as they used software, it would force devs to make their software more secure. After it was introduced, MS did quickly reduce the amount of things that will trigger a UAC prompt. This was great. "Ah yes, our new security features interfere with all your existing software. Go bug the developers like it's their fault. Wait, why are you turning off our wonderful new security features/staying on XP forever?!?" At least now it's tolerable, though I wish I could force specific apps to run withOUT elevation when they do not goddamn need it
|
|
# ? Jul 23, 2022 23:25 |
|
Javid posted:This was great. "Ah yes, our new security features interfere with all your existing software. Go bug the developers like it's their fault. Wait, why are you turning off our wonderful new security features/staying on XP forever?!?" I mean part of the reason it got better is because people stopped saving data in Program Files/etc specifically because it started irritating end users who complained. Not saying it was like a good idea or justifiable, just that I think it did affected it.
|
# ? Jul 24, 2022 02:42 |
|
The main reason the Program Files thing got better is that MS added a feature where attempted writes by non-elevated programs to be redirected to a folder in user/appdata. IIRC that was in 7? Anyways that's why is doesn't pop a UAC anymore. Personally I dislike that feature, because if you have portable type apps you now have a different folder to do backups of if you want to keep your config, and digging through appdata is a PITA. I ended up putting a lot of apps outside of programs files so they stayed, you know, portable. (And I've always installed games to C:\Games, even going back to when program files wasn't protected.) IMO what MS should have done back when they wanted to protect Program Files would have been to make a *new* place to put the Windows components and elevated-run stuff like driver stuff. Leave Program Files unsecure for compatibility, and have the new "Authorized Programs" be the place where you need UAC to install & write.
|
# ? Jul 24, 2022 03:29 |
|
UAC doesn't even default to the safest setting (3 out of 4). I crank that poo poo all the way up. What's the difference between the Local, LocalLow, and Roaming directories in users/<user>/AppData? Looks like each one has different program stuff in it.
|
# ? Jul 24, 2022 18:20 |
|
Roaming is the stuff that would follow you around if you were using a roaming profile in an enterprise environment Local is stuff that doesn't need to be synchronized across machines like cache files LocalLow is like Local but for processes that deliberately lower their own permissions to harden against potential exploits
|
# ? Jul 24, 2022 18:26 |
|
Klyith posted:The main reason the Program Files thing got better is that MS added a feature where attempted writes by non-elevated programs to be redirected to a folder in user/appdata. IIRC that was in 7? Anyways that's why is doesn't pop a UAC anymore. Is this documented? I was pretty sure this was just how developers implement a workaround if something ends up in an unwritable location. Writing directly to Program Files without proper permissions should just fail, and in my experience does.
|
# ? Jul 24, 2022 18:29 |
|
Flagrama posted:Is this documented? I was pretty sure this was just how developers implement a workaround if something ends up in an unwritable location. Writing directly to Program Files without proper permissions should just fail, and in my experience does. They end up writing to User\AppData\Local\VirtualStore. The program doesn't even know what's going on, it's entirely Windows redirecting it.
|
# ? Jul 24, 2022 19:30 |
|
https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc138019(v=msdn.10)?redirectedfrom=MSDN posted:Windows Vista enables these legacy applications to run in standard user accounts through the help of file system and registry namespace virtualization. When an application modifies a system-global location in the file system or registry and that operation fails because access is denied, Windows redirects the operation to a per-user area; when the application reads from a system-global location, Windows first checks for data in the per-user area and, if none is present, permits the read attempt from the global location. That's a pretty limited subset of applications. It was also already present in Vista and not added later. Did they expand the definition of a legacy application later on? With this definition I'm not sure how many you would even run into these days outside of very specific business needs or running ancient software.
|
# ? Jul 24, 2022 20:37 |
|
repiv posted:Yeah part of it was that XP-era software did stupid poo poo like write user data into /Program Files/ which required a UAC elevation under the stricter Vista permission model Perhaps the worst behavior that came out of this was that several apps began to store their entire applications in people's user folders, robbing them of the very protections UAC would provide.
|
# ? Jul 24, 2022 21:15 |
|
shoutout to steam, which instead of adapting to the modern permission system instead just installs a backdoor service which blasts a hole through UAC so they can pretend they're still on XP if you've noticed "steam client service" in services.msc that's what that is
|
# ? Jul 24, 2022 21:19 |
|
|
# ? Jun 11, 2024 01:44 |
|
This keeps popping up and I can't find PGUpd.exe on the computer. Seems like some sketch malware. I only have windows defender but it doesn't find anything.
|
# ? Jul 24, 2022 21:51 |