|
Morning thread, looking for some advice on a recent incident. I've been trying out Stable Diffusion over the past couple of days. Yesterday evening, several of the models I'd been using on that day were flagged up by Windows Defender as containing a trojan (Trojan:Win32/Sirefef!cfg). I'd only been using those particular models during that afternoon. I deleted the flagged files, did a full scan of everything else (found nothing), and did an offline scan of the computer (found nothing). The scans were done with Windows Defender. I was also thinking of going back to an earlier system restore point. I was a bit surprised to find anything at all, as the models are commonly used and all from legitimate sources (one of the models was downloaded by the Webui client itself). All of them are very widely used and, astonishingly, not just for porn (the Controlnet ones finally give SD enough control that it could be used for architectural sketches and renderings). So a few of a couple of questions: Could this be some kind of cross infection by something I haven't found yet? Do I need to take any further measures than the above? Am I just being silly and these were the notorious "false positives" that I've heard people talking about? The models in question that had files that were flagged were the primary Controlnet models, available from: https://huggingface.co/lllyasviel/ControlNet/tree/main/models And Codeformer, a model designed to fix faces, which was downloaded directly by the Webui installed on the machine when enabled in the settings. The webui is available from: https://github.com/AUTOMATIC1111/stable-diffusion-webui
|
# ¿ Feb 23, 2023 10:26 |
|
|
# ¿ May 11, 2024 07:08 |
|
yoloer420 posted:The detections on the models are almost certainly false positives. Anything malicious is more likely to be in the other components. Thanks for the reply! That's potentially reassuring. I'm never quite sure how to ensure the false positives are actually false positives... I was very careful with the various models I was using, but it's possible the actual interface I was using is suspect? Here's a very angry Reddit poster talking about it: https://www.reddit.com/r/StableDiffusion/comments/y71uyx/invokeai_vs_automatic1111/iss6nw0/ For reference, I was using the automatic1111 webui, which I assumed was safe enough because it was a) popular and b) opensource. However, there's enough Doubt in my mind now that I'll swap over to the more respectable InvokeAI. For all I know this little trojan is bouncing around happily within the Stable Diffusion community, and no-one is squashing it because it's been labelled incorrectly as a false positive.
|
# ¿ Feb 23, 2023 13:03 |
|
XYZAB posted:"Oh, I don't know. He came to my door and told me he does this job for the Canadian Tire on this side of town so I let him in." I feel your pain. I'd be tempted to do a complete reinstall of the entire computer under those circumstances. It sounds like they shouldn't even be let near a computer unsupervised, but how does anyone achieve that...
|
# ¿ May 26, 2023 07:05 |