Help Desk, Game Fixes, and Computer Issues (With Links)

85 posts / 0 new
Last post
SAS_Fluffy
Captain
Captain
SAS_Fluffy's picture
Offline
Last seen: 1 week 2 days ago
Help Desk, Game Fixes, and Computer Issues (With Links)

(2/17/2015) - All links need to be updated to conform with the new site

 

Perusing through the forums I notice we don't have a dedicated thread for this, so here it is!

The goal: To provide a thread for members of the SAS community to ask questions and state concerns regarding PC issues, hardware or software, and provide timely answers to the problem.

 

A few semi-rules:

---------------------

1. Be clear and concise! No one can help you if they can't understand you.

2. Details, details, details! The more detailed it is, the better understanding others and myself can make of the problem. Be sure to include any troubleshooting steps already taken, when it happened, what was going on before it happened; did you install something? Did you delete something? Added new hardware? Removed a piece of hardware? This is all important information to add.

3. No double posts please! I assure you all questions will be dealt with. Please remember that as of now, I am only one person, and can only do so many things at one time. Although, I am sure there are others out there who will contribute answers Wink

4. If given instructions, please edit your original post with the results. This cuts down on excessive back and forth posting. Be sure to include the word EDIT, else it might be uncertain as to what was changed in the post.

5. If your question has already been asked by another and answered; don't ask it again! If the solution does not work for you PM me with the problem, and I will help you sort it.

 

Solutions and Links:

------------------------------------

General System Tweak Guide - MAVEN

SWAT 4 Tweak Guide - MAVEN 

TCP/IP Max Connections 10 fix-Post by SAS_Yogi,

Fix by SAS_Wiz http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=11108

GFX Card Underpowered Fix (Well, kinda a fix lol)-Post by SAS_Master, (kinda)-fix by SAS_Wiz http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=11083

Boot Sector/MBR/MBT Fix-Post by TheRev, fix by yours truly. http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&p=116285&highlight=#116285

Masterserver fix SWAT 4 by MarkMod

Combofix- recommended by SAS_Wiz http://www.bleepingcomputer.com/download/search/?keyword=combofix

Xfire and RvS Incompatibility Fix- Post by Intel fix by SAS_Random and SAS_West http://www.bleepingcomputer.com/download/search/?keyword=combofix Needs updated link

Swat 4 and RvS HD (16:9) Resolution fix- Post by SAS_Keller fix by Spidey01 and Maxim http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=10517&highlight=help

CPU-z Program http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=10517&highlight=help

Few RvS 64-bit Solutions http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=10517&highlight=help

Getting Swat 4 and RvS to run on newer PCs-Post and fix by SAS_Noah http://www.sasclan.org/modules.php?name=Forums&file=viewtopic&t=7452&highlight=help

Can your computer run it?

RvS Lag Tweaks

Athena Sword Sound Problem

Im sure you can point me in the direction of any others to add to the list, DUKE. Ask away! Also, would be nice if this could be potentially stickied for easy access to all.

***Done (added some breaks for a better reading)*** SAS_DUKE Thanks Duke! If anyone comes across a link for a fix, PM it to me, I will review it and add it to the list.

SAS_Capt_Fluffy
Captain

"Let's just wing it" -Fluffy on things we should most definitely not wing
 

MAVEN
Offline
Last seen: 11 years 2 months ago

Fluff to the rescue Biggrin

Excellent thread, fluffy. I'm sure it will help many users who have issues with hardware/software.

Anyway, since hardware is pretty much alien to me, software is my stronger side. So if you have anything to ask about software related issues, ask away and I will see what I can do for you.

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Great post, but it should never be solely on the subject of games.

Lt_Col WIZ,  VC, MiD (Ret)

SAS_Fluffy
Captain
Captain
SAS_Fluffy's picture
Offline
Last seen: 1 week 2 days ago

Great post, but it should never be solely on the subject of games.

I did include software and hardware in the intro there. Also, a few of the posted fixes are not game specific.

SAS_Capt_Fluffy
Captain

"Let's just wing it" -Fluffy on things we should most definitely not wing
 

MAVEN
Offline
Last seen: 11 years 2 months ago

Fluff,

I never bothered about this issue, but one of my test systems resets BIOS each time on bootup. That being said I do set everything back when I start it up, everything works fine for over a year-two now. My guess is that CMOS battery is either dead or too weak, however, this system also has modified hardware (RAM chips, a custom designed fan and several other parts that shouldn't be compatible with this system but are made to work for testing purposes)

What do you think this BIOS reset may actually be and any advice on it?

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

My guess.... Is to check that your CMOS jumper cap is seated correctly and not loose. This can happen quite easily if you slightly bend one of the pins whilst resetting the CMOS. Failing that, for the price of a battery, change it.

Lt_Col WIZ,  VC, MiD (Ret)

MAVEN
Offline
Last seen: 11 years 2 months ago

Interesting. Thanks, Wiz.

One thing though, where do I find the CMOS jumper cap? I know where the battery is though.

Sorry for a noob question :oops:

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

It varies per mobo, but generally speaking this is what you are looking for.....
The little cap that shorts 2 pins of a 3 pin block

IMAGE(http://www.pcbuyerbeware.co.uk/BIOS-CMOS-motherboard-jumper.jpg)

It's always best to check the manual for your mobo though

Lt_Col WIZ,  VC, MiD (Ret)

MAVEN
Offline
Last seen: 11 years 2 months ago

Thanks, I will give it a check when I have more free time.

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Well if your bios is losing its memory, tbh thats where i would look as it is the sole purpose of the battery. But do check if the jumper is doing its job.

Lt_Col WIZ,  VC, MiD (Ret)

SAS_Fluffy
Captain
Captain
SAS_Fluffy's picture
Offline
Last seen: 1 week 2 days ago

As Wiz said, change the CMOS Battery and/or try flashing the BIOS to the latest version.

SAS_Capt_Fluffy
Captain

"Let's just wing it" -Fluffy on things we should most definitely not wing
 

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Yes, i would agree Fluffy, so many have issues due to an outdated BIOS version.

Lt_Col WIZ,  VC, MiD (Ret)

MAVEN
Offline
Last seen: 11 years 2 months ago

Ok, so the jumper is in place, no issues there yet the reset still happens. Which means it's the battery.

The battery is super cheap to buy and it's easy to replace, I might do it soon, however is it safe to leave it like this until I decide to replace the battery? Frankly that test system is old and it's unsafe to mess with the hardware, besides, I use it very rarely and for testing only.

The BIOS is updated to the latest, that's how I made all the custom hardware to work Blum 3

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_Fluffy
Captain
Captain
SAS_Fluffy's picture
Offline
Last seen: 1 week 2 days ago

It was updated when you put the hardware in, is this still the case? You should check.

SAS_Capt_Fluffy
Captain

"Let's just wing it" -Fluffy on things we should most definitely not wing
 

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Also.. Go and spend a dollar on a battery Wink

Lt_Col WIZ,  VC, MiD (Ret)

MAVEN
Offline
Last seen: 11 years 2 months ago

BIOS up to date, jumper cap is properly set, no issues with these, it's simply the CMOS battery.

Money isn't a problem (CMOS battery is actually 0.2 USD even) free time is (I work a lot lately, also feeling lazy to go just for a battery atm )

I will replace it in a day-two though.

Anyway, thanks for your help Smile

Just a suggestion, this thread should be a sticky, it can help many users Wink

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_Master
Regimental Sergeant Major
Regimental Sergeant Major
SAS_Master's picture
Offline
Last seen: 2 years 3 months ago

My netbook has a tendency to switch itself off whenever I'm moving around, if I'm walking downstairs rather rapidly, or if I close the laptop lid and swiftly carry/move it sideways.

I dunno if this is a, uh, protection 'feature' or the battery is a bit loose or something.

And by 'switch it self off', I mean it just pointblank loses all power, no soft shutdown.

Having said that, I have kinda dropped it around the place a bit, so maybe the battery is having a hissy.

SAS_Master - Regimental Sergeant Major

GCHQ

"He's trusting you to do your job which is to clear that corner! Nothing else!"

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

It sounds like the battery is loose, check the clips, failing that, you couldve damaged your mobo by dropping it Wink

Lt_Col WIZ,  VC, MiD (Ret)

SAS_West
Veteran
Veteran
SAS_West's picture
Offline
Last seen: 10 months 2 weeks ago

So I did something dumb yesterday lol... long story short I downloaded a crack for a game so I could play it without my disk. My AV detected it as a virus but I thought nothing of it since most cracks are detected as false positives.

When I hit the .exe file, a window came up with something about Microsoft .NET Framework and I hit continue, then the .exe file disappeared. So the crack didn't work and I'm left to assume it was a virus. Ran a virus scan which came up with nothing, and I haven't noticed anything strange either.

On my next bootup I found a process named .NET Framework running. I killed the process and disabled it through the Startup tab (in the Task Manager) for now. Right clicked it and tried to find the file location, which led me to the AppData/Roaming folder, but I couldn't find the file itself. Nothing in the uninstall programs list either. This wasn't a startup program before, yet my AV came up empty. The crack didn't work though and the file just disappeared after I ran it, so you would have to think it's a virus... any idea what to do next?

[SAS] VET WEST
SQUADRON SERGEANT MAJOR (RET.)
22nd [SAS] E.V.R. - Who Dares Wins

MAVEN
Offline
Last seen: 11 years 2 months ago

Never use cracks for games nowadays.

Most hackers collaborate with big firms like Symantec (I used to work for them, they are the makers of Norton product line) and their viruses don't get detected unless of course you are someone more than average and pay money for your protection.

If you really have to use a cracked exe to evade using discs, use ones from no dvd crack sites (and use with extra precaution).

If an executable is detected as a virus, you better never run it. You can never be sure it's a false positive because let's be real. Big Av companies cannot afford to have false positives in their products, instead they make white/black lists. That's why some rival AV's "conflict" with others and detect eachother as viruses or modern day PUPS(Possibly Unwanted Packaged Software) if some cracks are not viruses but they get detected so it's because your AV's company was paid by game developer to help defeat piracy. Only the new cracker groups on the scenes and specially if the crack is new can in fact infect your system with serious malware.

Most other games would prompt users to install net framework ONLY DURING INSTALLATION PROCESS, which means that it was possibly a fake net framework installation and you got a virus of sorts.

Some viruses cannot be detected, because antiviruses try to certificate each file that you create on your system as safe. Let's say you made a notepad .txt file and renamed it to .exe your AV will read a small fingerprint from the file and if it matches your systems it will treat it as "yellow" which means there's no deep scan necessary for it and the Av will scan only part of the file to speed up regular scans. With this tiny exploit, a crack that was ran on a computer and has malicious code, can CREATE malicious executable and make it seem like you created it on your own system, your AV will automatically assume this file is 'Yellow' because you already ran the executable that created it even though you've been warned, and no deep scan may be performed upon it thus no viruses detected.

Another thing to note is that viruses are extremely stable and clever these days, they can blend themselves deep in the OS and use valid certificates to avoid detection. Sort of like viruses for us humans, if you catch cold then it's your fault, this cold enables viruses to come and mess things up, and without harsher treatment those wouldn't go away.

So what to do?

Let's start with this. What OS are you running, XP, Vista, W7, W8? Which bit version?

If you don't want to wait, then take these precautions (At your own risk):

-Google file names, directories of the file or manually scan it online then see what pops up.
-Under Control Panel, find Administrative tools (XP default) and find Services applet, run it and find the culpritor (The exe you spotted popping up recently) and stop then disable it. Use extra precaution with this applet and don't touch anything if unsure as it may render your system bonkers.
-Check Services/Registry for these entries (.NET Runtime Optimization Service) and (Microsoft .NET Framework NGEN) with both file names and extensions being mscorsvw.exe (This is the only valid .NET framework that should be running but is safe to disable) and this file being located in this dir usually (C:\Windows\microsoft.net\framework\VERSIONNUMBER\mscorsvw.exe) The names and locations may vary from OSes, that's why I need to know your OS to be able to tell you more.
-Use firewall and blacklist the executable that is running as .net framework on your system, this way it won't be able to make connections and thus update itself or steal your data if it's a malware. I suggest Comodo Firewall for this task as it can automatically monitor not only connections this file can make but also if it makes other files, makes new registry writes etc, you can be notified and even control it fully, in extreme cases you can incapacitate the file completely with firewall alone rendering the infected file useless and incapable of performing actions.

Report back in, and ask questions if you have any.

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Or you could just use combofix Wink

Lt_Col WIZ,  VC, MiD (Ret)

Raptor
Raptor's picture
Offline
Last seen: 2 years 11 months ago

First thing: don't panic!
Keep a cool head. The precautions Maven posted above are good.
But remember that most cracks are false positive. The fact that the crack doesn't work and shows weird messages doesn't mean necessarily that it is malware. And even if it's something evil, overreactions are rarly helpful.
Ofc you need to take care of the problem somehow. But I saw already too many people who caused serious damage while trying desperately to fix a problem (and sometimes a really easy one...).

SAS_MM18
Lance Corporal
Lance Corporal
SAS_MM18's picture
Offline
Last seen: 3 weeks 1 day ago

Perhaps running the Microsoft Safety Scanner might pinpoint your problem, if there's any. You can find it online.

MAVEN
Offline
Last seen: 11 years 2 months ago

Modern day infections don't really cause hardware and software instability, whatsoever some even boost this for their own use. What modern malware does is steal your sensitive data.

That being said, if you have nothing worth stealing you wont suffer any serious damage once you get infected. :roll:

Speed, Precision, Experience, Endurance. General System Tweak Guide

SAS_West
Veteran
Veteran
SAS_West's picture
Offline
Last seen: 10 months 2 weeks ago

Thanks for the fast response guys!

@Maven - Thanks for the advice! I'm on Windows 8 64-bit. It seems disabling the process from Startup prevents it from running now, and I haven't gotten any suspicious login alerts, so I will take my time as you guys have advised. I have to say it was quite naive of me to assume it was a false positive lol...

Here's the AV analysis of the .exe: https://www.virustotal.com/en/file/75633858159fa1f17d894f333f739405b260d6358a43746627c86dc6dabd3a8f/analysis/1362441147/

I tried googling "putty.exe" but couldn't seem to find anything that definitively labeled it as a virus. There's nothing so far that would lead me to thinking it's a virus other than the .exe disappearing after I launched it, which after some googling seemed to point towards malware.

The weird thing is when I click Open File Location for the process in the Task Manager, I'm led to a directory with a bunch of folders. Nothing highlighted and nothing when I show hidden items either. Not sure if it's in one of the folders and I'm just not finding it or it's purposefully misleading me.

[SAS] VET WEST
SQUADRON SERGEANT MAJOR (RET.)
22nd [SAS] E.V.R. - Who Dares Wins

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

putty is not a virus, its a remote connection tool.

Lt_Col WIZ,  VC, MiD (Ret)

SAS_West
Veteran
Veteran
SAS_West's picture
Offline
Last seen: 10 months 2 weeks ago

Yep that's what I found as well.

I should add though that the circumstances also point towards malware. The DL link was posted by some rando (whom I guess was a bot or a hacked account), and it was a crack that was assumed to be nonexistent. It looked legit to me so I launched it.

It just seems fishy, of course I'm far from knowledgeable on this stuff.

[SAS] VET WEST
SQUADRON SERGEANT MAJOR (RET.)
22nd [SAS] E.V.R. - Who Dares Wins

Raptor
Raptor's picture
Offline
Last seen: 2 years 11 months ago

Nothing highlighted and nothing when I show hidden items either.

Not sure about Win8, but Vista and Win7 also hide system files per default (a different option than "normal" hide).

Did you run the suspicious exe with admin permissions?

And why exactly have you googled putty? As Wiz already said it's a connection tool, I'm also using it.

SAS_West
Veteran
Veteran
SAS_West's picture
Offline
Last seen: 10 months 2 weeks ago

Don't think so, or at least the Windows security window didn't pop up asking me to hit Allow or anything.

And about putty.exe (from the online AV file scan):

FileOS...................: Win32
MIMEType.................: application/octet-stream
LegalCopyright...........: Copyright Microsoft 2012
FileVersion..............: 5.0.0.0
TimeStamp................: 2013:02:07 19:11:32+00:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: putty.exe
ProductVersion...........: 1.0.0.0
FileDescription..........: .NET Framework
OSVersion................: 4.0
OriginalFilename.........: putty.exe
Subsystem................: Windows GUI
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Microsoft
CodeSize.................: 680448
ProductName..............: Update Application
ProductVersionNumber.....: 4.3.0.0
EntryPoint...............: 0xa81be
ObjectFileType...........: Executable application
AssemblyVersion..........: 4.3.0.0

File names (max. 25)
FM13 CrackFix v1.exe
putty.exe

[SAS] VET WEST
SQUADRON SERGEANT MAJOR (RET.)
22nd [SAS] E.V.R. - Who Dares Wins

SAS_WIZ
Veteran
Veteran
Offline
Last seen: 4 weeks 9 hours ago

Maybe Maven can shed some light on that report but i'm running putty version .061

Lt_Col WIZ,  VC, MiD (Ret)

MAVEN
Offline
Last seen: 11 years 2 months ago

Ok, from what you've reported it appears that along the crack you also got infected installation of a legitimate installer (.net framework updater in your case) Hackers exploit this as much they can.

Your crack/installer is from 2013, which is fresh enough for any viruses that are slipped into the installer to go undetected.

I agree about the putty.exe and from experience I know that this exact application was abused by hackers many times (seems it still does)

However the last time Microsoft released a 4.0 64 bit update for .net framework was around january not february like the report you posted says. Another thing to note is PE type, it says PE32 which is suspicious because you are running on an 64bit OS. In a way, if this executable was indeed infected, it may happen it managed to run itself on startup but fail to do anything else because of 32/64 bit interface difference, hence 64 bit systems are a bit safer to use. Another interesting bit of info is ProductVersion...........: 1.0.0.0 which is just odd. Even the online virus scan found a virus in over 20 out of 50 cases, which is more than enough to conclude its a virus. Microsoft's tools are legitimate, have legitimate certificates and AV scanners use these to whitelist the files, so, there should be zero results from the scan or if any at least just 1-2 reported but still legitimate.

If you've disabled the service of the problematic executable that can fix the problem only temporarily, because if the infected exe can find a way to enable itself (usually via svchost.exe) the problems will resume. So what you have to do is either make a list of those files folders and subfolders with all files inside or take a screenshot. This way it can be checked if the folders were created by legitimate software or not.

I remember a half a year ago I got one of my systems infected with PUPS software, the installer (downloader from cnet which was infected by uploader) dropped Ticno bundle which once installed ran itself on startup, dropped random ads windows and so on, files didn't want to delete themselves even with Spybot or nCleaners file shredders nor did AV's detect anything. The way I got rid of it was disabled the sttartup services it used, removed them from registry, used my firewalls file browser and deleted the troubling executables from there (ticno_m.exe and homepage.exe) then removed all files and registry keys associated with it. After a soft restart things were back in normal again and the infection was gone. Later I discovered online that nobody actually knew how to remove this PUPS, although it was a rare case when someone got infected with it as it's an old exploit.

In your case it appears you got a virus but that the virus was made for 32bit systems and perhaps not WIN8 even, if this is the case then you are safe. This makes more sense because once you disabled the service parameter the service (exe) didn't run again which tells the executable was unable to start itself again. Viruses often use 2 executable instances to secure one another, for example if you disable a startup parameter for one the other would check registry and write it back again, or if you ended process of one executable another would start it up, and vice versa.

All you need to do now is to monitor your internet connectivity for suspicious traffic, report back in with folders/files info so we cn determine are those made by a virus or legitimate installer and either remove the folders/files safely (if it's made by a virus) or let it be as it is (if those are made by legitimate net framework installer)

On XP, Vista and W7 .NET framework's installer creates an invisible (you can't see it even if you enable invisibility files to be on) folder usually in root directory of C or D and gives random letters and numbers name to it, in that folder all installer files can be found and only one or two extra folders. This folder is self-deleted once the installation is complete. Windows Updates uses similar approach. I don't know how W8 handles these installers though.

Anyway, it's a good advice to never use installers that come with cracks, instead, if your really need something installed (PhysX, .NEt framework, Flash, Java, etc) go online and find the version that your game requires, install this manually and only then use the cracked exe (Although using cracks is not adviced at all) If you don't want to use a DVD disc to be able to play your game, you can use an emulation tool and mount fake DVD ISO copies via this tool, this way your game will think your disc is inside of your reader and you will be able to play your game without even cracking the game. Some developers/companies allow legal use use of ISO emulation, others don't.

Speed, Precision, Experience, Endurance. General System Tweak Guide

Pages