Store Page
Street Fighter V
All Discussions Screenshots Artwork Broadcasts Videos News Guides Reviews

Street Fighter V

Store Page
View Stats:
Global Achievements
This topic has been locked
LoGicMoTion Sep 23, 2016 @ 5:59am
WARNING: TO ALL SFV PC PLAYERS
FINAL UPDATE
CAPCOM HAS ROLLBACKED THE UPDATE
https://twitter.com/StreetFighter/status/779484129012310016
LET THIS THREAD DIE

If you are playing SFV with this new update stay informed that this update is accessing Kernel levels in your PC.

http://imgur.com/a/AsDy2

I'm not saying you have to stop playing the game no, that is not what i want. I want you to stay vigilant and be aware how deep capcom is into your own Desktop and stay wary. I for one will be uninstalling this game until this is fixed. I really do like the game but I can't have a game asking for Admin rights every time I boot it up.

I own 80 games on steam and none of them do this so this is just a bit sketchy for me stay on guard consumers.
:100:

UPDATE: This is what the Capcom.sys file is doing so be aware

Since this driver is so small, it's also extremely easy to tell what it does. After taking a look, I would never let this product run on my machine.

-The driver first registers itself using a pseudo-randomly generated name. That's kind of suspicious. It also doesn't specify any security, so any user at any privilege level can attempt to open and control the device. That's bad.

-It sets up custom handlers for opening the device object, closing the device object, and performing ioctls on the device object. This is pretty normal, although a driver that didn't set up basic security when creating its device should perform security checks when opening the device. This driver does not.

-The ioctl handler is where everything "interesting" happens. It checks for control codes 0xAA012044 and 0xAA013044, does some buffer size checks, disables data execution protection and then runs the arbitrary code passed in through the ioctl buffer with kernel permissions.

-In short, this driver creates a back door which can allow a non-privileged user to run code with permissions of the kernel.

Courtesy of https://www.reddit.com/r/Games/comments/545cjy/sfvs_new_pc_update_is_accessing_kernel_level_in/

thank you for your work

UPDATE: 2 if you are having trouble finding Capcom.sys follow this guide:

FOR THOSE OF YOU WHO CANNOT SEE THE CAPCOM.SYS FILE IN YOUR SYSTEM32 FOLDER:

You still most likely have the file installed on your system. Despite the fact that I have Windows set to show hidden files and also to allow me to see important system files, I was unable to see "Capcom.sys" in my System32 folder. Given that the file is operating as a driver I used NirSoft's InstalledDriversList to check, and sure enough it was installed and the directory was C:\Windows\System32.

NOW THAT YOU ARE AWARE THAT THE DRIVER CAN STILL BE INSTALLED ON YOUR PC DESPITE YOUR INABILITY TO SEE IT, HERE'S HOW TO GET RID OF IT:

-Open up device manager
-At the top, click "View" and then click "Show hidden devices" in the dropdown menu
-You should now be able to scroll down to the "Non-Plug and Play Drivers" section
-In this section there is a driver called "Capcom". Right-click it and select "Uninstall"
-You will get a prompt to restart your computer. Upon doing so the driver will be gone.

I am using Win 7 x64 and have verified that by using this method any trace of the driver is removed from both the system files, as well as the registry. If this method works consistently for everyone else, I recommend that OP add this to the main post.

Hugh G. Rekshun Thank you for your work
UPDATE 3 Can't find Capcom.sys file this method works for all versions of windows.


-Download and run NirSoft's Installed Drivers List
-Look for the driver labelled "Capcom"
-If it's NOT in the list you don't have it installed and have nothing to worry about (go about your day and don't boot SFV until they fix it)
-If it IS in the list, right-click it and select "Open in regedit"
-Once regedit opens, the driver will already be selected
-Delete it and restart your PC
-Open IDL to confirm that it's been removed

If you ever started Street Fighter V and it asked you for admin privileges and you accepted you will have the Capcom.sys file if not you are golden do not worry.

Capcom has addressed the issue and the rollback is now live and the Capcom.sys is now inert but, I would still advise removing the file from the system completely with the following steps above.

If you believe this thread is missing information for misinformed users please comment below on what needs to be added.
Last edited by LoGicMoTion; Sep 24, 2016 @ 4:08pm
< >
Showing 1-15 of 302 comments
n00bdragon Sep 23, 2016 @ 6:08am 
I'm planning to not play much until there's a mod that can fix this, which should be coming shortly.

Be cautious out there people. General use programs aren't supposed to be playing with that memory area for a reason.
#1
LoGicMoTion Sep 23, 2016 @ 6:11am 
Originally posted by n00bdragon:
I'm planning to not play much until there's a mod that can fix this, which should be coming shortly.

Be cautious out there people. General use programs aren't supposed to be playing with that memory area for a reason.
Exactly, I can't believe multiple people sat down together and thought this was generally a good idea and went through with it.
#2
unclassified (Banned) Sep 23, 2016 @ 6:14am 
what issues can it cause?
#3
LoGicMoTion Sep 23, 2016 @ 6:20am 
Originally posted by unclassified:
what issues can it cause?
On top of the potential vulnerability requiring elevation means people with standard accounts will be unable to play at all.
Microsoft spells out very clearly in its guidelines for game developers that UAC elevation should never be required for the normal execution of a game.
#4
Stationary Traveller Sep 23, 2016 @ 6:25am 
Originally posted by LoGicMoTion®:
Originally posted by unclassified:
what issues can it cause?
On top of the potential vulnerability requiring elevation means people with standard accounts will be unable to play at all.
Microsoft spells out very clearly in its guidelines for game developers that UAC elevation should never be required for the normal execution of a game.
According to other users, the elevation is only required for the first check. After that the game will not run in elevated mode.
#5
LoGicMoTion Sep 23, 2016 @ 6:27am 
Originally posted by Moonmadness:
Originally posted by LoGicMoTion®:
On top of the potential vulnerability requiring elevation means people with standard accounts will be unable to play at all.
Microsoft spells out very clearly in its guidelines for game developers that UAC elevation should never be required for the normal execution of a game.
According to other users, the elevation is only required for the first check. After that the game will not run in elevated mode.
I have my SFV, in my Axis drive which is my A drive and it asked for elevated privileges everytime I start it up
#6
Frank Salazar Sep 23, 2016 @ 6:28am 
pheww!! good thing I can't even run the game!
#7
Stationary Traveller Sep 23, 2016 @ 6:29am 
Originally posted by LoGicMoTion®:
Originally posted by Moonmadness:
According to other users, the elevation is only required for the first check. After that the game will not run in elevated mode.
I have my SFV, in my Axis drive which is my A drive and it asked for elevated privileges everytime I start it up
It does, but then the game actually runs in normal mode.
#8
Crushna_Crai Sep 23, 2016 @ 6:30am 
It asks me ever time I load up. I only have 1 account (which is admid) on my computer with only 1 HDD. No need for it to do it all the time. Should just check once per patch.
#9
Providence 777 Sep 23, 2016 @ 6:37am 
I was never asked to give it admin privlages, could this be a more serious problem if this is the case for me?
#10
Stationary Traveller Sep 23, 2016 @ 6:37am 
Originally posted by Providence 777:
I was never asked to give it admin privlages, could this be a more serious problem if this is the case for me?
You probably disabled UAC.
#11
CreatureXI Sep 23, 2016 @ 6:42am 
No, no... just no. I just uninstalled the game because of this crap and had to remove the capcom.sys file from system32 on my own. This is unacceptable on all levels Capcom. I refuse to install this game again until this issue is fixed.
#12
LoGicMoTion Sep 23, 2016 @ 6:48am 
Originally posted by Moonmadness:
Originally posted by LoGicMoTion®:
On top of the potential vulnerability requiring elevation means people with standard accounts will be unable to play at all.
Microsoft spells out very clearly in its guidelines for game developers that UAC elevation should never be required for the normal execution of a game.
According to other users, the elevation is only required for the first check. After that the game will not run in elevated mode.
Is this working as intended?
http://imgur.com/a/NiOzs

If so I wont be here much longer to support the game
#13
Songhp Sep 23, 2016 @ 6:52am 
My system has been crashed just because this file, capcom.sys
#14
LoGicMoTion Sep 23, 2016 @ 6:54am 
Originally posted by Songhp:
My system has been crashed just because this file, capcom.sys
Yes other users are actually getting BSOD, because of this file look here:
http://i.imgur.com/wu7DeUN.jpg

Its really worse than I thought
#15
< >
Showing 1-15 of 302 comments
Per page: 1530 50

Street Fighter V > General Discussions > Topic Details
Date Posted: Sep 23, 2016 @ 5:59am
Posts: 302

Discussions Rules and Guidelines