BitCoin miner investigation and removal

This thread is from 2014 but is one of the more technical exploration threads on the forums.  With the recent surge of browser bitcoin miners, I figure a re-look at botnet miners makes for good reading.

Botnet Removal Overview

This thread is an overview on how to detect, identify and remove a botnet infection. This is merely one example of such an infection. Honestly the main reason I was able to detect it (before it was added to malware definition databases), is because of it’s aggressive processor use. Bitcoin miners are extremely intense processes, to 98% CPU usage stood out like a sore thumb.

This will be a 5-step & thread process on how I went about checking around and figuring out how this bitcoin miner was operating. There are various ways to go about the same methods, but I am sharing mine, in hopes it helps someone remove similar trash in the future. I will make a post in this thread for each process, to help describe the methods used, and hopefully do so in a clear manner.

Steps used:

As for any infection, you have to be formidably sure you completely removed the infection, otherwise you are waiting for more damage down the road. Do you wish to reinstall the OS, or do you feel confident the exploit has been removed? This question is especially relevant in the business environment. Luckily I saw this on my personal machine, so I could afford more time to debug what was happening and log it.

The attached picture should make more sense as you read each progressive step.

Sample Bitcoin Miner

Suspect and Detect

Tools used:

This is a Windows 7 Ultimate platform, but all versions should have the commands I listed. You will want to download the XVI and Process Explorer utilities, since they are 3rd party applications.

You can use the GUI Task Manager, but some processes can hide from that display. Also be sure to check “show processes from all users” on the Process tab, if using the GUI list. Sorting by CPU and / or Memory usage is a quick means to find anything with a big footprint. Look for anything you do not recognize. If you are not familiar with standard processes on your machine, search online to find what each process is normally used for. However do not simply assume all standard sounding services and processes are legit.

In this case, MSDT.exe was running. Typically this is a Microsoft diagnostic tool, however that was not the case this time. Using 98% CPU, this program was actually a bitcoin miner and was not an actual microsoft utility. Trying not to jump ahead too much, verifying the path this was running from, validated my suspicion.


In the GUI (Graphical User Interface) Task List, you can right click a process and say Open Location This is where I found this executable, as well as 2 other related files.

  • atieclx.vbs (Service spawning vbs code)
  • aticlx.exe (Command and control server, from what I could tell of hex edit)
  • RAVClp86.exe (Communications portion associated with Command and Control server)
  • Network TrafficThis step what a 2-fold operation.Step 01:Closing all web browsers, email clients and the like, I ran the following command.

    netstat -o > C:\2014-06-08_PortList.log

    Everything on the left of the “>” operator displays the open ports in a command window. The “>” operator and file path, saved the results to the filename located on the root of my C: drive. This works with many to all DOS / command line commands and is advised for archiving sake. Open the text file for your results. Look for funky results.

    In this case, I found the following IP (replace letter ‘o’ with number 0 for the IP address. 2o8.94.24o.162:4768

    After the ‘:’ would be the port it was running on. A PID will also display for open ports in the netstat output.

    Step 02:

    Checking Process Explorer for processes running open network traffic. Since I had my Suspect process list of 4, I went to right-clicking one of them and clicking the TCP/IP Tab. Please notice the other 2 items appeared to be spawned via a wscript.exe process. Note that RavClp86.exe was still there as well.

    (Process Explorer image attached to this post)

    Process Details via ProcessExplorer

    PID to Process Explorer mapping

    Similar to the above Netstat command, I wanted to log my running processes to a flat-file for archiving and review.

    tasklist > C:\2014-06-08_ProcessList.log

    Of particular relevance is the ‘Image name’ and ‘PID’ (Process ID). The PID is going to be used in correlation to your Process Explorer investigation. When using Taskkill, you will also know if a process restarted, by it having a new PID. Speaking of TaskKill, here is how you run that command, by entering said PID for the program in question.

    taskkill /pid 3916

    3916 being the PID for the process explorer screenshot in my prior post. You need to substitute this with the relevant PID on your local machine.

    However, simply killing the processes is not enough. As I will cover in the next post.

    Service, Payload and Command and Control targeting

    OK. So far we have a list of 4 deviant processes, but not much clearly established on how they are operating. This point (or actually earlier as well) is a great time to get XVI going. We want to peek at the flagged executables to see if anything telling is occurring.

    (XVI Hex Edit of RavCLP86.exe pictured)

    Hex Display 03

    In this image, we see some Port communications in a seemingly innocuous local file name. Considering this is running in a profile folder, it is indeed not innocent a process at all. From what I can tell, this (in conjunction with Aticlx.exe) process is the Command and Control portion of this application. It also handles being spawned from the .vbs file in the same folder. When any of the other files are removed, this process will re-write them back out and reload them into a running state.

    Here are the contents of the aticlx.vbs. This (Aticlx.exe) would be a normal process… if I owned an ATI graphics card, and if it were not running from the shady profile folder. That is until we see what this file is doing.

    Hex Display 04
    Set objSh = CreateObject("WScript.Shell")objSh.Run "C:\Windows\Service\Profiles\Local\Service\AppData\Roaming\Microsoft\Windows\Templates\atieclx.exe", 0

    So this Service runs to keep Aticlx.exe running. This is the core C&C of the exploit. Respawning the sub-processes as described above. The Service mode running enables the executable to restart, upon termination. Helpful in the event of a user killing the process, and also if there is a code update via the infection botnet. They would want it to be remotely killed, updated and restarted in some instances.

    Potential Removal

    Notice the Potential wording. This will be a case by case basis, where you assume to have tracked down all sub-threads and related infection vectors. If someone had access to your machine, it is a very good assumption that another possible infection method was added. So explore heavily.

    In this case, I would TaskKill, use Process Explorer, and monitor the output folder of these programs. In the case of TaskKill and deleting the infected files, they just came right back. Continuing, I played around until I noticed what .exe respawned the purged files. Aticlx.exe, IIRC.

    To temporary mitigate this, I made a blank text file, then renamed it as the target file. Once the service spawner was prevented from making it’s related protective .exe files, I was then able to stop and prevent the main process from spawning new copies.

    For historic reporting, I renamed the original files to a non-exe filename. Thus preventing them from running, yet keeping a copy for detection and analysis. As I said, this is why you have to judge heavily if you indeed removed the infection. In my case, I was able to run a benchmark to see vastly improved performance. Slower system performance was the tip of the hat, that lead me to investigate this in the first place.

    RATs (Remote Access Trojans) have a nearly invisible footprint compared to a Bitcoin miner, so you will be vastly looking harder for those level infections. I have heard the command line Tasklist shows hidden processes that can be masked in your task manager, but nothing is foolproof. The effort to remove malware and exploits from a machine will always be an uphill battle. Hopefully this guide made enough sense to help anyone new to removing these infections. Also it would be nice if it helped any veterans remove these infections as well, since some of this process may not be traditional malware removal.

    Most of all, let this show you how limited signature based detection systems are. MalwareBytes did start finding this infection (PUP.optional.PrimeMiner) sometime around January 2014 or so. However I am not so sure it also removes the subsequent processes associated with it.


Post archive back

As you may notice, I rolled back to WordPress.  Many of the hardware threads have been posted here, from the forums.  This page focuses on hardware and computing topics from the forums, while will cover gaming with anything else included.

I will back fill some interesting threads from this year as well, since all the content comes from the forums, then gets posted here on these front pages.

Thanks for visiting!


Desktop Window Managers

I enjoy using multiple operating systems. I love Linux for performance but I have to say most of the window managers are nowhere near Windows or OS X in terms of control and keyboard shortcut operations. This is very rant filled of an opinion, as I do quite a bot of text editing work and am a huge user of Ctrl+Tab and Ctrl+Shift+Tab to navigate between multiple open windows. If may seem minor, but when editing multiple bash scripts, having to select your other window with the mouse instead of jumping tabs by keyboard… is clunky.

I guess the burden of choice also leads to an inconsistent UX in Linux distros. I would say we should step back and know that this is a limiting factor to having people fully switch from Windows or Mac OS. That stuff really matters over time on your day-to-day computer usage. Personally, I tend to manage my Linux installs over SSH from a Windows box, or occasionally a Mac as well. Hopefully this comes to become a little cleaner an operation on some Nix ditros, but as I mentioned, it’s difficult to get everyone to agree. One person’s issue is another person’s workflow to it working as intended.

This rant came up encoding videos, where my bash scripts were not simply a Ctrl+Tab, followed by a Ctrl+R to replace strings for the next output. When you are grinding out the repetitious stuff, shortcuts are helpful and can lead to better automation too. Depends on what you are up to, but the emphasis on a clean UX, is what gets people to invest (mentally and emotionally) to your platform.


Pi-Hole config guide

Pi Rasperry Pi-Hole config quide:
Howdy and welcome to another thread.  I have a history of not being a fan of advertisements and do not run those banners on this site.  Besides a security concern, I think advertisement gets really creepy online.
Pi-Hole is an Operating System with dns capabilties and use of adblocking lists.  The added benefit of the request being denied even without plugin-based web browsing, is pretty handy.

Before you install, be sure if you are using a RaspberryPi or whatever device, that your user password is one of your own.  You do not want to go default with your LAN traffic.  If you wanna log a fun time, you can use one of these for short-term logging a little CTF monitoring style.  Logs are configured to purge after a few days on your standard Pi-Hole install. Please be sure to update your OS image with latest patches via said package manager.  In my case I set the primary network connection to a static address.  I have the service connection IP address details to use the actual router as DNS server.  Since all your other network DNS will be set to the fixed IP Address you bound to your Pi-Hole installed device.
SSH is likely disabled.  I like to administer my SSH session by serial to usb in the case of my Raspberry Pi installs.

Follow the install guide and advisory on their site about the bash | pipe install.  Quick comes at a trade off when you do not review the install process part for part.  If you go for the easy install and read the disclaimer, you can run the single line install:

curl -sSL | bash

This thread is for administering and keeping yours updated, as with my configuration I ran into update issues using just the one connection.  Details ahead cover enabling a second connection to fetch updates, since you will have the primary network connection with a set IP address that handles DNS requests handed off from your router / main DNS device on your network.

To do updates to the OS and Pi-Hole local web services device / OS, I disable the service network connection to resolve conflicts of web requests to get out locally.  All the LAN clients will be fine getting pages.  In this case, I suspect the localhost calls in the Pi-Hole logs relate to my network layout and the device being bound to serve back to itself.  When logged into the [deviceIP]/admin configuration page I would also get failures to resolve list update servers.

Having plugged in a second USB NIC or using Wireless as an update connection, I ran the following commands to handle my network adapters.  Turning off the static address service NIC. In most cases likely eth0 as shown below

sudo ifconfig eth0 down

Do some pings and the like to see they should now resolve.  Do your updates etc for the OS.  In my case, Raspbian on a Pi 3.

Once those finish, load up the Web Admin panel for your Pi-hole install. Get your ip address for the active network connection with:


Connect to that IP address in a web browser and add ‘/admin’ into the address bar at the end of the IP Address without the quotes around the path.

Login with your admin password to the admin panel and you should now be able to see updates are pending.  You need to start with the FTL update.  To do this, return to your SSH session.  As I mentioned I am working with serial over USB, but you can enable SSH over network if you so desire.  One more service for a network heavy component, so choose of your own accord in concern to security to conveinence.
On that SSH console, run:

pihole -up

Wait for the updater to get and deploy the new FTL version.  You will likely also be treated to the Web Interface and Pi-Hole version also being to current revisions.  Great!  Almost updated and running live AdBlocking again.
Still on your console, seeing the update completed you want to turn back on the main network connection we disabled for updating.

sudo ifconfig eth0 up

Overviewing network setup above:
Main Internet router will be your DNS server on the Pi-Hole device.  Manually set client DNS or change your DHCP server to set client DNS to the static address of your Pi-Hole install. ( default-ish router)  Check your current IP config to get details if you do not know current network base configuration.
On the Pi-Hole install, set the primary network adapter to an address in that subnet (say  Make sure DHCP server /or/ router will not also try to assign that address in it’s pool.  The Pi-Hole DNS primary will be set to your local router (as above default-ish router

I hope to have avoided huge gaps or inflected confusion in this thread. Jolly adblocking.  Even if you like making money from it, you have to know it is a vulnerable vector and kind of a shaky market.  I’m not here to tell you what to do, I’m sharing details to help block them on places that run them without respect to visitors.


Community resources and projects

I want this to be short, yet more detailed than a tweet or lost in a string of them. I have to say there is an issue with contributing to a public project, that is when you are eternally expected to maintain said thing. Especially with no compensation or expectation of support timeline. I know that can sound rude, but the context I am especially honing in on, is stuff like game mods or application support by a person or community, that the OEM / vendor ignored.

There comes a point when if you want to improve something or add features to it, you need to roll up your sleeves and figure it out yourself, instead of ranting on reddit for someone who did a kind deed of the original contribution, to somehow become the permanent dev to your whim. This applies to games as well, because it seems like smaller developers get bombarded with this syndrome, while a major game studio just gets a shrug and ‘oh that’s the best we will get from them’ replies from the same people making outlandish demands from the smaller developers and studios.

Sharing another story, I know a person who wrote a Gamefaqs guide and still had people emailing for intricate details about a thing, 9 years later. I’m sorry (but not really sorry), people probably moved onto other projects, especially in that span of time. It seems like if you give a huge effort, you are presumed to own it forever. Don’t get me wrong, kind people do pick up the torch on projects and move forward, but the issue of insane expectations is a real thing.

If you can ask the question and understand the basic of how something works, if you apply some effort into research and working out the problem, you can likely contribute, if not completely solve the issue itself. I feel many people get burnt out trying to contribute to communities for reasons like this. Throwing in a video game trope; when I played Final Fantasy XI heavily, many of the newer members always showed up for the leet boss fights, but were never to be seen or magically went afk, when the core team was farming triggers (items required to actually fight the leet bosses), because the trigger part takes time and does not directly lead to an immediate reward.

That ends my rant. Please be courteous of people who produce content and products to help others. Donate them some loot for good work, if you want to help debugging and giving feature requests, do not write snarky comments about how dumb they are for omitting your favorite feature. Especially because it may already be there, you just didn’t see it or it has another name for that flag option.
I don’t know about you, but working a day job, upkeeping around the home, finding time to spend with friends and family, getting some recreational and sleep, can be a struggle. Especially when day job requires after-hours maintenance. Please be cool to others. If someone is releasing a tool or something cool, remember they are people too, or at least some sort of advanced AI that probably has some feeling registers too.

Let’s try to avoid pushing people to burn out faster. It’s hard enough to avoid without the crowd heckling that can be this social media age. Thanks for reading and visiting :)


Technolust save file

I have been playing VR games and decided to take a plunge into Technolust.  Some of the reviews were hit or miss, but if you actually explore around the game and appreciate all the options and content, you may enjoy it nearly as much as I have and continue to do.  I wanted to start noting how much I enjoy it, as this is why I jumped into repairing a save issue I had.

You can save in the game but I had an issue where each time I loaded the game back up, it looped me to the intro portion, instead of the MURC teleport menu you should see, after having saved your game.  I shared some of this info on the Oculus forums and Steam once I got a fresh file to work with saving.  Quoted below.


Checking my save file, located at:

C:\Users\[username]\AppData\LocalLow\IRIS VIRTUAL REALITY\Technolust 0_9_9_9
I was seeing my save file has a modified date last from Tuesday the 15th, despite my playing later in the week and saving at payphones (and seeing it say saved on the map screen).
In the “save.txt”. Viewing it seems to be largely plain-text. I’ll move it and see if the game making a new copy resolves the save issue.

The contents of my save file look accurate with areas I have been, but I’m confused why it fails to load. It’s almost like there is a borked character in the save file or something. Here is line 01:
ý~Hilltop Score string

Also of note (but not related to the crash) there are some registry values too. These appear to match from my game play.

I moved the flat save file and let the game make a new one.  New file does not have the ý at the start of file.  In-game saving also worked after doing this.  Registry still has my high scores from the arcade.  Game loads to teleport MURC menu instead of intro now.

In this case, I moved a copy of my stuck save file, as it was not working due to that 1st character of ‘ý’ in the save.txt.  Using various text editors showed me varied results in the save.txt.  ConText editor showed me mostly blank space and some of the item strings; Notepad seemed to show everything, but without formatting, and Notepad++ showed me a dump of each parameter and their set flags.
Here are some screen caps from each editor showing the same file, along with the registry keys.

ConText Editor

Notepad (Windows standard text editor)

Notepad++ 02-NotepadPlusSave.png

Registry Keys

Most all of this information is overkill, since I was only a couple of hours in.  To resolve the save issue I copied the broken save file to another folder and deleted it from the save folder.  Once the game made a new file, I was able to save without issue onward.  I had fun checking the save file for stuff I missed but didn’t successfully change any flags for stuff I did not find in-game.  For conversations sake, the registry values match my arcade high scores.  When my new save file was made, simply playing the games I won again, without beating my prior high score, toggled back to my high score, once I interacted with them on the fresh save.
You can migrate your save.txt and registry info to another machine, as I did on my laptop to test that I got all the save data.

If there is any take away from the thread, be sure to check files in multiple editors.  I also messaged the gave dev to say thanks for a rad game.  He noted that encrypting the save file seemed like it would have been contrary to the concept of the game.  Thanks for not doing that, because it was also fun to splunk through the save data and see how it applied to in-game content I encountered.  I’ll recap the start of the thread by saying I really enjoy this game.  Hell it was so good, I was concerned enough to figure out the intro looping issue.  Hopefully you don’t have the same issue, but if you do, it’s relatively easy to fix.


SMB levels and services

Especially over the last few months, the public face of SMBv1 and how it is quite vulnerable, has become a solid talking point. If you have poked around on some Windows Servers and also some Nix file servers, you may have noticed these legacy-era protocols still running. Even if you have a more recent Windows Server Deployment, they tend to have SMB 1 enabled by default.

Oh Lordy. If you have done any nmap scans you may have also noticed there have been notifications about SMB1 for a loooong time. Lucky for us, I would like to think by disabling SMB1, all your existing systems would work. Please note the optimism, because that’s all it is if you do not confirm things still work, after having turned off SMBv1 or for that matter, any service.

Microsoft has a guide using powershell to manage these. Before you go wild, do make sure to note that SMB 2 and 3 are related and enable relevant network features too.

If you still have XP devices connecting to servers (gods save you), you will lose communication when you turn off SMB v1. Another fine reason to finally push and accomplish getting rid of those things. I think cryptolockers scared non-security people enough this year, to give your pitch some viability.

Looking at the PowerShell syntax, Windows 8 and Server 2012 have some really clean powershell cmdlets. On Windows 7, Server 2008, etc, you are essentially changing a registry key on the command line / by script. If you are rolling an Active Directory domain, you can push the SMB 1 disable out over group policy. Once again, pausing to make sure stuff works after you do this, and it would not hurt to test this in waves, as to not cause a huge problem in one fell swoop.

You can also have fun diving into some PCAPs to get a feel for SMB levels in use. You can apply filters to weed out noise from your scan. Keep good notes. I don’t know about you, but when I tell people I’m doing security maintenance, some folks like to come up with some fantasy stories of things they say worked prior. Typically stuff that never worked or something that way decommissioned months prior, not the week of your rollout.

Jolly August. Fall is creeping up :)

Just bumping as a reminder that SMB 1 natively is enabled up to and including Server 2016 test builds. Running the below may shock you in seeing that EnableSMB1Protocol is by default, set to True.

Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

On the Windows 2012 or greater machines, you don’t have to reboot after the change, unlike the older server and workstation machines. To disable SMB1, do up the following, then re-run the check above to verify it’s off.

Set-SmbServerConfiguration -EnableSMB1Protocol $false


Oculus Rift VR

Jack in, it’s cyber-time.  Seriously though if you are still reading, I squeezed on the Rift $399 bundle with touch that went active last week.  I want to describe the experience of moving through a virtual environment and seeing your hands map in that realm, as to in reality, but it’s really something you have to try to get full appreciation of.  I’m going to overview the hours I spent in so far, using Oculus software, enabling SteamVR and also some games and titles.

2017-08-17 Edit:
I wanted to mention Oculus Tray Tool and setting Super Sampling.  I have since upgraded my GPU to a 1080 Ti and am running Super Sampling @ 1.5.  Oculus Tray Toll will also let you disable USB auto power save in one click and also give you access to Visual HUD Overlays / debugging options.  The super sampling really cleans up the image quality to try and mitigate screen door effect / seeing pixels obviously.

Primer here.  You need a computer of comparable performance to drive the display of your Rift headset.  I see a recommended spec of an Intel i5-45xx series processor / CPU and Nvidia 970 or higher for your video card / GPU.  I recently built up an i7-7700k w/ 980 GTX build and it has performed extremely well in VR, without frame rate slowdown.
Your VR headset uses 1 HDMI and 1 USB connection, with the HDMI going directly into your video card.  In my case, I already had my external display on DisplayPort.  As the 980 GTX (and most recent cards from what I have seen) have 1 HDMI and the rest of ports are DisplayPort, you want to make sure your primary monitor is not using that HDMI output on the GPU / Video Card.

Additional hardware setup will be calibrating your spacial sensors, syncing any controllers and of course installing the Oculus software.  Fair warning that Windows 8.1 seems to be the baseline and there are some games that require Windows 10.  I’m on Windows 10 and wanted to warn you in advance, especially if you are still main-lining Windows 7.  Most important of all, you need physical space to play the Rift.
There are a few sitting compatible games I have found, but the more explorational titles are going to need you to have at least a 3 x 3 foot area clear.  From the center of your area, you will need to fully extend your arms to the side without being restricted.  Movement depth is less relevant but also important.  Some titles actually need you to be able to move back significantly far (as in around 7 feel away from the sensors).  I have so far tested in a 3 x 3 area, as I would need to use the living room for the deeper dimensions.  Since I picked up the Rift and Touch combo, I have 2 physical sensors installed.  1 came with the Oculus headset and the other came with the touch sensors.

I mentioned some of the contents but what you can expect to unbox are:

  • 1x Oculus Rift headset
  • 1x Sensor bar.  It looks like a small camera.  I suspect it works off Infrared similar to the Wii and Kinect devices.
  • 1x Xbox One gamepad, USB dongle and extension cable.
  • 1x Oculus remote.
  • 2x AA batteries for the Xbox gamepad.
  • 2x Oculus Touch controllers.
  • 2x AA batteries. 1 for each Touch controller.
  • 1x Oculus sensor

Once you clean up a space for you to move in VR without falling IRL, your first step after trying the tutorials (FYI: you can repeat these @ any time by clicking them in the desktop Oculus application, under your Library tab.), will be to get used to recalibrating center.  This will be most appropriate when changing from standing or sitting play.  In Steam you will get to the system menu by Right controller Menu button.  There you will see a re-center calibration.  If you are sitting, set your height to approx where your head is from the ground.  I find 42 inches (3 ft 6 inches) works well for sitting.  Some of this will need you to interact with Windows desktop for the height adjustment.
If you load SteamVR and are below the ground, you need to change your height settings.
Similarly in Oculus VR, the Right controller Menu button gives you a similar option to re-calibrate center.  For height adjustment in Oculus, you’ll want to go to Settings | Devices | Configure Rift to change your height.  You should be able to pick the re-center option without taking your VR goggles off, as with Steam as well.

Next post will cover some applications run in VR.

Most of these are on both the Steam Store and Oculus Store.  I started in the Oculus store, until I was able to get SteamVR ruining.  To get SteamVR to work you need to click the Gear icon for Settings on the desktop program, then click General.  On this screen, enable the button for Unknown Sources.  Once you do this, SteamVR will be able to interact with the Oculus gear, as before setting this option, Steam will say it cannot find your headset and accessories.

You will need to load SteamVR from your desktop, until or unless you enable the following mod to create a steam icon.  In that guide, you are downloading a VR film, replacing the executable with a batch modified exe that loads SteamVR and also replacing some image files to show the tile in VR.  Hack fun hacking up some custom icons with the info from that guide.  It’s fairly easy to follow and you will then be able to launch SteamVR from within the Oculus VR environment.

I’m starting a little backwards describing my exploration but one of my main objectives was to interact with my desktop OS in VR.  Steam handles this by selecting Desktop when you press the left menu button on a Touch pad.  This will get you back to your actual (likely Windows) OS.  I was browsing the twitter and reading email in VR.  It’s a wild way to have a huge super desktop, while also letting you interact with VR games that launch from Desktop.  Steam has a few of these but I have not encountered any in Oculus VR yet.
Kickass.  Speaking of interacting with my desktop, I also wanted to try to see if I can open and manage files in a 3D realm.  I can indeed open images, movies and music by using AVOlight.Space (Multi-Screen Media Player).  The free download lets you load one screen and puts a watermark on each additional screen you load.  This can be removed by buying the $9.99 DLC content to unlock the program.  Seeing how it worked made it a no-question for me.  This app has slideshow support, music and video controls, image rounding options along with depth perception to toggle zoom and placement of your displays.  If you want to view some files in multiple windows, this is the jam.

Google Earth VR is a free download that allows you to browse Google Maps in 3D.  If you ever switched visual modes and saw the tracking of depth for images, you will certainly see how the landscape is mapped as a rendered world with relative height and depth.  This is pretty impressive to zoom and fly around in, granted I was moderate in controlling well the little I played in it.  There are also area tours you can load up and enjoy, in the event you do not have any good ideas on where to search and visit.  I wonder how restricted areas map.  I’ll let you know on that one, since they are normally blurred out.  Hopefully it doesn’t clip us out of the map.  In this case, I was using the touch controllers as my primary input.  Sitting compatible.

Lucky’s Tale. Included platformer game with some good level design.  Graphics are cutesy like a Spiro-like game.  You have height obstacles world maps that surround you.  I was playing with the Touch controllers but this one appears to be designed for the gamepad / Xbox controller.

Oculus First Contact. This is likely the demo you play upon configuring your Rift.  A very immersive interactive demo.  I was mind blown in there and immediately suggested someone else try it too.  Great demonstration and interactive guide on using Rift and Oculus.  This is also listed in Tutorials as Touch Tutorial Complete.

Oculus Dream Deck. A video demo of a few oculus applications.  Be sure to spin around and enjoy the world map, as the case with anything else you play.

Makebox. A slick pixel editor.  I watched a video of someone giving a tutorial and was sold.  I have to try and make some dank pixel art as well.

Darkness Rollercoaster. Sitting rollercoaster ride.  Cool immersion and depth objects used.

Rick and Morty: Virtual Rick-ality.  Very cool game that is a little difficult but rewarding.  The VR design and implementation is quite good. You may find yourself restricted in a 3×3 foot space but can re-calibrate center to accommodate this.  Crude humor and interesting use of environments.  I have been playing this for a few hours and it is a standing title, as you are doing quite a bit of exploring and reaching down.  I bought it on Steam, largely to test streaming functionality.  I can say the streaming rooms do work in SteamVR.  I finished this tonight in about 5 hours of playtime.
Be warned this game is designed for a Roomscale setup.  That being a deeper area to walk around in.

Oculus Medium. Very robust  image editing and world tool.  You can save and export materials.  Fun object creation and manipulation or a clay-like substance.

Mission ISS. This is a VR space simulator.  You can pivot around the spaceship and enjoy the view.

Blocks by Google. Another image editor in a 3D space.  Easel is your right hand where your drawing tool is the left one.

Preta: Vendetta Vising. This is a dungeon crawler game with multiplayer either coming or available after you complete the chapter 1 missions.  I have an hour or two into this game.  There are 3 character classes to pick from at start and some tutorials that keep you in a level environment.  I was reserved on the quality of until I got to see some of the actual dungeons.  The level design layering and depth is pretty impressive.  Town is pretty close to most MMO-like RPGs.  Quest NPC in Town, Skill up trainer, shops, etc.  You get a bonus for early pre-release stuff but there is also a RMT item system.  That’s a flag for performance down the line on growth. In other words, it may get very grindy of a game to encourage buying into currency boosts.

Sketchbox. VR prototyping platform.  Really cool for prototyping a 3D environment.  I’m going to try and import some 3D videos and do a mock-up environment.  Especially if you want to make a VR application, mock it up in here on the swift.

EVE: Valkyrie .  This is a flying space game.  The controls seemed tight but it was fun for a space shooter.

Sports Bar VR. Standing game that I played last night.  Darts, Air Hockey and Pool are available.  I only played single player but it does feature online and lobbies.

The Climb. Standing game that I played about 2 minutes of due to sitting at the time of night when I tried it.

I will add more info about the last 2 games when I play them in a standing mode.  This is what I got to explore so far.  Some content is free and steam also appears to have some demos on there,  I purchased the following or got them in a sale promo:

  • Rick and Morty: Virtual Rick-ality: $30
  • AVOlight.Space. Free single display.  Unlock multiple for $10
  • EVE: Valkyrie. Free with Summer of Rift Promo.  Typically $40
  • Makebox. $10
  • Preta: Vendetta Rising. $35
  • Darkness Rollercoaster. $2
  • Oculus Adventure Pack: Includes for $70
    The Climb
    Raw Data
    SportsBar VR
    I Expect You To Die
  • Lucky’s Tale. Included with your Rift purchase.I also decided to pickup a 3rd sensor for better tracking when playing roomscale games. This is especially relevant when turning around and away from your desktop / front sensors. Adding the 3rd sensor will wrap you completely in motion tracking. I saw this when playing Rick and Morty and mitigated it using the recalibrate center steam menu option (that also is in the Rift menu).

    I forgot to mention I got the $399 bundle by going to a Best Buy store and getting the Rift and Touch packages.  When rung up at the register, it will be at the Promo rate and you’ll get the Oculus store coupon for your free copy of EVE: Valkyrie on the receipt.  I have heard and seen that Amazon is pending more inventory, so head to a store and grab a kit if you don’t want to wait.  Make sure they actually have ’em in stock, as I got the next-to-last headset last Saturday at a local store.

    I did not see anywhere with the stand-alone sensors in stock so I ordered one from Amazon.  They are also out of stock with no indicated restock date.  I’m looking forward to setting up roomscale with 3 sensors to cover me when I turn around.

    I have about 20 hours in VR so far and I am really enjoying it.  I have been scouring the app stores for interesting free apps to check out too.  Plenty of movies and some games to be found.  Largely you have Oculus store, SteamVR store.  Also a good resource is the Oculus Reddit page.
    If you turn on Spectator mode in Rick and Morty but forget how to disable it, you need to do it from the in-game menu.  Open the entertainment center right cabinet and toggle the switch. :)

    These are items included with your equipment purchase.  EVE being an add-in for the Summer promo.

    • Lucky’s Tale
    • Medium
    • Toybox
    • Quill
    • Dead and Buried
    • Dragon Front
    • Robo Recall
    • Eve: Valkyrie

    There are some good threads for applications and games on the Oculus forums. Medium has some real quality artwork and posts in there to explore.  Lots of artwork to enjoy in this thread.

    I turned off the tracking grid shortly after getting used to how much physical gaming space I had.  Seeing the block grid was wrecking my immersion.  You can turn off the floor grid indicator as well.  You can do these in Oculus VR from the right touch controller settings menu.  I’m guessing this is what people mean by ‘screen door effect’?

    I should have a 3rd sensor hooked up early next week.  2 should be fine for most everything, but if you are playing a roomscale heavy game like Rick and Morty.  I’ll be following this Oculus guide for configuring and placing sensors for roomscale. Edit with 3 sensors hooked up.  It will have you re-run the configuration wizard and welcome tutorial when the 3rd sensor is plugged in.  You really want all 3 of these sensors at the same level height. Otherwise your FOV will be highly skewed to the highest sensor.
    Recalibrate your height to confirm your standing height (or change it to your head from ground while sitting (42 inches / 3 foot 6 inches in my case)).  The avatar editor has a background with a ruler, if you take a selfie from the customize screen.
    To change your standing or sitting height, in the Oculus desktop software, click the Gear | Settings.  Along the left you will see Devices | Configure Rift | Floor Position.  If you are playing a sitting or gamepad game, this may be helpful it adjust your field of vision.

    Respect to the community for tipping me off to running Oculus Tray Tool.  ASW mode will help with performance and you can also disable power-saving for the usb ports to keep your tracking active while playing.  There are some Virtual HUD overlays that are helpful for debugging and performance monitoring.

    Also of note from the forums is that switching to the Beta version of Oculus Home, it will detect your SteamVR titles on launch and add them into the Oculus app.  So you don’t have to side-hack an icon for SteamVR using this method.  Once you load the Steam title, it will pop into your Oculus applications menu.

    Your headset has a microphone and it is on by default.  If you wish to disable this as I did, jump into your Control Panel | Sound.  In your list of Recording devices, right-click on the Rift Audio microphone and select Disable.  If you want to turn it back on, be sure to check the ‘Show disabled devices‘ option so you can see the microphone to re-enable it.

    Speaking of Steam, The Lab is a 15GB or so VR platform you can give a try to.  I played around with it briefly in the lab and some of the other mini-games.  Pause to note your standing height absolutely matters for this, so if you have your Room Config in steam set to a sitting height, you need to change that to your standing height.  This varies from game to game, but is especially dominant on steam from when going from a standing to sitting game.  Oculus seems to better accommodate sitting or standing, without needing to re-adjust your height, but by using the ‘reset app position’ from the main oculus home menu.

    Stand-out applications have to be Google Earth VR.  It’s really wild to see the area topography and be able to fly around in spectator-like mode around the world.
    Dactyl Nightmare has been re-made into Polygon Nightmare.  This is a re-creation that is pretty wild and fun as a single-player bot deathmatch.  You may get ill from the movement, but I played for about 40 frags, enjoying the strafing with my upper body to move around the map.  Both Google Earth VR and Dactyl Nightmare are free apps.
    I have put some hours into Chronos as well.  It’s a good exploration / puzzle game that keeps me drawn in.  The leveling mechanic is interesting and has me getting a little angry when I die for sloppy reasons.  The level exploration is really rewarding in 3D.  Worth the $40 if you ask me.

    In respect to demo’ing VR, people really need to wear the headset.  If you watch the on LCD output, it will be super bland without the depth.  I had my GF try a few things and so far the immersion hit hard with Google Earth VR.  She was off exploring the world, juggling views and continents.

    I have also dabbled in Rock Band VR as a local store had one of the Xbox One guitars in the back.  Apparently those things are going for $90 on Amazon, despite being $40 new if you can find one in stock.  I did chuckle at having to flash the guitar firmware for it to work with RB VR.  It did indeed work and when playing, I was reminded that I am not a rhythmic person.  I only got an hour or two into that game so far.  Considering the price of game ($50) and the Guitar ($40 with Xbox One Rivals Rock Band pack), this is a more costly game to get into.  I have to say the use of the touch and the add-on mount that came with your controllers, is pretty cool with showing the Guitar on your person in VR and the crowd around you.

    Darknet is a puzzle game about hacking computer networks.  It uses a cluster honeycomb design where you pick insertion points for various vulnerabilities to spread to nodes, allowing you to seize the network and obtain root.  Really cool graphical design and addictive gameplay.  A good score for the $10 asking price.

    Thanks for the feedback on your time with it.  I wear glasses of 1.25 or so prescription so that may play a factor in my not being as bothered by the pixelation.  I don’t wear my glasses in VR.  Glad to hear you were able to work a refund out too.

    I saw some people are bumping up the image quality using super sampling (via Oculus Tray Tool), similar to playing FFXI with better looking textures.  A few of the VR games I played have some native graphic options, namely Chronos.  Bumping up that IQ makes a huge difference, as the default in that is definitely a pixel show when you get close to your character.

    I forgot to mention you are right about the length of games for VR.  Many of them seem to be a few hours.  Hopefully the surge of headsets gets more content out there.  I think a big part of the challenge will be quality to performance cost, as top-end video cards and most other PC components to go with the headset, will make the barrier of entry even higher.

    2017-08-04 edit:
    I installed these sensor wall mounts in my play area and the floor and 360 coverage is MUCH better than when I had them on the included posts at desk height.  The linked 3D print, I had to file the diameter wider for the IR camera to fit in, but other than that it works great.  I used the double-sided tape mounts from 3M, as to not wreck the drywall in my apartment.
    Sensors are mounted roughly 6.5 ft from the floor, aiming downward.  This helped full 360 rotation and ground coverage quite well.  My crude diagram of camera placement is:
    |         <- 02            <- 01  |
    |                                        |
    |                                        |
    |                                        |
    |<- Sensor 03                  |

    Sensor 01 is along the wall where my desk is in the corner.
    Sensor 02 is about 5 feet away from the corner sensor.
    Sensor 03 is about 10 feet from the back wall where 01 and 02 are installed and about 6 feet from sensor 2 to the corner of the adjoining wall.
    I have the front 2 sensors lightly at inward angles to the area I stand, with sensor 3 pointing, basically back to my monitor between sensor 01 and 02.  This also passed my Rick and Morty floor grab test, vastly better than the prior desk height mounts.

    I just received my prescription WIDMOvr lenses last night and have been playing every other night on average.  The glasses insert is excellent.  Great quality lenses that match my glasses prescription, the frame insert fits well into the stock Rift face guard and the elastic for the rift cover also helps keep the lenses in place.  There is room between the rift lenses and the inserted prescription so you do not have to worry about scratching.  I tried using the rift with my normal glasses but did not go that route because of tight removal and scratch threat.  I can still see but my clarity is better with my prescription, for point of reference.

    I also picked up a 3 ft usb and hdmi extension cables.  The HDMi cable is an Insignia brand extension from a local BestBuy, that I found in the television section.  I went with an Amazon basics 3 foot usb3 extension as many people referenced it for working well.  I had some issues getting audio to play consistently over the extensions on my desktop, but then I added an Inateck Superspeed 4 Ports PCI-E to USB 3.0 Expansion Card as I saw some Oculus folks on reddit talk about the sensors and headset eating up much of the USB bus bandwidth.  I do have to say, my extension issue went away installing this card and putting 2 of my 3 sensors on it, with the Rift HMD hooked to the USB on my motherboard.

    Besides hardware I have been playing some games.  Also a fun program is Bigscreen.  It’s comparable to Desktop mode when running Steam but I think it has better touch button binds.  I find it very nice for interacting with my desktop windows, while still in VR.  Right-click, Left-click, mouse cursor and scrolling are all done on either hand.  You can hat-press to remove the login screen when you load the program up.

    Face Your Fears is a free program that has 2 doors to cinematic experiences.  The city door is pretty intense, while the haunted house door… is pretty damn freaky.  I was suggested to check this out by a friend and we were both scared af by the haunted house.  Lol, you might not want to let kids try this one, because it’s damn creepy or I’m just a pansy. :p  Sitting or standing experience, granted you are really just spectating and adjusting your head to view the area you are in.

    Batman Arkham VR gets review beef for being a short experience, but take note is is also a great one.  The quality of graphics, tools and interaction is top notch.  If you want to see a viable peek into what a full VR game done with high production value looks like, this is one to buy.  It has replay content for re-doing the story and I was well embracing the story it presented and some of the easter egg content.  It’s $20 but looking at the extent of the content, I feel it is worth the asking price.  If you enjoyed previous RockSteady Batman titles, this will show you the new shit coming down the pipes.  This supports sitting and standing play, but lends better to standing play.

    Technolust: Extended Format is a game you can blast through but you will certainly miss most of the relevant story and not have explored the world or options.  I got 20+ hours out of this easily.  It has mini-games too, but the interactions and narrative that go with the in-world are what are to be best enjoyed.  This is an older game (haha so that means 2016 in VR terms) that has touch support added.  Most of your aiming is actually done with your head instead of the gamepad / touch controllers.  I’m on board with any more content released by this team.  Easily one of my best purchases.  Works well for sitting or standing exploration.

    Windlands is something I saw mentioned as a game to try.  It also has a ‘Buy it on steam and you will get an Oculus key’ feature through their website.  I want to pause and say between the 2 stores, if you have an oculus, play the Oculus store version.  The controller config is more likely to be optimized for that platform, as is the case with Wildlands on Steam being configured for a Vive and the Oculus Home version being configured for touch.  There is an option for some games on Steam to ‘launch in home mode’, but this is not the current standard.
    Back to this game, it is an exploration via grappling hook traversal.  The areas are well done to have you figure out what route currently looks viable and how you are going to use your grappling hooks and jumping to obtain the objects on the world map.  Very solid and good looking game.  Plenty of control options between sitting and standing play.

    Nature Treks VR is a collection of area environments.  Woods, underwater and other outdoor areas.  This experience is pretty demanding on your computer, since it renders the entire stage area and surrounding creatures.  Looks very cool to relax in and explore.  You can use locomotion or teleport transportation.  You can plant extra trees and stuff too.

    Serious Sam: The Last Hope is a stationary shooter.  If you played the other games, the enemies and stages will look familiar.  Main take-away being you stay in place and shoot away hordes of monsters until you get to the world boss fight.

    Rez: Infinite is a VR shooter with music note and scoring to your attacks.  It’s a fairly short adventure but it’s done well and has some extra modes as well.  The presentation and levels to boss fights are done well. $20 for this game.  Both standing and sitting supported, as you move by controller and look by head rotation.

    Mountain Goat Mountain is a free game that is simple but fun.  Kind of like a Q-bert game to traverse the map, eat food and score coins.

    I’m looking forward to jumping into some more VR stuff this weekend.  I played a little more Preta: Vendetta Rising after they dropped the price and removed some of the RMT content.  I am currently on mission 5 on chapter 1 but I’m not riveted by it so far.
    I picked up a puzzle game called Dimensional for $5.  One can only play so many gun shooters, both regular and VR wise.  I am also going to try out Karnage Chronicles this weekend.  It sounds like an impressive hack-n-slash game.  I grabbed it on Steam, since it’s not yet on the Oculus store.  checking the steam forums, it should detect and work with the oculus fine / find the controllers as touch instead of the vive wands.

    Nov 14th:
    I took a break from VR, largely due to playing Nintendo Switch games. I also played Karnage Chronicles and got really VR sick, like terrible headaches and all. I know some people claim to be immune to vr / motion sickness, but wow, hacking and slashing in a dungeon wrecked me with locomotion controls.

    I visited my friend and his kids a few weeks ago and did a VR demo. They loved it, especially the older teen, as he is a huge pc gamer. I’m going to hook my gear back up this week and jump back in. I still have some ideas I want to try for creating some content, but in the mean time I’m also excited to try Obduction, from the Myst creator team. I also started Edge of Nowhere and should continue that tomb raider-like platformer.
    Windlands is actually pretty fun but I got stuck within maybe an hour. Short of the issue of knowing where to proceed, it is quite fun grappling around the world map.

    I may pickup Doom VFR but I want to see how it is received and if it gets actual oculus support. I’m thinking I’ll pickup Skyrim again but on the Switch, since it’s a huge game and being able to play it in tablet mode will make it more accessible over time. According to steam, I dropped 202 hours on the PC edition (Level 37 and surely some idle time with the game running). It looks like I played the Dawnguard expansion too.

    Jumping back to VR, I played .Hack in BigScreen. Wild with the giant screen and the map being in the top right of my full view pane.

    If you recently have terrible tracking jank or lag with your head movement tracking, may I suggest updating nvidia drivers. Especially 388.13 in my case. I do note that I had a 3D vision driver installed as well, that I removed before upgrading to 388.31 edition drivers.

    Since I do not use the 3D capabilities I try to uncheck the install via Custom Installation. I’m not a user of Nvidia Experience either and manually put new ones (drivers) in fairly often. I was going raw on troubleshooting by switching cables and distributing across USB controllers, but the driver conditions above fixed me back up.

    My issue was especially visible on the Oculus home menu. My tracking sensor locations were similar to prior sessions this week. I was happy to weed it down to a driver factor after a little ghost hunting on the troubleshooting.

    If you think Windows 10 is noisy, you should enjoy the connections your PC will make to I Blacklisted that for a few minutes to notice none of the store content displayed. I could still view and load my library though.


Corsair Hydro Coolers and Fan Headers

This is kind of an odd issue, as the documentation for Corsair Hydro coolers will tell you to plug the power into the CPU header on your motherboard.  Having build a new machine recently, I see newer Asus board have a dedicated Pump header.  I like these coolers as they work well and cost less than custom copper water blocks.  The point of this thread however, is for older boards like the Asus Hero VII I had prior.

You want to disable the Q-fan options in your BIOS, as otherwise it will limit the pump output and not cool properly.  For the Windows users, there is a Corsair Link application that will show you the pump rpm.  In the case of a H80i cooler, this is typically running at 3200 rpm when set to the Performance preset.
Default will be around 1900 rpm with the balanced setting.  So long as you are not running in an extremely hot room, that preset should be fine.
In your BIOS, check the following tree: Monitor | Fan Speed Monitoring | Fan Speed Control.
Set those to disabled and you should be good to go.  Also under those settings, disabling the fan controls can prevent the CPU fan error on boot.

For item’s sake, I am using a H115i on this i7-7700k and was previously using an H80i with the i5-4690k.  On the i5-4690k setup after a BIOS flash, the fan settings were reverted and I was feeling significant heat buildup in the top tube coming off the CPU back to the radiator.  Temps were also quite high.  Fixing the Qfan settings resolved the nasty temps on the rebuild.


Core i7-7700k build

Welcome to another PC Build thread.  I have been on an i7-7700k desktop for a week and some change.  In the last few builds I seem to be on a 2 to 3 year rotation, largely because I know people who could use computers and my custom builds would smoke a retail setup while also having good cooling layouts.  Fancy means to say the equipment should run for a long time.

Current edition kit is:

  • Processor / CPU:
    Intel i7-7700k
  • Motherboard:
    Asus Hero IX Z270
  • Memory:
    32 GB Corsair DDR4 3000 MHz LED RAM
  • Primary OS on a Samsung 860 Pro M.2 NVMe SSD
  • Power Supply:
    Corsair 850w PSU
  • Cooler:
    Corsair H115i CPU Cooler
  • Case:
    Corsair Obsidian 750D Airflow
  • Video Card / GPU:
    Asus Strix 980 GTX (Gen 1 – Non Ti)

I kept storage, graphics card, power supply from the previous build.  I have so far put together some benchmarks from Final Fantasy XIV tools, 3D Mark products, and ran some GTA V and Watch Dogs 2 for comparison.
The short hand is that, each of the FFXIV Benchmarks gave about 1000 points higher of a score.  Effects like elemental magic casts and screens with many extra objects on screen, ran much smoother.  Checking benchmark details such as 3D Mark, the i7 does vastly better handling PhysX performance heavy content.  Keeping in mind I am running the same video card as I did in the prior i5-4690k build.

For grins I also re-installed Bioshock Infinite and ran the Benchmark.exe in the install folder.  Considering I recently switched to a 144 Hz display, I was able to see the benchmark ran that steadily.  Looking back, I think I played the game on a 560 GTX and recalled some performance drops in some areas.  Worth saying that would have also likely had been when I was on an i5-2500k setup.

3DMark Shootout:  Please bear in mind most of the i5-4690k benchmarks were run on Windows 8.1.  I believe that is some of where you see the higher FPS numbers from the i5 versus the i7 benchmarks.

Fire Strike (standard) compare

Fire Strike Extreme compare

Sky Diver compare

API Overhead compare

Time Spy

Cloud Gate compare

Fire Strike 3-way compare including i5-2500k and a 570 GTX


Recapping this data, we see the PhysX scores are significantly higher, while base FPS are similar or a little slower than on the i5-4690k.  Please keep in mind the only benchmark in this set run on Windows 10 with the i5-4690k was Time Spy, as it requires DirectX 12 / Windows 10.  I added the compare links that also confirm this information and so you can add any benchmarks you may have run for comparison.

The last image and benchmark includes my i5-2500k build with a 570 GTX in it.  I wanted to add that for more of a scaling over time and performance gain metric.  In the short hand if you are asking does an i7 smooth up actual gameplay, I would say Yes to that.  Watch Dogs 2 is a recent title I saw people mentioning benefits from extra threads and a higher CPU clock.  I can confirm that to be the case as grass and tree heavy shadow environments are much smoother than they were on my i5-4690k.  Similar gains can be seen in Final Fantasy XIV.  Particularly as the Stormblood expansion pushed some higher usage textures and shading features to the game.

This rig is doing me well but I did have some issues running the RAM @ 3000MHz.  I had a few crash application issues and some reboot problems as well.  After seeing a few of those I fired up Memtest and let that run for 5 to 10 hours.  Typically around the 5th hour, I started getting some errors when running the memory at the overclocked speed.  Turns out I’m not the only person with issues running the RAM @ 3000MHz on an Asus motherboard.  Stock is 2133MHz and that passed Memtest with flying colors and also does not have the reboot issue.

Just a heads up if you are doing a build, that you might see some issues if you hoped to set your XMP and it would just run.  Increasing the voltage to the RAM made no long-term stability improvement either.  I am running 32 GB (2x 16 GB) CMU32GX4M2C3000C15 Vengeance LED RAM for point of reference.  I was happy to see the Memtest passed at stock timings, so I didn’t have to RMA them.  From the product page the timings that should work are:


Tested Latency: 15-17-17-35
Voltage: 1.35V
Set RAM to Auto
Voltage: Auto

As I mentioned, simply using the XMP settings for 3000MHz will likely jam up your memory and system stability.  Normally I would have let an exhaustive memtest run earlier, but you can get busy and I ended up building 3 machines that week.  Granted my prior build was mostly a move to another case and burn in testing.  Speaking of MemTest, I enjoy this version of MemTest.