didnt know where else to post this but its been going on for a while, and I know its not a hardware problem since I am a hardware techie and know when its that plus its been happening with last 3 rigs I rebuilt.
I am crashing in all games, sometimes IE and when I used Avira AV. With this kind of crash, this is latest crash:
I notice this happening in a event log a few seconds before they happen:
As you can see Im worried, what is this "special log on" I suspect some sort of intruder causing this. What do you think?
Im am not a n00b, and have tried everything I can think of. Everything is updated and in fact this is a brand new windows install. What do you all think? Compromised system?
If so I dont know how, Im running tomato firewall on router and only 2 TDP ports are open according to zenmap I run it on router from linux. Im also running windows firewall comodo, but it happens with or without it. No matter what I change or what I do this happens. Any ideas? As for hardware specs at this point I would say they are irrelevent. Happens with 3 different setups but similar hardware, all AMD CPU and video and 990FX chipset. 16GB of RAM, all 3 rigs different models of RAM. Currently running AMD branded memory. According to memtest its ok. I ran every hardware test I could think of and they pass.
I am crashing in all games, sometimes IE and when I used Avira AV. With this kind of crash, this is latest crash:
Quote:
Source rogame.exe Summary Stopped working Date 12/7/2014 8:42 PM Status Report sent Description Faulting Application Path: C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe Problem signature Problem Event Name: APPCRASH Application Name: rogame.exe Application Version: 0.0.0.0 Application Timestamp: 546a27fd Fault Module Name: rogame.exe Fault Module Version: 0.0.0.0 Fault Module Timestamp: 546a27fd Exception Code: c0000005 Exception Offset: 00932264 OS Version: 6.3.9600.2.0.0.256.72 Locale ID: 1033 Additional Information 1: 61ec Additional Information 2: 61eced9b1bd3ebe2d882f6adca392add Additional Information 3: 99a8 Additional Information 4: 99a8e0bccf1ed0c28a4df492ab67b5a8 Extra information about the problem Bucket ID: 39356a80c23d6be4904550297aee678f (73667636780) |
I notice this happening in a event log a few seconds before they happen:
Quote:
Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 12/7/2014 8:42:41 PM Event ID: 4672 Task Category: Special Logon Level: Information Keywords: Audit Success User: N/A Computer: temp Description: Special privileges assigned to new logon. Subject: Security ID: SYSTEM Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3E7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" /> <EventID>4672</EventID> <Version>0</Version> <Level>0</Level> <Task>12548</Task> <Opcode>0</Opcode> <Keywords>0x8020000000000000</Keywords> <TimeCreated SystemTime="2014-12-08T01:42:41.403601700Z" /> <EventRecordID>10156</EventRecordID> <Correlation /> <Execution ProcessID="728" ThreadID="4076" /> <Channel>Security</Channel> <Computer>temp</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-5-18</Data> <Data Name="SubjectUserName">SYSTEM</Data> <Data Name="SubjectDomainName">NT AUTHORITY</Data> <Data Name="SubjectLogonId">0x3e7</Data> <Data Name="PrivilegeList">SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege</Data> </EventData> </Event> |
As you can see Im worried, what is this "special log on" I suspect some sort of intruder causing this. What do you think?
Im am not a n00b, and have tried everything I can think of. Everything is updated and in fact this is a brand new windows install. What do you all think? Compromised system?
If so I dont know how, Im running tomato firewall on router and only 2 TDP ports are open according to zenmap I run it on router from linux. Im also running windows firewall comodo, but it happens with or without it. No matter what I change or what I do this happens. Any ideas? As for hardware specs at this point I would say they are irrelevent. Happens with 3 different setups but similar hardware, all AMD CPU and video and 990FX chipset. 16GB of RAM, all 3 rigs different models of RAM. Currently running AMD branded memory. According to memtest its ok. I ran every hardware test I could think of and they pass.
Aucun commentaire:
Enregistrer un commentaire