• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Random CTDs in games, same exception code c0000005

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Zakarro

New Member
Joined
Dec 8, 2014
Hi, Im new here, didnt know where else to post this but its been going on for a while, and I know its not a hardware problem since I am a hardware techie and know when its that plus its been happening with last 3 rigs I rebuilt.

I am crashing in all games, sometimes IE and when I used Avira AV. With this kind of crash, this is latest crash:

Source
rogame.exe

Summary
Stopped working

Date
‎12/‎7/‎2014 8:42 PM

Status
Report sent

Description
Faulting Application Path: C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe

Problem signature
Problem Event Name: APPCRASH
Application Name: rogame.exe
Application Version: 0.0.0.0
Application Timestamp: 546a27fd
Fault Module Name: rogame.exe
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 546a27fd
Exception Code: c0000005
Exception Offset: 00932264
OS Version: 6.3.9600.2.0.0.256.72
Locale ID: 1033
Additional Information 1: 61ec
Additional Information 2: 61eced9b1bd3ebe2d882f6adca392add
Additional Information 3: 99a8
Additional Information 4: 99a8e0bccf1ed0c28a4df492ab67b5a8

Extra information about the problem
Bucket ID: 39356a80c23d6be4904550297aee678f (73667636780)


I notice this happening in a event log a few seconds before they happen:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 12/7/2014 8:42:41 PM
Event ID: 4672
Task Category: Special Logon
Level: Information
Keywords: Audit Success
User: N/A
Computer: temp
Description:
Special privileges assigned to new logon.

Subject:
Security ID: SYSTEM
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>4672</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>12548</Task>
<Opcode>0</Opcode>
<Keywords>0x8020000000000000</Keywords>
<TimeCreated SystemTime="2014-12-08T01:42:41.403601700Z" />
<EventRecordID>10156</EventRecordID>
<Correlation />
<Execution ProcessID="728" ThreadID="4076" />
<Channel>Security</Channel>
<Computer>temp</Computer>
<Security />
</System>
<EventData>
<Data Name="SubjectUserSid">S-1-5-18</Data>
<Data Name="SubjectUserName">SYSTEM</Data>
<Data Name="SubjectDomainName">NT AUTHORITY</Data>
<Data Name="SubjectLogonId">0x3e7</Data>
<Data Name="PrivilegeList">SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege</Data>
</EventData>
</Event>
As you can see Im worried, what is this "special log on" I suspect some sort of intruder causing this. What do you think?
Im am not a n00b, and have tried everything I can think of. Everything is updated and in fact this is a brand new windows install. What do you all think? Compromised system?

If so I dont know how, Im running tomato firewall on router and only 2 TDP ports are open according to zenmap I run it on router from linux. Im also running windows firewall comodo, but it happens with or without it. No matter what I change or what I do this happens. Any ideas? As for hardware specs at this point I would say they are irrelevent. Happens with 3 different setups but similar hardware, all AMD CPU and video and 990FX chipset. 16GB of RAM, all 3 rigs different models of RAM. Currently running AMD branded memory. According to memtest its ok. I ran every hardware test I could think of and they pass.
 
There are multiple reasons for that security report, but to check for your concern about unwanted intervention, you might try to run MalwareBytes free version on the off chance something is really after 'you'. I am saying you since you mention three rigs and I am going to assume that would be three new installs of windows and unlikely a trojan followed along thru three formats and REinstalls. Possible but unlikely.
RGone...
 
There are multiple reasons for that security report, but to check for your concern about unwanted intervention, you might try to run MalwareBytes free version on the off chance something is really after 'you'. I am saying you since you mention three rigs and I am going to assume that would be three new installs of windows and unlikely a trojan followed along thru three formats and REinstalls. Possible but unlikely.
RGone...

Thx but I think malware bytes is a bit overrated, well not literally its good at catching things. But what suspect was custom malware for me undetecable by conventional protection even with heuristics. Heck I even suspected hardware infections which the only thing that can detect those is the soon to come out Kaspersky UEFI av. Called em twice to see if its gonna be realeased to general public and first idiot tells me we will email you when it does and 2nd idiot didnt even know what I was talking about and insists on sending me to online kaspersky store for their regular products we already know about....

Yes anything is possible. which Is why I changed all hardware except monitors. Anything especially USB can get infected in its firmware and reinfect a whole rig or network. From what I gather sometimes not even flashing solves it since they are smart and will hide somewherre else while the flash is done and then copy itself back. They can hide even in NIC firmware. Anything. Worst by all means are the GPU firmware ones, they create VM on your card and with that power can wreak a lot of havok and I mean havok as in your computer are all belong to us......
 
Take a step back and relax a bit, you're being paranoid. :)

That security event is perfectly normal. It gets fired whenever an account with elevated privileges signs in, or a service starts as a privileged account. In this case, it's the SYSTEM account, probably just a routine service running in the background.

As far as the actual problem goes, ie, the crash, that's the puzzling part. Am I understanding correctly that you say you've had these crashes on three completely different machines with completely different hardware? I'm assuming you're running a legit copy of Windows and all of the affected games?
 
Take a step back and relax a bit, you're being paranoid. :)

That security event is perfectly normal. It gets fired whenever an account with elevated privileges signs in, or a service starts as a privileged account. In this case, it's the SYSTEM account, probably just a routine service running in the background.

As far as the actual problem goes, ie, the crash, that's the puzzling part. Am I understanding correctly that you say you've had these crashes on three completely different machines with completely different hardware? I'm assuming you're running a legit copy of Windows and all of the affected games?

Yes all legit. I think the crashes are software conflicts, another forum member told me to set windows error reporting service to auto when I had it on manual. So far so good. also noticed mouse driver gave same crash as rogame.exe same exception code and locale id and found out that was due to software conflict with Radeon Pro API settings. Fixed that, so so far so good.

As far as me being paranoid, not that much. WHen I first got pwned over 2 years ago It was so bad they were even redirecting me to webpages from searches on duckduck, dont beleive me? I click on a link in duckduck and it sent me to get this, the wikipedia page of the language Esperanto.... And this was on Linux, they were able to pwn my tomato router and Linux OS. What they did to windows was worst then chernobyl. Couldnt access my paypal account would just sit there in a loop. Very strange sorcery. So its not that much paranoia. I used to have a lot of enemys ;) Now im a bit better with security so Im not that worried, I use Open DNS now too.
 
Back