Solved

Win 2K: KMode Handling Exception killing me

Posted on 2004-09-22
3
192 Views
Last Modified: 2011-04-14
Completely out of nowhere my temporary home-workstation died a blue death and it read this:
Stop Error K-Mode Handling Exception 0x0000001E (0xC0000005, 0xEB88C486,0x00000000, 0x03F6BD1B ***Address EB88C486 base at EB88C000, datestamp 413f5157 - vdnt32.sys
The BSOD then instructs me to check for adequate disk space, check the bios and consult a hardware vendor, etc., standard stuff I guess for this problem?

System Specs as follows:
OS: Win 2000 Pro  5.00 (build 2195)
Processor: AMD-K7  698 MHz
384 MB of RAM
IBM Hard drive (42 gig space with 19 in use)
BIOS:Award Modular v6
VidCard: Matrox G400 DualHead

This is not my computer but my buddy's. I'm using it while I'm housesitting for him while he's away. I have no familiarity at all with its history or its idiosyncrasies, and I have no idea what's wrong with it nor how to make repairs. This is my first encounter with this problem. Although I have read many of the forum entries herein that list similar problems, I haven't found anything that exactly fits my problem yet, and I'm getting panicky at this point.

The Situation:
After the first three successive BSOD crashes within minutes after each reboot, I suspected a virus, so I ran Norton's and it worked for a bit but then it crashed with this same Stop Error message. I successively rebooted 5 more times and the same process happened 5 more times again, each time as I was running Norton Virus Scan. I noticed that the crash occurred whenever the virus scan was probing inside Program Files looking at an application called MORPHEUS. This is some kind of photo manipulation app. Next, I went online and purchased an app called NoAdware and ran that, and it did find several viruses (email-borne according to NoAdware) and it eliminated them, but as soon as it got to the MORPHEUS program it crashed too. This happened several more times, so I tried to launch MORPHEUS but, as expected, it immediately crashed the machine. I then tried to uninstall MORPHEUS (using Add-Remove apps) but as soon as I highlighted this app for deletion, another crash. After another reboot, I went back into the Add/Remove and highlighted a different app to see what would happen...crash. Just opening Add/Remove Applications now causes a crash. Each crash, about 13 of them now, end in the BSOD with the same Stop Error message displayed. I've been using the computer with no trouble for about three days, until this started. It is now running painfully SLOWly and functioning very far below normal.

So...I can't run Norton anti-virus to identify and/or eliminate the problem...I can't run any anti-adware apps to isolate and identify any virus or spyware to establish if these are the cause, and I can't uninstall the application that at least appears be (to to some degree)  part of the problem. I am NOT a hardware freak by ANY stretch, and while I have worked with computers for quite a few years now, this has maxed out my meager capabilities and I must confess that I'm now completely baffled and am after seven fruitless hours spent trying to fix the problem no closer to a solution. I hope someone can help me find a fix before my buddy returns in a couple days. I'd hate to have him think I broke his machine. Thanks in Advance,
JettLee
0
Comment
Question by:JettLee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
3 Comments
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 12122161
JettLee
VDNT32.SYS is part of the HAXDOOR-H trojan.
I suggest you start here:
http://www.sophos.com/virusinfo/analyses/trojhaxdoorh.html

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122197
JettLee
I just read up some more on this nasty and I strongly recommend that you keep this machine off the internet until you have disinfected it. The trojan you have infecting the machine allows unathorised remote access to your computer and therefore everything on it is open to unknown persons.

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122204
JettLee
Excellent removal instructions here:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.haxdoor.b.html?Open

Cheers

JamesDS
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cursor typing problems 5 58
How to NTBackup if SQL Server running? 6 915
Windows 2003 server: List of EVENT IDs 1 742
WMI Uptime Script Reporting Incorrect Number on W2k Server 16 797
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Invest in your employees with these five simple steps to improve employee engagement and retention.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question