Solved

Win 2K: KMode Handling Exception killing me

Posted on 2004-09-22
3
187 Views
Last Modified: 2011-04-14
Completely out of nowhere my temporary home-workstation died a blue death and it read this:
Stop Error K-Mode Handling Exception 0x0000001E (0xC0000005, 0xEB88C486,0x00000000, 0x03F6BD1B ***Address EB88C486 base at EB88C000, datestamp 413f5157 - vdnt32.sys
The BSOD then instructs me to check for adequate disk space, check the bios and consult a hardware vendor, etc., standard stuff I guess for this problem?

System Specs as follows:
OS: Win 2000 Pro  5.00 (build 2195)
Processor: AMD-K7  698 MHz
384 MB of RAM
IBM Hard drive (42 gig space with 19 in use)
BIOS:Award Modular v6
VidCard: Matrox G400 DualHead

This is not my computer but my buddy's. I'm using it while I'm housesitting for him while he's away. I have no familiarity at all with its history or its idiosyncrasies, and I have no idea what's wrong with it nor how to make repairs. This is my first encounter with this problem. Although I have read many of the forum entries herein that list similar problems, I haven't found anything that exactly fits my problem yet, and I'm getting panicky at this point.

The Situation:
After the first three successive BSOD crashes within minutes after each reboot, I suspected a virus, so I ran Norton's and it worked for a bit but then it crashed with this same Stop Error message. I successively rebooted 5 more times and the same process happened 5 more times again, each time as I was running Norton Virus Scan. I noticed that the crash occurred whenever the virus scan was probing inside Program Files looking at an application called MORPHEUS. This is some kind of photo manipulation app. Next, I went online and purchased an app called NoAdware and ran that, and it did find several viruses (email-borne according to NoAdware) and it eliminated them, but as soon as it got to the MORPHEUS program it crashed too. This happened several more times, so I tried to launch MORPHEUS but, as expected, it immediately crashed the machine. I then tried to uninstall MORPHEUS (using Add-Remove apps) but as soon as I highlighted this app for deletion, another crash. After another reboot, I went back into the Add/Remove and highlighted a different app to see what would happen...crash. Just opening Add/Remove Applications now causes a crash. Each crash, about 13 of them now, end in the BSOD with the same Stop Error message displayed. I've been using the computer with no trouble for about three days, until this started. It is now running painfully SLOWly and functioning very far below normal.

So...I can't run Norton anti-virus to identify and/or eliminate the problem...I can't run any anti-adware apps to isolate and identify any virus or spyware to establish if these are the cause, and I can't uninstall the application that at least appears be (to to some degree)  part of the problem. I am NOT a hardware freak by ANY stretch, and while I have worked with computers for quite a few years now, this has maxed out my meager capabilities and I must confess that I'm now completely baffled and am after seven fruitless hours spent trying to fix the problem no closer to a solution. I hope someone can help me find a fix before my buddy returns in a couple days. I'd hate to have him think I broke his machine. Thanks in Advance,
JettLee
0
Comment
Question by:JettLee
  • 3
3 Comments
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 12122161
JettLee
VDNT32.SYS is part of the HAXDOOR-H trojan.
I suggest you start here:
http://www.sophos.com/virusinfo/analyses/trojhaxdoorh.html

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122197
JettLee
I just read up some more on this nasty and I strongly recommend that you keep this machine off the internet until you have disinfected it. The trojan you have infecting the machine allows unathorised remote access to your computer and therefore everything on it is open to unknown persons.

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122204
JettLee
Excellent removal instructions here:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.haxdoor.b.html?Open

Cheers

JamesDS
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now