Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Win 2K: KMode Handling Exception killing me

Posted on 2004-09-22
3
190 Views
Last Modified: 2011-04-14
Completely out of nowhere my temporary home-workstation died a blue death and it read this:
Stop Error K-Mode Handling Exception 0x0000001E (0xC0000005, 0xEB88C486,0x00000000, 0x03F6BD1B ***Address EB88C486 base at EB88C000, datestamp 413f5157 - vdnt32.sys
The BSOD then instructs me to check for adequate disk space, check the bios and consult a hardware vendor, etc., standard stuff I guess for this problem?

System Specs as follows:
OS: Win 2000 Pro  5.00 (build 2195)
Processor: AMD-K7  698 MHz
384 MB of RAM
IBM Hard drive (42 gig space with 19 in use)
BIOS:Award Modular v6
VidCard: Matrox G400 DualHead

This is not my computer but my buddy's. I'm using it while I'm housesitting for him while he's away. I have no familiarity at all with its history or its idiosyncrasies, and I have no idea what's wrong with it nor how to make repairs. This is my first encounter with this problem. Although I have read many of the forum entries herein that list similar problems, I haven't found anything that exactly fits my problem yet, and I'm getting panicky at this point.

The Situation:
After the first three successive BSOD crashes within minutes after each reboot, I suspected a virus, so I ran Norton's and it worked for a bit but then it crashed with this same Stop Error message. I successively rebooted 5 more times and the same process happened 5 more times again, each time as I was running Norton Virus Scan. I noticed that the crash occurred whenever the virus scan was probing inside Program Files looking at an application called MORPHEUS. This is some kind of photo manipulation app. Next, I went online and purchased an app called NoAdware and ran that, and it did find several viruses (email-borne according to NoAdware) and it eliminated them, but as soon as it got to the MORPHEUS program it crashed too. This happened several more times, so I tried to launch MORPHEUS but, as expected, it immediately crashed the machine. I then tried to uninstall MORPHEUS (using Add-Remove apps) but as soon as I highlighted this app for deletion, another crash. After another reboot, I went back into the Add/Remove and highlighted a different app to see what would happen...crash. Just opening Add/Remove Applications now causes a crash. Each crash, about 13 of them now, end in the BSOD with the same Stop Error message displayed. I've been using the computer with no trouble for about three days, until this started. It is now running painfully SLOWly and functioning very far below normal.

So...I can't run Norton anti-virus to identify and/or eliminate the problem...I can't run any anti-adware apps to isolate and identify any virus or spyware to establish if these are the cause, and I can't uninstall the application that at least appears be (to to some degree)  part of the problem. I am NOT a hardware freak by ANY stretch, and while I have worked with computers for quite a few years now, this has maxed out my meager capabilities and I must confess that I'm now completely baffled and am after seven fruitless hours spent trying to fix the problem no closer to a solution. I hope someone can help me find a fix before my buddy returns in a couple days. I'd hate to have him think I broke his machine. Thanks in Advance,
JettLee
0
Comment
Question by:JettLee
  • 3
3 Comments
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 12122161
JettLee
VDNT32.SYS is part of the HAXDOOR-H trojan.
I suggest you start here:
http://www.sophos.com/virusinfo/analyses/trojhaxdoorh.html

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122197
JettLee
I just read up some more on this nasty and I strongly recommend that you keep this machine off the internet until you have disinfected it. The trojan you have infecting the machine allows unathorised remote access to your computer and therefore everything on it is open to unknown persons.

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 12122204
JettLee
Excellent removal instructions here:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.haxdoor.b.html?Open

Cheers

JamesDS
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2003 Terminal Server licenses 3 361
Recovering backup .Qic files on Windows 7 6 2,268
Windows 2000 Server to 2008 upgrade 8 519
P2V conversion for Windows NT 4.0 Server 2 2,290
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question