Win 2K: KMode Handling Exception killing me

Posted on 2004-09-22
Last Modified: 2011-04-14
Completely out of nowhere my temporary home-workstation died a blue death and it read this:
Stop Error K-Mode Handling Exception 0x0000001E (0xC0000005, 0xEB88C486,0x00000000, 0x03F6BD1B ***Address EB88C486 base at EB88C000, datestamp 413f5157 - vdnt32.sys
The BSOD then instructs me to check for adequate disk space, check the bios and consult a hardware vendor, etc., standard stuff I guess for this problem?

System Specs as follows:
OS: Win 2000 Pro  5.00 (build 2195)
Processor: AMD-K7  698 MHz
384 MB of RAM
IBM Hard drive (42 gig space with 19 in use)
BIOS:Award Modular v6
VidCard: Matrox G400 DualHead

This is not my computer but my buddy's. I'm using it while I'm housesitting for him while he's away. I have no familiarity at all with its history or its idiosyncrasies, and I have no idea what's wrong with it nor how to make repairs. This is my first encounter with this problem. Although I have read many of the forum entries herein that list similar problems, I haven't found anything that exactly fits my problem yet, and I'm getting panicky at this point.

The Situation:
After the first three successive BSOD crashes within minutes after each reboot, I suspected a virus, so I ran Norton's and it worked for a bit but then it crashed with this same Stop Error message. I successively rebooted 5 more times and the same process happened 5 more times again, each time as I was running Norton Virus Scan. I noticed that the crash occurred whenever the virus scan was probing inside Program Files looking at an application called MORPHEUS. This is some kind of photo manipulation app. Next, I went online and purchased an app called NoAdware and ran that, and it did find several viruses (email-borne according to NoAdware) and it eliminated them, but as soon as it got to the MORPHEUS program it crashed too. This happened several more times, so I tried to launch MORPHEUS but, as expected, it immediately crashed the machine. I then tried to uninstall MORPHEUS (using Add-Remove apps) but as soon as I highlighted this app for deletion, another crash. After another reboot, I went back into the Add/Remove and highlighted a different app to see what would happen...crash. Just opening Add/Remove Applications now causes a crash. Each crash, about 13 of them now, end in the BSOD with the same Stop Error message displayed. I've been using the computer with no trouble for about three days, until this started. It is now running painfully SLOWly and functioning very far below normal.

So...I can't run Norton anti-virus to identify and/or eliminate the problem...I can't run any anti-adware apps to isolate and identify any virus or spyware to establish if these are the cause, and I can't uninstall the application that at least appears be (to to some degree)  part of the problem. I am NOT a hardware freak by ANY stretch, and while I have worked with computers for quite a few years now, this has maxed out my meager capabilities and I must confess that I'm now completely baffled and am after seven fruitless hours spent trying to fix the problem no closer to a solution. I hope someone can help me find a fix before my buddy returns in a couple days. I'd hate to have him think I broke his machine. Thanks in Advance,
Question by:JettLee
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
LVL 16

Accepted Solution

JamesDS earned 500 total points
ID: 12122161
VDNT32.SYS is part of the HAXDOOR-H trojan.
I suggest you start here:


LVL 16

Expert Comment

ID: 12122197
I just read up some more on this nasty and I strongly recommend that you keep this machine off the internet until you have disinfected it. The trojan you have infecting the machine allows unathorised remote access to your computer and therefore everything on it is open to unknown persons.


LVL 16

Expert Comment

ID: 12122204
Excellent removal instructions here:



Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question