Microsoft KB Archive/316692

= Error Message Refers to the Kernel32.exe File if Your Computer Is Infected by the Worm_badtrans.b Virus =

Article ID: 316692

Article Last Modified on 1/24/2002

-

APPLIES TO


 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional

-



This article was previously published under Q316692



SYMPTOMS
You may receive the following error message:

Kernel32.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

If you view the data that the error report contains, the following error signature information may be listed:

  App Name      App Version  Module Name  Module Version  Offset Kernel32.exe 0.0.0.0      Msvcrt.dll   7.0.2600.0      0003203b



CAUSE
This issue can occur if your computer is infected by one of the following viruses:
 * Worm_Badtrans.b
 * Backdoor.G_Door
 * Glacier Backdoor
 * Win32.Badtrans.29020
 * W32.Badtrans.B@mm
 * Win32/PWS.Badtrans.B.Worm

Kernel32.exe is the worm process that resides on the client computer, and Kernel32.exe is not a Microsoft file.



RESOLUTION
Microsoft does not provide software that can detect or remove computer viruses. If you suspect or confirm that your computer is infected with a virus, obtain current antivirus software. For a list of antivirus software manufacturers, click the following article number to see the article in the Microsoft Knowledge Base:

49500 List of Antivirus Software Vendors



MORE INFORMATION
The viruses that are described in this article are types of &quot;backdoor&quot; programs that attackers can use to access your computer system without your knowledge or consent. The attacker can do one or more of the following:
 * Modify the registry
 * Shut down the computer
 * View your computer's screen
 * Record passwords
 * Obtain system information
 * Manipulate files on your computer

If you remove the client side of the virus, it does not necessarily mean that your system's security has not already been compromised, especially with regards to password information that may have been gathered by the server.

Keywords: kberrmsg kbenv kbprb kbprod2web KB316692

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.