Article ID: 316692
Article Last Modified on 1/24/2002
APPLIES TO
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
This article was previously published under Q316692
SYMPTOMS
You may receive the following error message:
If you view the data that the error report contains, the following error signature information may be listed:
App Name App Version Module Name Module Version Offset ---------------------------------------------------------------- Kernel32.exe 0.0.0.0 Msvcrt.dll 7.0.2600.0 0003203b
CAUSE
This issue can occur if your computer is infected by one of the following viruses:
- Worm_Badtrans.b
- Backdoor.G_Door
- Glacier Backdoor
- Win32.Badtrans.29020
- W32.Badtrans.B@mm
- Win32/PWS.Badtrans.B.Worm
Kernel32.exe is the worm process that resides on the client computer, and Kernel32.exe is not a Microsoft file.
RESOLUTION
Microsoft does not provide software that can detect or remove computer viruses. If you suspect or confirm that your computer is infected with a virus, obtain current antivirus software. For a list of antivirus software manufacturers, click the following article number to see the article in the Microsoft Knowledge Base:
49500 List of Antivirus Software Vendors
MORE INFORMATION
The viruses that are described in this article are types of "backdoor" programs that attackers can use to access your computer system without your knowledge or consent. The attacker can do one or more of the following:
- Modify the registry
- Shut down the computer
- View your computer's screen
- Record passwords
- Obtain system information
- Manipulate files on your computer
If you remove the client side of the virus, it does not necessarily mean that your system's security has not already been compromised, especially with regards to password information that may have been gathered by the server.
Keywords: kberrmsg kbenv kbprb kbprod2web KB316692