Error Message Refers to the Kernel32.exe File if Your Computer Is Infected by the Worm

SYMPTOMS

You may receive the following error message:

Kernel32.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

If you view the data that the error report contains, the following error signature information may be listed:

   App Name      App Version  Module Name  Module Version  Offset
   ----------------------------------------------------------------
   Kernel32.exe  0.0.0.0      Msvcrt.dll   7.0.2600.0      0003203b

CAUSE

This issue can occur if your computer is infected by one of the following viruses:

Worm_Badtrans.b
Backdoor.G_Door
Glacier Backdoor
Win32.Badtrans.29020
W32.Badtrans.B@mm
Win32/PWS.Badtrans.B.Worm

Kernel32.exe is the worm process that resides on the client computer, and Kernel32.exe is not a Microsoft file.

RESOLUTION

Microsoft does not provide software that can detect or remove computer viruses. If you suspect or confirm that your computer is infected with a virus, obtain current antivirus software. For a list of antivirus software manufacturers, click the following article number to see the article in the Microsoft Knowledge Base:

49500 List of Antivirus Software Vendors

MORE INFORMATION

The viruses that are described in this article are types of "backdoor" programs that attackers can use to access your computer system without your knowledge or consent. The attacker can do one or more of the following:

Modify the registry
Shut down the computer
View your computer's screen
Record passwords
Obtain system information
Manipulate files on your computer

If you remove the client side of the virus, it does not necessarily mean that your system's security has not already been compromised, especially with regards to password information that may have been gathered by the server.

Error Message Refers to the Kernel32.exe File if Your Computer Is Infected by the Worm_badtrans.b Virus (316692)

SYMPTOMS

CAUSE

RESOLUTION

MORE INFORMATION