kernels32.exe

Discussion in 'malware problems & news' started by Rosie, Sep 29, 2005.

Thread Status:
Not open for further replies.
  1. Rosie

    Rosie Registered Member

    Joined:
    May 13, 2003
    Posts:
    44
    Location:
    United Kingdom
    Hello,

    Can someone please offer advice.

    My friend has ZoneAlarm free firewall, and recently an application has been trying to access his pc, he has denied access.

    The application is kernels32.exe and the file path is:-
    C:\WINDOWS\System32\kernels32.exe

    I think this may be a trojan.

    Could anyone please advise and if it is a trojan is there any removal advice please

    Thank you

    Rosie
     
    Rosie, Sep 29, 2005
    #1
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    snowbound, Sep 29, 2005
    #2
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Hi Rosie,

    Upload the file here to check it out: http://virusscan.jotti.org/ where multiple scanners will weigh in on the issue.

    If trojan found go to one or more sites here for a full system PC scan online:
    * Best Online Scanners (full PC scan online) and removal:
    Housecall: http://housecall.trendmicro.com/
    http://uk.trendmicro-europe.com/enterprise/products/housecall_launch.php
    Kaspersky: http://www.kaspersky.com/virusscanner <- [excellent]
    bitdefender: http://www.bitdefender.com/scan/license.php
    Malware: http://virusscan.jotti.org
    F-Secure: http://support.f-secure.com/enu/home/ols.shtml
    Panda: http://www.pandasoftware.com/activescan
    RAV AV: http://www.ravaantivirus.com/scan
    eTrust: http://www3.ca.com/virusinfo/virusscan.aspx
    ewido: http://www.ewido.net/en/onlinescan

    -- Tom
     
    lotuseclat79, Sep 30, 2005
    #3
  4. Rosie

    Rosie Registered Member

    Joined:
    May 13, 2003
    Posts:
    44
    Location:
    United Kingdom
    Thank you,

    Will try tomorrow.

    Rosie
     
    Rosie, Sep 30, 2005
    #4
  5. Rosie

    Rosie Registered Member

    Joined:
    May 13, 2003
    Posts:
    44
    Location:
    United Kingdom
    Thanks for the help and advice received.

    All clear now.

    Thanks again

    Rosie
     
    Rosie, Oct 7, 2005
    #5
  6. kernels32

    kernels32 Guest

    In addition:
    If you removed kernels32.exe manually (with no anivirus involved) you may still keep error message that kernels32.exe cannot be found on every new login to Windows. To rid of that message you need to clean up your Registry
    Goto Start/Run type regedit->Enter
    Here are the Registry keys to be found and deleted
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
    Value Name: System
    Value Data: D:\WINNT\system32\kernels32.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Value Name: Shell
    Value Data: Explorer.exe D:\WINNT\system32\kernels32.exe
    (right-click on Value Name->Delete)
     
    kernels32, Nov 1, 2005
    #6
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...