1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

problem when i log off/kernel32.exe/wind/xp/

Discussion in 'Windows - General discussion' started by lowpro, Feb 22, 2007.

  1. lowpro

    lowpro Guest

    4 past 4 day everytime when i logoff a small windows shows and it say something like
    program kernel32.exe and start to load
    then in the same windw
    then it said to cancel or end.if u end u will loose unsafe program ou data something like tht. so i went to norton web site and they said it is a virus/also microsoft/.well i read all the step ou to get it out but my problem i can find the key tht has being changed on the regedit.
    any help bro.my cp is frozen sometimes and i dont now why?i run a ful antivirus with restore off but still tht kernel.exe apear there
     
  2. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    The first thing that I need to know is what the virus is. The Kernel32.dll file is the guts of the OS. There are a number of reasons why you could be having this problem. In most cases I tell people to run a repair from their original OS disk. That is of course if you have one. Many people have OEM versions and you may not run a repair from it.

    I am personally not a friend to Norton! Meaning, I think their suite is insufficient. There are a couple of things that you can try. You can try to go online to http://www.trendmicro.com/en/home/us/personal.htm and run their online "HouseCall" and "CWShredder". If a virus is found write the name of it down. Even though you are told that the AV program can remove it, sometimes it is embedded in another program or the registry.

    The next thing to do if it does not find anything is to boot in safe mode by pressing F8 repeatedly at startup. In safe mode run your Norton. You see in safe mode you typical startup programs do not run. If your problem is one of those then Norton should find it. Again write down the name an location of the virus.

    Let me know if you have the full version of your OS on CD. Not an OEM version. OEM versions normally come with the computer when you buy it. If you did an update from another OS then that CD would work. It is not the full version, but has all of the correct files.

    Last but definitely not least! If you have not made a backup of your system but have the opportunity to do so... Do it! It is very wise to be prepared, and there is not much that is wiser than having a backup of all of your documents in case of a system failure.

    Let me know how it goes and good luck to you.
     
  3. lowpro

    lowpro Guest

    bro i tray safety mode but norton 2007 did nathing.what i did is i went on the firewall(norton2007 i block all the comunication wht kernel32.exe.any sugst?
    i went to the web site/house call was taking 2 long to updating so give up/

    i also went to regedit i locate the kernel32 but i didn't delete it cause i don't know if it is the rite one 2 delete.

    wht is OS (Operating system)i do have it but i believe isnot the one tht my pc came it.
    WNDS XP Professional pack 2.

    wht is OEM stand for.

    syxgun are u sugest to back all my documt includ program.one problem everytime i do backup i try to save it on cd but it won't only on flopy disc why is tht.

    oh i was trying to load a pict of tht kernel msg but i don't know how 2 do it so u can have more understand of it

    bro thnk 4 help
    i be wainting 4 next step
    thnk again
     
  4. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    OEM stands for Original Equipment Manufacturer. It is normally the software that comes with a new PC. If you have a full version of the disk then we can try to do a repair. If you have an OEM version then the we need to take a different step.

    Don't delete it, because it is the backbone of the OS (Operating System)!

    I would really like for HouseCalls to complete. If it is taking too long then maybe we can do some cleaning of our own. Download these programs (All are Free) and do a system clean.

    Ad-Aware

    Spybot This program will ask you to make a backup. Don't worry about that, you can skip it.

    A-Squared

    CCleaner

    Make sure that you get all of the updates for each of the software mentioned above, then re-boot in safe mode to run them. After that if you have Norton, see if there is a way to turn it off. Then try the HouseCalls thing again.

    For posting pictures
    On your keyboard you will notice a button to the right of the F12 key that says "Print Screen/SysRq" When that message shows again you can press that button.

    Now open Microsoft Paint unless you have a better program to work with. Select Edit/Paste, or press CTRL & V at the same time. This will past your entire screen into the program. You may make the changes that you need to so that only the message shows. The "Select" tool is normally helpful when doing this.

    After the item is selected you may select Edit/Copy or press Ctrl & C at the same time. (make sure the item is selected when you do this. Now press File/New or Ctrl & N at the same time. Do not save the old image. When the new page appears past the item there.

    Now comes a little tougher part. Go to File/Page Setup, you will notice a selection that says, "Fit To:". Select that option and press ok. Now select the page. Make sure that your image is in the top left corner of the page. No you can move the width and hight of the page to match your image.

    After that select File/Save As and you may call the image whatever you want bur in the "Save As Type" box select JPEG. Now you have a jpeg image on your computer.

    The next step is to go to a place like http://www.photobucket.com and sign up for a free membership. They will host your picture. After you upload the file you will see a box that says, "IMG Code" Copy that code and past it where you want the picture to display. Please not that this site does not support Vb Code and only supports XHTML. What you will need to do is change the code like this: original [​IMG] change to [​IMG]. This will show the picture on the forum.

    Let me know how things are working after you run those programs. I am sure that it will not fix the problem, but if you can turn Norton off and run HouseCalls we may get some answers. I will do a little research to see if I can come up with another solution. Good luck!
     
  5. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    By the way...
    You can download and install a new copy of your Kernel32 file from this site. http://www.dll-files.com/dllindex/dll-files.shtml?kernel32 Please read the instructions before doing it.

    Also it is very important that you have a copy of your registry backed up. I suggest a program called Erunt. Windows can backup your registry but it is not very powerful. Go to this website to get the free version of the software. There is also a registry optimizer program. http://www.larshederer.homepage.t-online.de/erunt/

    please do the other stuff mentioned above as well. We need to make sure that your system is clean. If you need any assistance feel free to ask.
     
  6. lowpro

    lowpro Guest

    syxguns can we fixe the problem using my OS cd . i was looking around and i found the one tht came wht pc.i went to web link but my pc frooze on me and i had to power off by power buttons.
    i hope we have altern
    thnks bro
     
  7. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    Start the PC with the disk in and see if it will let you do a repair. You do not want to format the HDD because then you would have to replace all of your programs. If you can not do a repair, then I would suggest trying to download that file again. Try to download it overnight and hopefully your machine won't freeze up on you again.

    If your disk is a full version CD then there are a couple of options that we can try if the repair does not succeed.

    Let me know what happens.
     
  8. lowpro

    lowpro Guest



    here is the pict/i don't know if i did it rite

    my OS is pack 1 exp prof but my pc has pack2 update from windws update.
    should i insert the cd just like normal cd then follow the instr?
    thanks bro
     
    Last edited by a moderator: Feb 27, 2007
  9. lowpro

    lowpro Guest

    [​IMG]

    yes i did it thanks again syxguns
     
  10. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    lowpro-
    Yeah, just put the disk in on startup and see if it gives you the option to repair. I don't know if it is a full version or not. If you got SP2 on your machine, then you could still try to install that Kernel32 file and see if that will fix it. Let me know what happens when you put the disk in. If it says that it will have to format your machine to continue then you do not want to do it right away. Before you do that you should make sure that all of your important documents are backed up. You will have to reinstall all of your programs.

    If you can get that Kernel32 downloaded then it should fix your machine. Before you do anything let me know what the information on your screen says when you restart the computer with the disk in.
     
  11. lowpro

    lowpro Guest

    syxgun i had virus on pc norton couldn't detect until i use my OS cd. OS did'nt fixe everything but i guess it fixe the kernel32 because just after i remove OS cd norton was able to detect infostealer.bancos
    24 regst entr
    4 files
    2 process
    1 browser cases

    the problem is on the state it said partally resolved.any sugst

    since i backup all my documt file i wana use OS cd to start my windws
    brandnew again

    before i go ahead and do tht i'm doing safety mode scam to see but i still think i'm going ahead and do it/since my pc is freezing some times.any sugst
    thnks
     
    Last edited by a moderator: Feb 28, 2007
  12. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    infostealer.bancos is a Trojan virus that comes as junk email disguised as if Norton sent you the email. It is very wise to get rid of it. It steals information from your computer as you are searching the Internet. Definitely go in safe mode and run not only your Norton, but the other programs I recommended earlier. Then reboot into regular mode and run the online scan I mentioned.

    After you do all of that go into the command prompt and run chkdisk. Then to make sure that your computer is at top performance I would suggest a scan disk and a system defrag. I can help you with this if you are not sure how to do it.

    Or
    If you choose to overwrite your OS there is a correct way to do it. If your disk is a full version of your OS then be sure to format the HDD before you begin to install. This will insure that you have no registry settings left from your previous installation. It is a good idea to make sure that you have your system files backed up before you do this. After you do a reinstall of the OS then you will have to reinstall your programs. You will already have your files saved, but this is the last thing I ever suggest to anyone.

    Why?
    I thought you might ask that! Because a virus is a program that can be removed. It may be hidden in startup files which is why I suggest to run your AV and other programs in safe mode. After you do all that I mentioned in the first paragraph you should be clean. If you start to receive more errors later then we will know what the cause of it is and I will do a little research on correcting the problem. However, from what I read about this virus it is minor. By minor I mean that it is easy to get rid of. I don't think you will have any problems cleaning in safe mode. Do that before you reinstall your OS.

    I'm glad that you were able to get the repair to work and restore your Kernel32 file. Now let's get rid of that nasty little guy that caused the problem in the first place!
     
  13. lowpro

    lowpro Guest

    thnk 4 everything in adv

    syxgun after i run safty mode norton delete them all and all program are respond quicker.i done 3 restart and kernel did'nt show up at all.wht u think.do i still have tht looser on pc or wht.
    u said if i want to do overite OS to be sure to format HDD before intals
    how can i do tht

    i'm going to do the chkdisk and defrgmt
    i real want to do OS overite cause i being have problem also wth update windws.i done updte one by one it works but when went to the last 2 i won't update at all for the 6 or more mnths
    i just did defrmt and diskcleanup but when i went to do cmd promt
    chkdisk "chkdisk is not recognized as an internal or external command,operable prgm or batch file.

    how do i know if my pc is fully(working 100%) bro i'm ask

    to much ?ahn
     
    Last edited by a moderator: Feb 28, 2007
  14. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    I am sorry, the command is chkdsk to check your local disk. There is not a need to do it if you are going to format and put on the new OS again. Basically as long as you have the real disk it will ask you what partition to place the OS to. Your HDD probably only has one partition so select partition 0. It will show in a little window underneath the question. Then you can tell it to format the entire HDD before installation.

    The only other way to do it, is to boot the machine while pressing F8 and select command prompt only. You should start out at the C:\ prompt. If not then type cd\ and press enter. now from the C: prompt type what I have in red:
    C:\format c:

    Then when it says that all information will be lost select yes and it will format your C: drive. WARNING!!! Do not do this unless you are 100% certain that you have a full version of your OS on the disk.

    If you do not have a 100% OS on your disk you may not be able to re-install your OS. Just to be on the safe side in case you are not sure. If your disk says, "XP Home (Pro) Edition Update" then this is not a full version. If you do not have a full version then unless you have an older OS disk to put on first you will be stuck with computer and no OS!

    Edit for typo
     
    Last edited: Feb 28, 2007
  15. lowpro

    lowpro Guest

    this is wht my say
    OS
    alred inst on your cmpter

    REinstal cd

    microsoft wndws xp prof
    including serv pck 1a
    the softwre is already on your pc.only use this cd to reintl the software.
    only use this cd to reint the OS on dell cp.this cd is not for reintlation of progrm or driver
    is it the one?

    first i used chkdsk then at end i usedchkdsk/f and i logoff
    by curiosity i did but something is not rite
    [​IMG]
     
    Last edited by a moderator: Feb 28, 2007
  16. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    chkdsk/f is to fix the problems it finds. Files get clustered together and need to be fixed. This can cause problems such as the one you just experienced. when you are given the message at the end that says to run chkdsk after reboot select y for yes, and reboot the machine. give it time to reboot because the system files are being checked and repaired.

    The area in red above tells me that the CD you have is an OEM that came with your Dell computer. This particular disk will format and re-write the OS over the current OS. If you choose to do that then you may be my guest, however, it seems to me that your computer is almost fixed.

     
  17. lowpro

    lowpro Guest

    [​IMG]
    boot from cd
    [​IMG]
    [​IMG]

    AS far i can go

    [​IMG]

    here i was looking for command prompt(only) when i click F8
    [​IMG]
     
    Last edited by a moderator: Mar 3, 2007
  18. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    That particular disk is an OEM that came with the computer. You can use the recovery console. Here is a link to help you understand it, and the commands. http://support.microsoft.com/kb/307654

    Or if you desire you can run set up select choice 1 "Normal" This will format your machine and reinstall XP with SP1. After you do that you will need to go to the windows update site and install automatic updates and make sure that you put SP2 on your machine.

    If your computer is running fine right now I would just leave it as is, or tell me what the problem is. From what I understand your Kernel32 file is restored. Are there additional problems that you are having? You got rid of the Trojan that was on your machine. If you need me to look at a log of your system I will tell you how to do it.

    http://www.majorgeeks.com/download3155.html go to this site and download HijackThis. It is a free program. You need to make sure that it is saved on the local HDD. Go to My Computer and open the C:\ drive. Now select File-> New-> Folder and name it HijackThis. now download the exe file to that location. The next thing that you do is right click the file called HijackThis.exe and change the name to HjT.exe. I say this because some viruses are trained to hide from it.

    Now you may right click the HjT.exe file and create a shortcut on your desktop. Reboot in safe mode and run the program. Save the log file in Word or Notepad and reboot to regular mode. Open the file highlight it and past it in this thread so I may look at it. I will be able to find out if there are any other threats on your machine that need to be removed. Do not select anything and tell it to fix it for you. You could possibly remove system files that are needed.
     
  19. lowpro

    lowpro Guest

    i went to micrsft
    this didn't work
    Click Start, click Run, type CD drive letter:\winnt32.exe /cmdcons, and then click OK.
    Type the following command:
    FolderPath:\i386\winnt32.exe /cmdcons

    i'm still doing some research i'm not going to sleep until i get this rite. i do have a new hardriver never being used before wht OS ready on it but want to get this rite.
     
    Last edited by a moderator: Mar 1, 2007
  20. syxguns

    syxguns Active member

    Joined:
    Jan 13, 2006
    Messages:
    1,378
    Likes Received:
    4
    Trophy Points:
    68
    Okay, maybe that has to do with the fact that the disk is an OEM version. Did you download the other program I mentioned and run it in safe mode so that you could show me your system setting? I would like to get the problem fixed without you reinstalling the OS if that is what you would like to do.

    Run the scan and display the report, and tell me if anything is not working properly. I have to know what I am dealing with to give you a solution.
     

Share This Page