Posted 16 July 2005 - 01:58 PM
Hi, I just recently removed SpySheriff from my machine (thanks to the instructions provided here in a different forum). After removing SpySheriff I am now receiving the following error message on startup.
"Windows cannot find 'C:WindowsSystem32kernels32.exe.' Make sure you typed the name correctly, and then try again. To search for a file click the start button and then click search."
I've heard of kernel32.exe, but not kernels32 (with an s).exe.
This file (kernels32.exe) is referred to in the registry a couple of times.
The first is HKEY_LOCAL-MACHINESoftwareMicrosoftWINDOWSNTCurrentVersionWinLogon
Value Name "Shell", Value Data "Explorer.exe C:WindowsSystem32Kernels32.exe"
The second reference is HKEY_USERSS-1-5-21 (a lot of number string data)SoftwareMicrosoftWindowsShellNoRoamMUICache
Value Name "C:WindowsSystem32kernels.exe" Value Data "kernels32.exe"
Is kernels32.exe a valid Windows component, or can I assume it is part of the bleep that was downloaded to my machine? If it is bleep, should I delete the two items in the registry mentioned above that refer to it?
Along with SpySheriff the site seemed to upload a number of virus, down-loader, and Trojan files. Between Norton AV and EWIDO I think all have been removed. Thank you guys for the post on SpySheriff. Also, it seemed that the EWIDO scan was deeper and more comprehensive than Norton. Wonder if I should switch?