I agree with what the comments said, but in any case, I think the answer might be useful. Here's how you can find the function name using the Windows debugging tools from the SDK, provided that EventViewer reports a failing command offset in the kernel32.dll file.
First install the Windows debugging tools and configure the path to the Microsoft public symbol server. Instructions are available online, for example this video: http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-Building-your-USB-thumbdrive
Run a window debugger attached to your process, or just any process on the system. kernel32.dll is one of the first DLL processes to be loaded by any process, it is very unlikely that it will be reinstalled. Thus, the base address of kernel32.dlls is the same in all processes.
Get the base address of kernel32.dll by running the "list modules" command in the debugger
0:006> lm m kernel32 start end module name 7c800000 7c8f6000 kernel32 (pdb symbols) c:\debuggers\symbols\kernel32.pdb\A22E3A9843CC45B4A2BFA31377127D422\kernel32.pdb
Thus, the base address is 7c800000. Now run the βparse one commandβ command using the base address and the DLL offset:
0:006> u 0x7c800000+0x0003fc2e l 1 kernel32!BasepCopyFileExW+0x859: 7c83fc2e 53 push ebx
So BasepCopyFileExW is the name of the function. (The result on your system may vary.)