1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Bad image error when running programs

By Duohimura ยท 5 replies
Mar 29, 2009
  1. Hey all--I seem to be suffering from the same problem as mp1 described in another thread here (made my own thread since that seems to be procedure, sorry if that was in error). I have a ~five year old PC running Windows XP. Upon starting up my computer, or whenever I begin to run a program, I get an alert in the following format:

    (Program name).exe - Bad Image

    The application or DLL C:\Windows\system32\fojezida.dll is not a valid Windows Image. Please check this against your installation diskette.

    When starting up my computer this appears twice while the screen is still black, before allowing me to select my user profile, twice after selecting the profile, and then seems to run down a long list of programs once it actually displays my desktop, forcing me to "OK" it repeatedly. Not such a big deal, but seeing as "fojezida.dll" doesn't turn up anything at all on Google, it would seem to be the work of some malware or other, and the last time I ignored a weird but seemingly harmless popup I wound up getting the machine wiped for an absurd amount of money, so.

    Immediately before this started my computer froze (by which I mean, able to move the mouse but not to interact with anything), locking up from trying to do too many things at once... or at least, I assumed such. When I shut down the computer and started it back up I got the error messages, so it may have been whatever this thing is that caused it. Seemingly the straw the broke the camel's back as far as freezing goes was accessing urbandictionary.com, not sure if that site has a reputation for malware or not.

    Anyway, I ran through the 8 steps as best I could. I seemed to run into a problem after updating Java where nothing would start up at all--couldn't get the control panel open to look at Add/Remove programs, or open anything in explorer, and the computer seemed to ignore me telling it to restart in much the same fashion. So I shut it down manually, which doesn't seem to have caused any problems. Additionally, I couldn't find one or two of the things that were suggested I turn off in that supplemental piece for my programs--I got all the shields in Spy Sweeper but no such luck on several of the others, and there was no guide to turning of Trend Micro so I decided to wing that one.

    Anyway, both Spy Sweeper and Trend Micro have two files quarantined, but Trend Micro's are from a month or more ago, and I suspect that Spy Sweeper's are as well, but it doesn't date them. The two which Spy Sweeper currently has are "directrevenue-abetterinternet" and "virtumonde."

    Additionally, Malware-Bytes did get rid of Trojan.vundo, but otherwise the various bits suggested in the 8 steps seem to not have turned anything up. The Bad Image errors persist, but I feel at least mildly more accomplished than if none of them had found anything. Anyway, I'll let the logs speak for themselves, in the interests of stopping this from becoming an even longer post.

    Any help you're able to offer would be very much appreciated. In the meantime, I'm going to get my not-already-backed-up stuff onto my external hard drive, I think...
  2. touch

    touch TS Rookie Posts: 978

    Hello Duohimura

    combofix should be able to remove - fojezida.dll and other possible infections.

    Please download Combofix:

    And save to the desktop.

    Close all other browser windows.

    Please connect all your external hard drive/flash drive before running Combofix, if you have any

    Double-click on the combofix icon found on your desktop.

    When finished, it will produce a logfile located at C:\combofix.txt.

    Attach the contents of that log in your next reply
  3. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

  4. touch

    touch TS Rookie Posts: 978

    kimsland - It was a pleasant interruption, and Thank You. I really appreciate it . :wave:
  5. Duohimura

    Duohimura TS Rookie Topic Starter

    Well, apparently this will teach me to not follow up on things immediately...

    Combofix did indeed appear to solve the problem, but earlier today I got infected (?) with Spyware Protect 2009, which made it impossible to run any anti-virus stuff, and I wound up using combofix (having first renamed the file several times which allowed -it- to run) to take care of it as per some instructions I ran across looking up how to deal with the problem. The problem being that the log from the first effort seems to have been replaced with the new one, sorry to say--although if my attempt to run a spyware scan before things got -really- all messed up was any indication, it seemed to be Vundo again.

    Anyway, I realize I've probably just royally screwed this up, but if you're still willing to assist, here's the log from this most recent running of Combofix... I'll certainly be more prompt carrying out instructions this time.

    (Theoretically I could system restore to get the old log back, I suppose, but I'm not sure if that would bring back everything Combofix cleaned up, and I'd rather not if it's not of vital importance to figuring out if there's another step to make sure it's really gone this time... I'd really rather this not happen EVERY Sunday)

    Congrats on your new status though, it seems well-deserved.

    Anyway I'm going to go do those windows updates now which I should have done as soon as I fixed things last time...

    Edit: Crap, I just realized that I didn't have my external hard drive hooked up this time when I ran Combofix... well, it hasn't been connected since Friday, so perhaps it didn't have the bug this time, but now the log doesn't include whatever combofix did with that drive last time... is there a way to get the old version of the log file back short of system restoring to before I did any of this?
  6. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Well if you have done all your updated scans with Spy Sweeper and Superantispyware and nothing is found (now) Then you can uninstall them (ie way too slow to start with Windows)
    Then other than scanning again with Malwarebytes (updated first and all found entries confirmed removed)

    You could run SDFix

    Please download and run SDFix (I'm sorry, but I must refer you to t h i s tutorial on its use, scroll down to "SDFix Instructions")

    Download, and run the "RunThis.bat" in Safe Mode, as advised
    Then attach the log and (after the SDFix scan) a new HJT log
    Oh by the way, it says that it may take 20mins to scan! (Mine took over an hour to complete!)

    Then restart and run a fresh scan with HJT and attach that new log as well
    But Superantispyware and Malwarebytes must first have fully clean scan logs. ;)
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...