1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

'Bad image' popup

By sfazelya
Aug 26, 2009
  1. Hello,

    I am having a problem that is very similar to a thread by mp1 labeled 'Bad image' popup. I am unable to post the link because this is my first post on techspot.

    The only difference is that when i get these popups it says
    'name of program - Bad image'
    c:\windows\system32\gedekuye.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support.
    And it pops up every minute even if i do not open a program.

    I looked up gedekuye.dll on google and downloaded a program called prevx 3.0 because it said it can remove this virus/malware or whatever these popups are and it was a no go.

    I am unsure if i should follow the same guidelines as given to the other thread and I am at the point where i want to just reformat my computer with the windows vista cd but I am unsure if even that would work.

    So hopefully you can help me out with this problem and I will add that as well as having prevx 3.0 i also have rogers online protection and an out of date norton that i am unable to uninstall and remove.

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    gedekuye.dll is from malware. It has the following behaviors:
    • Usualy created by unsafe process.
    • Registered as a Dynamic Link Library File.
    • Usualy have random filename and refers to many versions of a dynamic link library.
    • Can be injected/attached to the legitimate Windows process such as explorer.exe or other.

      The process is part of the HEUR:Trojan.Win32.Generic

      You should have one antivirus program, one firewall and at least two spyware/adware programs. I don't know that the Rogers security included. An out of date AV is of no use. To completely remove it, use the Norton Removal Tool

      You will need help with the cleaning. Start by following the steps here:

      If the malware persists, in the temporary absence of trained malware helpers here, I will refer you to a forum for help.
  3. sfazelya

    sfazelya TS Rookie Topic Starter

  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I am glad that one problem was resolved-however- you still have evidence of active malware. Your host files have been hijacked and Vundo is still present. You also have a backdoor proxy component.

    Since I can't help you with the cleaning, I suggest you try Tech-101.

    Paste the description of the problem there and leave the current logs. You will be assisted by trained malware helpers.

    Sometimes, when one problem is resolved, a user assumes that all of the malware is gone. Unfortunately, this is frequently not the case.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...