'Bad image' popup

Status
Not open for further replies.
Hello,

I am having a problem that is very similar to a thread by mp1 labeled 'Bad image' popup. I am unable to post the link because this is my first post on techspot.

The only difference is that when i get these popups it says
'name of program - Bad image'
c:\windows\system32\gedekuye.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support.
And it pops up every minute even if i do not open a program.

I looked up gedekuye.dll on google and downloaded a program called prevx 3.0 because it said it can remove this virus/malware or whatever these popups are and it was a no go.

I am unsure if i should follow the same guidelines as given to the other thread and I am at the point where i want to just reformat my computer with the windows vista cd but I am unsure if even that would work.

So hopefully you can help me out with this problem and I will add that as well as having prevx 3.0 i also have rogers online protection and an out of date norton that i am unable to uninstall and remove.

Thanks.
 
gedekuye.dll is from malware. It has the following behaviors:
  • Usualy created by unsafe process.
  • Registered as a Dynamic Link Library File.
  • Usualy have random filename and refers to many versions of a dynamic link library.
  • Can be injected/attached to the legitimate Windows process such as explorer.exe or other.

    The process is part of the HEUR:Trojan.Win32.Generic

    i also have rogers online protection and an out of date norton that i am unable to uninstall and remove.

    You should have one antivirus program, one firewall and at least two spyware/adware programs. I don't know that the Rogers security included. An out of date AV is of no use. To completely remove it, use the Norton Removal Tool

    You will need help with the cleaning. Start by following the steps here:
    https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

    If the malware persists, in the temporary absence of trained malware helpers here, I will refer you to a forum for help.
 
I am glad that one problem was resolved-however- you still have evidence of active malware. Your host files have been hijacked and Vundo is still present. You also have a backdoor proxy component.

Since I can't help you with the cleaning, I suggest you try Tech-101.

Paste the description of the problem there and leave the current logs. You will be assisted by trained malware helpers.

Sometimes, when one problem is resolved, a user assumes that all of the malware is gone. Unfortunately, this is frequently not the case.
 
Status
Not open for further replies.
Back