cytray.exe - Bad Image

FencesManu64.dll

February 29, 2024 11:07 AM from

Hello.

I am running Fences 5.04, Actually just updated my old version of 3.0 to 5.04. All is well and running but every time I restart my computer I get the following. Once I push okay it goes away and everything seems to be working fine. Do you guys know why I am getting this and if I can stop and or fix it?

OS is Windows 10 Pro running on 11th Gen Intel(R) Core(TM) i5-1145G7 @ 2.60GHz 1.50 GHz with 32.0 GB

Error:

https://drive.google.com/file/d/1RBm1yccP73oU9hq16cSKBFjUSmZ_nA_n/view?usp=drive_link

Ardy

fences

13,015 views 10 replies

Reply #1 February 29, 2024 4:40 PM from

Stardock Forums Top

Oddly we got an identical report bar the door name earlier this week about start11.

What application does cytray belong to as it sounds like a defect in that and I recommend reporting it to the manufacturer of that software. It looks like they blocked third party DLLs from a process but forgot to turn off error prompts which you need to if you are doing that.

Reply #2 March 4, 2024 9:54 AM from

Stardock Forums Top

Good Morning Neil,

It belongs to Fences, the error points to C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll . I am not sure what the bad image is referring to but has to be internal to a reference that the dll is trying to load, that is my guess.

See the error in the link first post

Multiplicity - Control multiple PCs using one keyboard and mouse

Reply #3 March 4, 2024 12:20 PM from

WinCustomize Forums Top

Look again at your screenshot. cytray.exe is reporting the error.

cytray.exe is part of some endpoint protection software.

Reply #4 March 4, 2024 12:47 PM from

Stardock Forums Top

Here is an explanation from Palo Alto Networks. It seems they are aware of this issue.

https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/cytray-exe-quot-bad-image-quot-errors-following-agent-update/td-p/579085

Reply #5 March 5, 2024 1:44 AM from

Stardock Forums Top

I have the same issue.

Do we know if anyone is working on a fix?

Reply #6 March 5, 2024 5:00 AM from

Stardock Forums Top

Quoting madsringsted1, reply 5

I have the same issue.

Do we know if anyone is working on a fix?

End of madsringsted1's quote

It is something for the developers of cytray to resolve as it is their bug.

From the posted thread in reply 4 it looks like they are working on a fix.

Reply #7 March 5, 2024 7:34 AM from

Stardock Forums Top

Here is what PAN says:

"This is caused by a new feature enabled in 8.3, where we check the signature level of every DLL loaded into cytray.exe. The application's DLL must be unsigned or with a lower trusted level, which will result in the DLL being blocked by us and this pop-up to show. hence we have provided the SUEX to disable the feature."

"At the moment the engineering team does not consider this issue as an actual bug inside the product, but rather a by-design behavior."

"I would like to inform you that it might be fixed in the upcoming version of the XDR Agent, but we do not have an ETA for this."

Reply #8 March 5, 2024 8:48 AM from

Stardock Forums Top

Quoting pelaird, reply 7

Here is what PAN says:

"This is caused by a new feature enabled in 8.3, where we check the signature level of every DLL loaded into cytray.exe. The application's DLL must be unsigned or with a lower trusted level, which will result in the DLL being blocked by us and this pop-up to show. hence we have provided the SUEX to disable the feature."

"At the moment the engineering team does not consider this issue as an actual bug inside the product, but rather a by-design behavior."

"I would like to inform you that it might be fixed in the upcoming version of the XDR Agent, but we do not have an ETA for this."

End of pelaird's quote

The error isn't intentional, thats them messing up by not setting OS Error mode correctly for their process.

Silently failing is one thing, failing with a prompt like that is a mistake. The same mistake Microsoft made with MS remote assistance app for a while when they set the process to block third party dlls. They did eventually fix that.

I would encourage all the users impacted by this to complain loudly to them so they realise what they have done and make resolving it more of a priority.

Reply #9 March 5, 2024 11:10 AM from

Stardock Forums Top

Thank you all for the info, I Do appreciate it. now that I know what is causing this I have direction to go by. I do thank you all .......

Regards

Ardy

Reply #10 April 13, 2024 2:18 PM from

Stardock Forums Top

FYI:

Palo Alto Networks zero-day exploited since March to backdoor firewalls

From: BleepingComputer April 12, 2024

https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

From BleepingComputer

April 12, 2024

https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!