Packed image
-
Hi all, Does anyone here know anything about packed image? any reference? The story is: I just have my explorer.exe back to normal again. Process Explorer indicated "C:\PROGRA~1\INTERN~1\INTERN~1.dll" was loaded every time explorer launched, and explorer end up crashing. What special about this dll is that it was highlighted in purple(packed image category) and it was said that the packed image is probably a malware. So I tried to locate this dll but only find "internetapi.dll" questionable, I proceeded to delete this dll and the problem went away. I have several quick questions in mind: 1. How this dll gets loaded? There must be a process that injects the dll every time explorer starts. I found explorer itself was intacted. I didn't not find any suspicious process running at the time. 2. Why it was appeared as "C:\PROGRA~1\INTERN~1\INTERN~1.dll" instead of the real dll "internetapi.dll" 3. Is "PROGRA~1" a hidden folder? Does '~' get translated to anything else 4. What exactly is "packed image"? Thanks,