July 11, 2012 - 19:00 EDT
When I asked my Internet Explorer 9 (Windows 7) to display
Digital Signature-related information during the
process of installing an ActiveX file from a website, the I.E.9 window
displayed a file name which is different than the real file name.
(Please note that I am not talking about the very first dialog box which
appears during the installation permission process.
On my Windows 7 computer (configured to the so-called Classic Windows
display format) this first box is a yellow-bordered box at the bottom of
the window, which has a gray "INSTALL" button in it. Only after clicking
on this "install" button will I.E.9 allow me to see the Digital Signature
and other related information. [This chronology is insane by the way !!!])
The file name in the initial yellow-bordered box is correct. But the one
that is stated in the Digital Signature-related window is different.
The reason that I am suspicious is that I have malware on my computer
which secretly re-directs the updater requests of my anti-malware programs
to malicious sites. It also interferes with my anti-malware programs in
other ways, interferes with Microsoft Office, and may interfere with
access to certain security-related websites. Various anti-malware programs
have been unable to either completely eliminate the malware or to reverse
the settings which seem to drive these malicious activites.
The specific changes that I noticed were:
#1. The online scanner Panda ActiveScan2.0 has a mandatory ActiveX called
"as2stubie.cab". I.E.9's Dig.Sig.-related box calls it "[1]as2stubie.cab[1]".
#2. The online scanner BitDefender QuickScan likewise has an ActiveX
called "qsax.cab". I.E.9 likewise displays this as "[1]qsax.cab[1]".
I did not proceed with the installation.
I do not know how my I.E.9 handled previous downloads and installations.
Can someone please tell me if this is what I.E.9 normally does.
Thank-you.