Solve : I.E.9 modifies the name of the file awaiting permission to be

1.	Solve : I.E.9 modifies the name of the file awaiting permission to be installed?
Answer» July 11, 2012 - 19:00 EDT When I asked my Internet Explorer 9 (Windows 7) to display Digital Signature-related information during the process of installing an ActiveX file from a website, the I.E.9 window displayed a file name which is different than the real file name. (Please note that I am not talking about the very first dialog box which appears during the installation permission process. On my Windows 7 computer (configured to the so-called Classic Windows display format) this first box is a yellow-bordered box at the bottom of the window, which has a gray "INSTALL" button in it. Only after clicking on this "install" button will I.E.9 allow me to SEE the Digital Signature and other related information. [This chronology is insane by the way !!!]) The file name in the initial yellow-bordered box is correct. But the one that is stated in the Digital Signature-related window is different. The reason that I am suspicious is that I have malware on my computer which secretly re-directs the updater requests of my anti-malware programs to malicious sites. It also interferes with my anti-malware programs in other ways, interferes with Microsoft Office, and may interfere with access to certain security-related websites. Various anti-malware programs have been unable to either completely eliminate the malware or to reverse the settings which seem to drive these malicious activites. The specific changes that I noticed were: #1. The ONLINE scanner Panda ActiveScan2.0 has a mandatory ActiveX called "as2stubie.cab". I.E.9's Dig.Sig.-related box calls it "[1]as2stubie.cab[1]". #2. The online scanner BitDefender QuickScan likewise has an ActiveX called "qsax.cab". I.E.9 likewise displays this as "[1]qsax.cab[1]". I did not proceed with the installation. I do not know how my I.E.9 handled previous downloads and installations. Can someone please tell me if this is what I.E.9 normally does. Thank-you.Quote The reason that I am suspicious is that I have malware on my computer which secretly re-directs the updater requests of my anti-malware programs to malicious sites. It also interferes with my anti-malware programs in other ways, interferes with Microsoft Office, and may interfere with access to certain security-related websites. Various anti-malware programs have been unable to either completely eliminate the malware or to reverse the settings which seem to drive these malicious activites. Clik Here...[/u] And follow the info on posting your logs/July 13 - 01:55 EDT Hi, Patio: Unfortunately, due to illness in the family, at this time I am not able to engage in the time consuming process of hunting down the malicious entity as you have recommended. Therefore, would it be possible for you to look at how your Internet Explorer browser handles this procedure ? (without doing the final STEP of installing the Activex, of course) I do not know anyone who has a reliable computer. Thanks. The websites are: #1. Bitdefender Quickscan. Path to webpg. = {http://www.bitdefender.com} ==> at bottom of webpg. is the Online Scanner link > {http://www.bitdefender.com/scanner/online/free.html}. #2. Webpage = {http://www.pandasecurity.com/homeusers/solutions/activescan}.

Solve : I.E.9 modifies the name of the file awaiting permission to be installed?

Answer»

July 11, 2012 - 19:00 EDT
When I asked my Internet Explorer 9 (Windows 7) to display
Digital Signature-related information during the
process of installing an ActiveX file from a website, the I.E.9 window
displayed a file name which is different than the real file name.
(Please note that I am not talking about the very first dialog box which
appears during the installation permission process.
On my Windows 7 computer (configured to the so-called Classic Windows
display format) this first box is a yellow-bordered box at the bottom of
the window, which has a gray "INSTALL" button in it. Only after clicking
on this "install" button will I.E.9 allow me to SEE the Digital Signature
and other related information. [This chronology is insane by the way !!!])
The file name in the initial yellow-bordered box is correct. But the one
that is stated in the Digital Signature-related window is different.

The reason that I am suspicious is that I have malware on my computer
which secretly re-directs the updater requests of my anti-malware programs
to malicious sites. It also interferes with my anti-malware programs in
other ways, interferes with Microsoft Office, and may interfere with
access to certain security-related websites. Various anti-malware programs
have been unable to either completely eliminate the malware or to reverse
the settings which seem to drive these malicious activites.

The specific changes that I noticed were:
#1. The ONLINE scanner Panda ActiveScan2.0 has a mandatory ActiveX called
"as2stubie.cab". I.E.9's Dig.Sig.-related box calls it "[1]as2stubie.cab[1]".
#2. The online scanner BitDefender QuickScan likewise has an ActiveX
called "qsax.cab". I.E.9 likewise displays this as "[1]qsax.cab[1]".

I did not proceed with the installation.

I do not know how my I.E.9 handled previous downloads and installations.

Can someone please tell me if this is what I.E.9 normally does.

Thank-you.Quote

The reason that I am suspicious is that I have malware on my computer
which secretly re-directs the updater requests of my anti-malware programs
to malicious sites. It also interferes with my anti-malware programs in
other ways, interferes with Microsoft Office, and may interfere with
access to certain security-related websites. Various anti-malware programs
have been unable to either completely eliminate the malware or to reverse
the settings which seem to drive these malicious activites.

Clik Here...[/u]

And follow the info on posting your logs/July 13 - 01:55 EDT
Hi, Patio:
Unfortunately, due to illness in the family, at this time I am not able to engage in the time consuming process of hunting down the malicious entity as you have recommended. Therefore, would it be possible for you to look at how your Internet Explorer browser handles this procedure ? (without doing the final STEP of installing the Activex, of course) I do not know anyone who has a reliable computer. Thanks.

The websites are:
#1. Bitdefender Quickscan. Path to webpg. = {http://www.bitdefender.com} ==> at bottom of webpg. is the Online Scanner link >
{http://www.bitdefender.com/scanner/online/free.html}.
#2. Webpage = {http://www.pandasecurity.com/homeusers/solutions/activescan}.

Solve : I.E.9 modifies the name of the file awaiting permission to be installed?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment