Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Does I.E.9 display a modified name of a file awaiting permission to be installed or downloaded ?

  • Please log in to reply
2 replies to this topic

#1 Big_Z


  • Members
  • 9 posts
  • Local time:06:50 AM

Posted 03 July 2012 - 06:46 PM

July 3, 2012 -- 19:44 EDT

I noticed yesterday that when I asked my Internet Explorer 9 (Windows 7) to display Digital Signature-related information during the process of installing an ActiveX file from a website, the I.E.9 window displays a file name which is different than the real file name. (Please note that I am not talking about the very first dialog box which appears during the installation permission process. On my computer (configured to the so-called Classic Windows display format) this first box is a yellow-bordered box at the bottom of the window, which has a gray "INSTALL" button in it. Only after clicking on this "install" button will I.E.9 allow me to see the Digital Signature and other related information. [This chronology is insane by the way !!!] ) The file name in the initial yellow-bordered box is correct. But the one that is stated in the Digital Signature-related window is different.

The reason that I am suspicious is that I have malware on my computer which secretly re-directs the updater requests of my anti-malware programs to malicious sites. It also interferes with my anti-malware programs in other ways, interferes with Microsoft Office, and may interfere with access to certain security-related websites. Various anti-malware programs have been unable to either completely eliminate the malware or to reverse the settings which seem to drive these malicious activites.

The specific changes that I noticed yesterday were:
#1. The online scanner Panda ActiveScan2.0 has a mandatory ActiveX called "as2stubie.cab". I.E.9's Dig.Sig.-related box calls it "[1]as2stubie.cab[1]".
#2. The online scanner BitDefender QuickScan likewise has an ActiveX called "qsax.cab". I.E.9 likewise displays this as "[1]qsax.cab[1]".

I do not know how my I.E.9 handled previous downloads and installations.

Can someone please tell me if this is what I.E.9 normally does. Thank-you.

BC AdBot (Login to Remove)


#2 noknojon


  • Banned
  • 10,871 posts
  • Gender:Not Telling
  • Local time:08:50 PM

Posted 03 July 2012 - 08:13 PM

Hi -
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document.
Please read This From Wiki on what a "Digital Signature actually is, and why it is not a Program Name -
Digital signatures employ a type of asymmetric cryptography.
The display you get is not the program name, but it is the encrypted digital signature of the program -

I hope this explains a bit :)

#3 Big_Z

  • Topic Starter

  • Members
  • 9 posts
  • Local time:06:50 AM

Posted 10 July 2012 - 01:17 PM

July 10
Dear "Forum Addict", Thanks for responding to my question quickly, and sorry for not acknowledging it sooner. Yes, your answer has resolved my concern.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users