[resolved] I.e.9 Modifies The Name Of The Quickscan Activex To Be Installed

zenon

When I asked my Internet Explorer 9 (Windows 7) to display

Digital Signature-related information during the

process of installing an ActiveX file from a website, the I.E.9 window

displayed a file name which is different than the real file name.

(Please note that I am not talking about the very first dialog box which

appears during the installation permission process.

On my Windows 7 computer (configured to the so-called Classic Windows

display format) this first box is a yellow-bordered box at the bottom of

the window, which has a gray "INSTALL" button in it. Only after clicking

on this "install" button will I.E.9 allow me to see the Digital Signature

and other related information. [This chronology is insane by the way !!!])

The file name in the initial yellow-bordered box is correct. But the one

that is stated in the Digital Signature-related window is different.

The reason that I am suspicious is that I have malware on my computer

which secretly re-directs the updater requests of my anti-malware programs

to malicious sites. It also interferes with my anti-malware programs in

other ways, interferes with Microsoft Office, and may interfere with

access to certain security-related websites. Various anti-malware programs

have been unable to either completely eliminate the malware or to reverse

the settings which seem to drive these malicious activites.

The specific changes that I noticed were:

#1. The online scanner BitDefender QuickScan likewise has an ActiveX

called "qsax.cab". I.E.9 likewise displays this as "[1]qsax.cab[1]".

#2. The online scanner Panda ActiveScan2.0 has a mandatory ActiveX called

"as2stubie.cab". I.E.9's Dig.Sig.-related box calls it "[1]as2stubie.cab[1]".

I did not proceed with the installation.

I do not know how my I.E.9 handled previous downloads and installations.

Can someone please tell me if this is what I.E.9 normally does.

Thank-you.

rootkit

Hello

Welcome to our forums!

Sorry for the delayed reply.

Most likely in the first process the extension failed to be installed. In the current situation, please go this location C:\WINDOWS\Downloaded Program Files\ and delete all the files that look like this qsax.*. Reboot and retry the installation.

Have a great weekend!

zenon

Hello

Welcome to our forums!

Sorry for the delayed reply.

Most likely in the first process the extension failed to be installed. In the current situation, please go this location C:\WINDOWS\Downloaded Program Files\ and delete all the files that look like this qsax.*. Reboot and retry the installation.

Have a great weekend!

------------------------ --------------------

July 24, 14:00 EDT, Canada

Thanks for the reply, Christian. I looked for qsax.cab and for Panda's as2stubie.cab in that folder, and I used the Windows 7 search engine for the C:\ folder. These 2 files are not on the computer.

As I alluded to in my post, the "Install" button in Internet Explorer 9's yellow box is, at least in some circumstances, a misnomer since clicking on the button does not immediately install the item. Unfortunately, alot of things in Windows 7 and I.E.9 lack the simple logic and common sense intuition of windows 98 through windows XP and I.E.6.

In any case, I had hoped that the profuse detail in my post would have served to make things clear for anyone reading it. The detail may have, instead, obscured the nature of my problem. I do not have reason to believe that there is a problem with either Bitdefender's or with Panda's ActiveX.

Either I.E.9 has displayed the information in a quirky, mis-leading way which causes confusion in the mind of anyone who is paying attention or who has a reason to be suspicious. Or, I.E.9 is not processing the ActiveX correctly. Or, a malicious process is doing something. The only way for me, by myself, to find out is to allow I.E.9 to complete the installation of the ActiveX. If the 3rd possibility is at work, then I will have created more trouble for myself.

I have not been able to get any answer to the stated question "Does one normally see this NAME CHANGE situation when I.E.9 deals with ActiveX installation/digital-signature verification" in forums which have sub-forums specifically allotted to browser/internet issues, such as Microsoft Answers, BleepingComputer, computerhope, etc. I therefore had hoped that someone asoociated with Bitdefender, or someone in the forum's general public readership, would know the answer from past experience, or would be able to find out. If someone did a "test" by doing the first steps of installing the Activex, the ActiveX would not actually be installed since one could abort the installation, as I did, by not giving the final consent. All I need to know is whether or not the Digital Signature-related box normally adds "[1]" before and after the real file name. If someone told me that their IE9 did the same thing, then this would not be definitive proof of safety. However, if someone said that their IE9 did not add "[1]", then this would support my decision not to install the ActiveX until after I re-install windows. Unfortunately, I need to do some security-related things with the computer before I re-install Windows.

Thanks very much for your patience and indulgence.

rootkit

Hello

Thank you very much for your feedback!

The current situation should not occur on any version of Internet Explorer. Have you tried to reset IE 9 to default settings?

http://support.microsoft.com/kb/318378

Also, have you tried to use the scan with another browser?

Regarding those logs that you mentioned, I am not sure this is displayed those logs.

Take care.

zenon

Hello

Thank you very much for your feedback!

The current situation should not occur on any version of Internet Explorer. Have you tried to reset IE 9 to default settings?

http://support.microsoft.com/kb/318378

Also, have you tried to use the scan with another browser?

Regarding those logs that you mentioned, I am not sure this is displayed those logs.

Take care.

---------------------- -------------------

July 30

Hi, Christian

I tried your advice regarding RESET I.E.9 SETTINGS TO DEFAULT. Now, when I click on the BitDefender QuickScan "scan" button, absolutely nothing happens. In particular, no I.E.9 box asking for permission to install the ActiveX appears. The same thing now happens when I try to use the Panda online scanner.

rootkit

Hello

Have you tried to reinstall Internet Explorer? Also, Have you tried to use QuickScan in Firefox or Chrome?

Thank you!

zenon

Hello

Have you tried to reinstall Internet Explorer? Also, Have you tried to use QuickScan in Firefox or Chrome?

Thank you!

------------------ -----------

July 31

My Firefox browser is corrupted and also will not uninstall.

Chrome installed but with a warning message citing many errors.

Opera will not install.

I therefore cannot risk trying to un-install then re-install I.E.

I cannot re-install my operating system [Windows 7] for another few weeks.

Do you have any other ideas ? If not, could you please ask for an opinion from one of the other experts who is associated with Bitdefender. Your continued input has been greatly appreciated.

rootkit

Hello

In the current situation, I recommend you to install a trial version of Bitdefender 2013 or Bitdefender 2009 Free to scan your PC.

The last one(2009 Free) you can install it near another antivirus without any conflicts(if you have another security solution.

http://www.bitdefender.com/solutions/free.html

http://forum.bitdefender.com/index.php?act...f=241&id=42

Take care.

zenon

Hello

In the current situation, I recommend you to install a trial version of Bitdefender 2013 or Bitdefender 2009 Free to scan your PC.

The last one(2009 Free) you can install it near another antivirus without any conflicts(if you have another security solution.

http://www.bitdefender.com/solutions/free.html

http://forum.bitdefender.com/index.php?act...f=241&id=42

Take care.

-------- -------------

Aug. 1st

The free anti-virus would not install. The free anti-virus webpage says that the system requirement is XP or Vista. I have Windows 7. I have a GData anti-virus/firewall suite already installed but with the anti-virus functions disabled. I tend to doubt that either of these two facts had anything to do with the failure to install.

rootkit

Hello

If you have that antivirus installed, one of the engines used by it is Bitdefender. So, in this case, please run a full system scan and make sure your computer is safe.

Take care.

zenon

Hello

If you have that antivirus installed, one of the engines used by it is Bitdefender. So in this case, please run a full system scan and make sure your computer is safe.

Take care.

------------------ --------------Thanks for your help, Christian. I now consider this thread as closed.

rootkit

Hello

Thank you for your feedback on this.

I declare this topic resolved.

Have a wonderful day!