Have you come across any digital signatures recently where the properties say "The digital signature is OK." and the certification path looks ok, but then there's this funny thing that the countersignatures timestamp is the time you opened the Digital Signature Details dialog. An authentic version of the same file does no such thing. I'm not really expert on the matter but I doubt the countersignature timestamp should be updating like that. I have to say I got fooled by this as I didn't study the dates carefully. I started investigating when some other things didn't look right.

edit: I guess it's possible that the explorer properties doesn't check that the countersignature timestamp is valid?