I was working on a friend’s PC when I noticed that links were missing on some pages that I visited with Internet Explorer. For example, the big blue button labeled “Download Now” was missing from the Microsoft Security Essentials web page. Visiting the same page with Firefox showed the blue download button. I noticed similar problems at 2 more sites: malwarebytes.org was missing the download button in IE but not Firefox and bing.com was missing the word “Bing” in IE but not Firefox. See screen captures below. I suspect malware was selectively blocking links to download anti-malware tools in IE (Firefox seemed not affected).
Using Firefox I downloaded, installed and ran antivirus and anti-malware programs. Microsoft Security Essentials reported two threats: VirTool:Win32/Obfuscator.XY and Virus:Win32/Induc.A
These antivirus and anti-malware tools found no threats:
- Trend Micro House Call – online scan
- Windows Live OneCare Safety Scanner – online scan
- Dr. Web CureIt!
I tried some other fixes like resetting IE browser settings and removing IE8.
I used search engines with keywords like the 2 named threats (VirTool:Win32/Obfuscator.XY and Virus:Win32/Induc.A), obfuscate, missing download links, blocking security software and IE with little success.
I suspect the computer was infected with a malware that was trying to hide it’s tracks and make itself more difficult to remove by hiding download links for malware removal tools. And what else was this malware doing? Keystroke logging, identity theft, participating in bot nets?
I repaired the PC with a clean install of the Operating System.
Anybody know more about this issue?