Alureon.E creatng a separate partition untouchable by System Sweeper/ Forefront?


  • Has anyone else seen this?  This is the second time in 2 weeks that we've seen a new partition created by Alureon.E that stores the malware in separate 1MB location.  Any ideas on how to clean this?  You can see the partition under computer management/ disk management, but if you try to delete it, it throws an error.
    Wednesday, January 4, 2012 3:36 PM


All replies

  • For information about Security updates, visit the Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy. If you are having issues with installing the update itself, visit Support for Microsoft Update for resources and tools to keep your PC updated with the latest updates.



    Miya Yao

    TechNet Community Support

    Friday, January 6, 2012 6:26 AM
  • What software is giving you this message?
    Wednesday, January 18, 2012 3:40 PM
  • Chuck, 


    I was getting this error in MS Standalone System Sweeper, part of the MS DART 7 boot disk.

     Maurice.  This picture was actually taken while I was booted to the CD.  System Sweeper is basically Forefront/ MSE on a boot CD.  I've been cleaning rootkits for years now, using System Sweeper, but this one was a little different in that it created it's own partition to store the malware. I was just wondering if anyone else had seen this before.  Thanks for all of the responses!  It was new to me.



    Wednesday, January 18, 2012 6:19 PM
  • I have seen a fair amount of this lately too. I've also had to resort to making repairs while booted from DART and not the native system on the computer. So far I've had moderate success... /Tony
    Wednesday, February 1, 2012 3:05 PM
  • Clay, the easiest way to resolve this is by going to

    1. Start > right-click Computer > Manage > Disk Management.
    2. Look for that partition without a drive letter then delete it.
    3. Restart the computer then run a full scan again.

    Important note: Some cases result to a 'no boot' situation. Do this at your own risk.

    Val Ramirez

    Saturday, May 12, 2012 7:34 PM