I am having an unholy adventure with the Alureon-K root kit.
First it was discovered by Windows malicious software removal. Then I installed Avast, which also discovered it at partition three, but is completely unable to delete it, even after rebooting.
Then I tried Windows Defender Off-line. I created a bootable USB, and that was able to find it, but encountered an error trying to delete it!
Then I tried Kaspersky TDSSKiller with default settings. It found nothing.
Then I booted into the Windows repair console, and did fixmbr and fixboot, and rebooted. Avast still found the Trojan.
Then I tried aswMBR. This found it, but was unable to delete it. I enclose the log.
I launched Microsoft disk Management, and took a screenshot. I don’t see any 2 MB partition. I enclose that screenshot.
I ran OTL, which generated some logs, but I didn’t see any messages in the GUI about any problems found. I enclose those logs.
Next I tried Malware Bytes. This didn’t find anything wrong. I enclose that log.
Then I tried TDSSKiller again, but with the Detect TDLFS filesystem option checked. Now it found problems, but since Cure was not the suggested reaction, I skipped making any changes. That log is enclosed.
Finally I tried RogueKiller. That found one suspicious process, and two suspicious registry entries. I fixed everything. That log is enclosed.
Then I restarted, and ran RogueKiller again. It found nothing! But Avast and aswMBR still find Alureon-K!
Could it be living on my USB thumb drive, which I have plugged in here? But I have run avast scans on it, and it finds nothing.
This is really unbelievable!
I’m not finding any of the symptoms of this Trojan. No blue screens or reboots. The only problem I have with this computer is that from time to time the wireless connection dies and must be repaired.