Since Microsoft released Win32/Alureon rootkit detection and removal capabilities in MSRT in May, there’ve been “over 1,200,000 successful removals. In terms of detections by operating system, XP continues to be the most common target, chalking up over three quarters of detections across all platforms. Vista and Windows 7 are relatively unchanged from May report.
Just under a month, a new variant of Alureon is found that infects Master Boot Record (MBR) instead of an infected driver of 64-bit machines running Vista or higher, while rendering 64-bit XP and Server 2003 machines unbootable,” reports Microsoft. As a side effect of the bootkit, Disk Management pane of Computer Management console will fail to show the system drive altogether:
It’ll also fail to show up in command line using diskpart:
Proactive detection has been available for Microsoft Security Essentials, Forefront Client Security, Forefront Server Security, and Forefront Threat Management Gateway.