Hello. Microsoft Essentials detected this thread in my PC. But when I tried to remove it it tells me I need to run Windows Deffender Offline. I burned it into a CD and then clicked in the icon that says mpam-fex64.exe it looked like it did something but after rebooting my PC and run MSE again the thread is still there. Am I doing something wrong here or is there another method of fixing this thread? I am using Windows 7, 64 bit. I am really desperate.

I'm having this same problem. I tried that. Downloaded the 64-bit version, ran it, created a bootable thumb stick. Booted from that, scanned, it found stuff (but not Alureon.A) cleaned those things. Reboot & Microsoft Essentials STILL says I've got Alureon.A It would be nice if I could escape that cycle. Is there some other fix? Because this one isn't working for me.

Ordinarily, Defender Offline removes these types of infections. However, run the Safety Scanner. Boot the computer to Safe Mode, i.e. start tapping F8 when you switch on, then choose Safe Mode with Networking. Now download, save and run a full scan of Microsofts Safety Scanner. Get it here http://www.microsoft.com/security/scanner/en-us/default.aspx

My battle with this trojan began some time last week. I read a lot of forums and websites & all sorts of stuff on it. Right now, it looks like it's finally gone. I'll keep my fingers crossed for a couple days and we'll see. Here's a link to a site that I think helped but I'll go into what exactly I did too. http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller From the sounds of it, this Alureon thing tries to hijack internet things (yea that's generalized). I wasn't really seeing most of the symptoms that I'd heard about on various sites. What I was seeing as a symptom, was that my DNS kept resetting itself to nothing. I've got static IP here and a lack of DNS settings means I can't get to the internet correctly. I also had my IP set to some nonsense that I didn't write down at the time. But that only happened once. The DNS going to nothing was happening repeatedly (even while I was searching online for help, every so often I'd have to re-enter the DNS or my web browsing went to nothing.) I'd tried TDSSKiller and the Windows Defender Offline before (last week). I tried them again (so many reboots!) today. I even tried http://safety.live.com where they had me download a 10-day thing. (That one said it removed it partly) What seems to have worked, was the bit on bleepingcomputer.com where they say to re-name the .exe so the virus won't recognize it and it's able to work correctly. Hopefully this will help someone.

This is one stubborn virus! It's back again. All was fine (with Microsoft Security Essentials no longer detecting problems) until the middle of the day today. When I came back to my computer Security Essentials says we've got Alureon.A (again) and the DNS is reset to nothing (obtain DNS services automatically) with any windows we had left open are no longer open. So I'll probably run TDSSKiller again because that at least gets me out of the 'partly clean - still infected' cycle. But I haven't found anything that works long term yet.

I have a similar situation to the OP. Windows Security identifies my computer as infected with Trojan:DOS/Alureon.A I can boot just fine. Normal mode, safe mode, no problem. Here's the twist-- I can't run any programs. Well, i can run a few programs. Windows Security, which alerts me about the trojan, claims to have cleaned it, and then it reappears. And a few other minor programs, like explorer.exe. When I try to open any other program, including Malaware and TDSSkiller, the program appears to start for a moment. It appears in the task manager with *32 after the process name. Then it fades away. Over and over. I've tried running it in safe mode. I've tried running it as an administrator. I've tried in normal mode. I've tried running it off a memory stick. I've tried renaming TDSSkiller.exe into something innocuous, like niceguy.exe or something that obviously has permission to run, like explorer.exe. Same results. Starts to run, fades away. I've booted with the Windows Offline Defender disk. First full scan it caught a whole slew of things, but repeated scans show it clean. Here's the weird thing - aside from not letting me actually RUN any programs, there doesn't seem to be any other activity, as far as I can tell. Then again, it could be trying all kinds of browser redirects - I can't get a browser open to find out. I've taken the machine offline, just to be safe. Oh, Windows 7 64bit, by the way. Could the *32 in the task manager be a clue? Is it screwing up all my programs by forcing them to run as 32 bit? So... any ideas?

If tdsskiller doesnt work,use FIXTDSS FIXTDSS Launch it,it should ask for a reboot,on reboot,click on REPAIR,you should be able to run TDSSkiller now. Latest variant of MAXSS seems to block both TDSSkiller and fixtdss.Try renaming FIXTDSS.exe to FIXTDSS.com and launch it.If that doesnt work,ask for help in malware removal forums like Bleeping computer. A 10 mb hidden rootkit partition needs to be made inactive via recovery console or linux cd to make these tools run.Get the experts help. good luck

When a computers get infected its because weve made something dangerous and we have opened the door of our computer for the virus to enter. The only way to be sure the virus has gone its formatting the computer. And you have to think about what you did wrong that allowed the virus infected your computer. Some tips: * Delete unknown emails. * Only download original software and from the developer webpage. * Not surfing on strange webpages. * Be careful if you insert a USB into your machine, the best option would be not enter to the Explorer to it, and use cmd. You could also first try to restore to a point before getting infected your computer. Unfortunatly, theres no more options... Antivirus only detect one of each four virus, so it means that if you have detected DOS/Alureon there are three viruses more that the antiviruse hasnt detected. I have here some viruses that you can try analize with virustotal.com and any antivirus could detect them. Regards, Manu.Si esta respuesta le ayud a solucionar su problema puede marcarla. Esto ayudar a otros usuarios a resolver su mismo problema. Participante en news.lechado.com