User profile for user: DnM
DnM Author
User level: Level 1
0 points

Alureon

I got notification from Xfinity that my computer is infected with Alureon malware. Checking my 3 Macs I found the signature DNS server addresses on my iMac (OSX10.5.8) in the DNS server listing for the Airport network connection. (85.255.115.155, 85.255.112.128). I had been plagued on this machine for sometime with the "Google DNS Changer" malware, which I ultimately worked around by using OpenDNS to get a new DNS server address. The bad addresses are still in the Airport DNS server list, albeit grayed out. I have VMware Fusion on this machine. Could that be the source of the infection signature? Before I used OpenDNS I was getting constant DNS redirects when clicking on Google search results in Safari or Firefox.


I would appreciate any help in cleaning this up. I have considered upgrading to 10.6, but want to make sure the infection isn't lurking somewhere that will make it show up afte

Posted on Feb 9, 2012 5:52 PM

Reply
2 replies
User profile for user: Camelot
Camelot
User level: Level 9
58,359 points

Feb 9, 2012 8:18 PM in response to DnM

First off, Alureon can only affect Windows machines. If you really are infected then it's your Windows running inside Fusion that's infected, not your Mac.


Running Windows in a VM doesn't remove the need to run anti-virus software in Windows.


Just be sure that you are infected, though, and not the victim of scareware that's telling you that you're infected along with a 'helpful' link to 'clean' your system - these are invariably malware systems designed to play on your fear of viruses and trick you into installing their wares. Nothing beats a commercial anti-virus software app for your Windows system.

If you're getting that warning message on your Mac then it's almost certainly scamware since this virus cannot infect Mac OS X.


As for DNS changer, it's hard to tell whether that's still an issue for your Mac or not, but there are tools that can detect and remove it from your system.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Alureon

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up