Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: lsolson
lsolson Author
User level: Level 1
8 points

External IP Address Issues

Please forgive me if I don't use correct terminology, but here is my problem.


Three days ago my internet speed started getting sluggish. At first I didn't think much of it, but when it persisted I ran speedtest.net. Instead of getting my usual 24+ down and 3+ up, I was getting 5 down and .something up. I noticed here that my IP was not the normal address. I called my ISP about my speeds, they said they didn't know and would send a tech out. I mentioned the new IP and they said it wasn't an issue. I looked up this IP that I was now reporting and the info I got was that it was 400 miles away from me and was a proxy server.


The next day my normal IP was back along with my usual speeds, so I didn't have the tech come out. Now today, I get an e-mail from my ISP saying I have been infected with Alureon malware which is changing my DNS settings and to go to their site and download Nortorn to fix it. I just scanned my system with Sophos and didn't come up with anything. Also, my IP right now is back to this new one with horrible speeds. If I shut down my modem and router for several minutes then turn them on, I first have my normal IP, but it is switched after only a few minutes.


Any advice on what might be going on?


Thank you for your time.

MacBook, Mac OS X (10.6.8)

Posted on Feb 21, 2012 10:13 AM

Reply
6 replies
User profile for user: fane_j
fane_j
User level: Level 4
3,697 points

Feb 22, 2012 12:49 AM in response to lsolson

lsolson wrote:


I get an e-mail from my ISP saying I have been infected with Alureon malware

Unless you're running Windows on your Mac, that's impossible. Alureon does not (cannot) infect Mac OS X. See


<http://www.symantec.com/security_response/writeup.jsp?docid=2008-091809-0911-99& tabid=2>


I don't know about the other issue. I think your ISP holds the key to that problem.

Reply
User profile for user: lsolson
lsolson Author
User level: Level 1
8 points

Feb 22, 2012 9:58 AM in response to fane_j

Since yesterday...


Not only did I scan with Sopohos, I also ran ClamX, and MacScan. I called my ISP, which is Comcast, to inform them that I have no such malware. They told me my scans weren't good enough and I needed to run Intego Virus Barrier. So I did. Again, nothing. The guy at comcast told me if I don't get rid of this "bot" they are going to shut my internet off after March 6th. He originally denied (Comcast) being responsible for the forwarding to a proxy server, then later told me it was because I was showing "bot" activity and that it was coming from my modem. ???


Ok, my network setup.


I have a Comcast cable modem and a Netgear router. The network is password protected, WPA2. 3 MacBook Pro's and an HP printer connect to the network. I don't have any windows things. A few Android phones that use the wireless occassionally if that matters.

Reply

External IP Address Issues

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up