DNS Changer Malware

Information concerning this malware issue.


DNS Changer is a malware issue. GCI does not control any of the sites listed below under the links section, and is providing this information as a reference for our customers. GCI, uses DHCP, which will provide your system the correct DNS settings, however, these settings can be overwritten by this or other malware applications. The following articles provide the information you need to determine if your system is infected with this malware. The FBI article contains corrective steps.

back to top


CNN article: http://www.cnn.com/2012/04/23/tech/web/fbi-malware-dns/index.html

CNET article:

FBI article: http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

FBI announced web site for more information: http://www.dcwg.org. This site contains the link below to check your DNS.

  • DNS check site: http://www.dns-ok.us/
    • If the image returned is RED, your computer is using a DNS Changer nameserver and is probably infected
    • If the image returned is GREEN, your computer appears to be looking up IP address correctly and is probably not infected.

If your computer appears to be infected, you should follow the steps in the FBI pdf article first. If that does not correct your computer, Norton does provide a free cleaner which should remove the malware. (Note: GCI does not support this action, if you have any issues you need to contact Norton at 877-889-6853. This link is only provided as a courtesy)

 back to top

GCI DNS Settings

GCI’s DNS settings are:

  • Preferred DNS Server:
  • Alternate or Secondary DNS Server:

back to top

Related Articles

Windows DNS Change Steps

back to top