Information concerning this malware issue.
Overview
DNS Changer is a malware issue. GCI does not control any of the sites listed below under the links section, and is providing this information as a reference for our customers. GCI, uses DHCP, which will provide your system the correct DNS settings, however, these settings can be overwritten by this or other malware applications. The following articles provide the information you need to determine if your system is infected with this malware. The FBI article contains corrective steps.
Links
CNN article: http://www.cnn.com/2012/04/23/tech/web/fbi-malware-dns/index.html
CNET article:
http://news.cnet.com/8301-1009_3-57418276-83/web-could-vanish-for-hordes-of-people-in-july-fbi-warns
FBI article: http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
FBI announced web site for more information: http://www.dcwg.org. This site contains the link below to check your DNS.
- DNS check site: http://www.dns-ok.us/
- If the image returned is RED, your computer is using a DNS Changer nameserver and is probably infected
- If the image returned is GREEN, your computer appears to be looking up IP address correctly and is probably not infected.
If your computer appears to be infected, you should follow the steps in the FBI pdf article first. If that does not correct your computer, Norton does provide a free cleaner which should remove the malware. (Note: GCI does not support this action, if you have any issues you need to contact Norton at 877-889-6853. This link is only provided as a courtesy)
- Norton Cleaner : http://security.symantec.com/nbrt/npe.aspx?lcid=1033. This is Norton’s malware/spyware cleaner
GCI DNS Settings
GCI’s DNS settings are:
- Preferred DNS Server: 209.165.131.12
- Alternate or Secondary DNS Server: 209.165.131.13
