Does anyone have any cast iron info on BT, 121media and sysip.net?
Information is a bit scant but I really need to know if I have a trojan, if BT dns servers have been comprimised or if BT has done a deal with a media company which redirects dns lookups.
Here's the problem.
On Friday 29-Jun-07 I noticed that firefox would say 'looking up' or 'connecting to' dns.sysip.net on every website I visited. This seemed to be intermittent so I didn't take much notice of it.
Later I googled dns.sysip.net and discovered that in October 2006 it was being used for malware / spyware.
A bit worried I ran virus scans and rootkit scans. Nothing found. I downloaded some specific tools which seemed to give a false positive but all virus scans from four different vendors all report the PC is clean.
A few more recent threads have popped up froum around 25-Jun-07 with the same dns.sysip.net problem. What stood out was this latest clutch of threads are all from BT users.
That was a few months ago though so have BT done a deal and is my browser being redirected to sysip?
Today I contacted BT support who state that "they have not been informed" of any kind of link up with 121media. That is not firm proof either way though.
Anyone have any info? So far today the browser has not contacted sysip.net but it could come and go.