Malware discussion board locked, now what?

Norton Security | Norton Internet Security
1

I've got a stituation: My windows resource monitor shows a lot of intermittent connections to hicks-nnn-mm.optonline.net, including ones from dell's pc doctor and even norton 360 itself. (Matching the PID to the image name.) The nnn and mm (or mmm) values are three digits and vary for each connection. I'm at my son's house and it's quite possible that he's got optimum as a provider, so this is probably just some sort of quirk. I'd like to know for sure.

 

The malware discussion board is closed, so where should I have posted this? A google search doesn't show anybody else with this concern.

2

The Malware discussion board was locked because it was too easy for users to interupt the malware removal process,by making suggestions that were not relevant to the current infection. This made it difficult for the Malware Removal expert to control the removal process.

 

When you have an issue, you can post in the board for your product, in your case the 360 board here  http://community.norton.com/t5/Norton-360/bd-p/Norton_360  If it needs to be moved, you will still see where it has gone.

 

If you have done a full system scan with 360 with no issues found, you probably have nothing to worry about. Is the computer behaving strangely at all?

 

If you are still concerned, I would suggest a second opinion scan using the FREE version of Malwarebytes. You can find it here http://www.malwarebytes.org/products/malwarebytes_free/

 

 

 

3

The Forum is too dangerous for malware removal.

 

Example  http://community.norton.com/t5/Norton-Internet-Security-Norton/Suspicious-Cloud-9-and-iwebar-uninstall/m-p/1068777/highlight/true#M251011

 

 

User got told here to run Malwarebytes,  they did and then after restart system now does not load correctly.

 

 

Quads

4

After discussion with Optimum tech support, it turns out that optimum has a set of name servers in Hicksville, and these intermittent connections apparently are going there. They appear to be using a multi-level name search algorithm, first resolving the hicks prefix and then splitting the server work to resolve the final target name.

 

Keyword: hicks.optonline.net (to remove hicksnnn) from Google search. Example id: hicks218-11.optonline.net

 

As an aside, the Optimum online support seems better than most.

5

I hope you're not using the term 'Hicksville' as a derogatory hate word against country folk.

 

The backbone of this country are those country folk.

 

have a good day! :)

6

Hello

 

Hicksville is a name of a town where Optimum is located.

7
fneske wrote:

After discussion with Optimum tech support, it turns out that optimum has a set of name servers in Hicksville, and these intermittent connections apparently are going there. They appear to be using a multi-level name search algorithm, first resolving the hicks prefix and then splitting the server work to resolve the final target name.

 

Keyword: hicks.optonline.net (to remove hicksnnn) from Google search. Example id: hicks218-11.optonline.net

 

As an aside, the Optimum online support seems better than most.

Thanks for posting back. Your level of detail and technical information provided would, I'd suggest, warrant marking your last post as the Solution; this will help any users encountering a similar situation in the future to zero in on the information they need to restore their sense of security!

 

V/R,

--DistEd2