Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

tracking.teebic.com (loa.teebik.com)

Created: 04 Apr 2014 | 9 comments

Hello,

I have a problem with the subjected sites which seem to auto-open regularly without my consent. Windows XP, Windows 7. It seems that Browsers are affected. Alrady tons of webseites with very recent dates posting "how to remove guides". However, this/these malwares seem resiliant toi ANY antivirus/antiadware/antimalware/... programs available.

Any positive experiences or maybe a Symantec solution?

Thanks in advance,

Operating Systems:

Comments 9 CommentsJump to latest comment

.Brian's picture

Please download the SymHelp tool and run a Threat Analysis Scan:

How to run the Threat Analysis Scan in Symantec Help (SymHelp)

http://www.symantec.com/docs/TECH215519

Let's see what that comes back with.

What's the exact SEP version that you're running? In addition to AV, are you also running NTP (Firewall and IPS) as well as Proactive Threat Protection?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

golubovski's picture

Brian,

Thank you for helping!

I have attached 4 JPGs. It seems that I am clean?! I reconsidered the history of my problem with the sudden, multiple http://tracking/teebik.com/... redirections. I am not 100% sure, but it seems to me that all those incidents occure when I click on couple of news links via my Facebook account. Is it possible that those sites (and not my computers) are infected and trigger the redirections?

Thanks in advance,

sep.jpg scan001.jpg scan002.jpg scan003.jpg
.Brian's picture

I would follow the recommended action by the symhelp tool. Have you removed that bad file?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

golubovski's picture

No, that is my email checker which only reads my POP accounts for emails without ever executing attachments. Anyway, it has been present in my Windowses for decades :) The SEP (being completely active) never complains on PopTray.

I am not familiar with the WEB technologies but the redirections occur only when I open particular news portal in my FB account. My Q is now the following:

Can this suspicious website trigger the redirections when Firefox executes its scripts or do they only trigger from within my system (Firefox)? Again, NONE of the malware clients (adwcleaner, malware bytes, SEP, ...) find a single detecition!!!

PS: SEP's intrusion detection is an active extension in my Firefox!

Thanks again,

R

.Brian's picture

It definitely could trigger re-directions.

And that was going to be my next suggestion to try a third party scanner such as Malwarebytes, etc. but you already did that :)

Another idea I might suggest is to download Process Explorer from Microsoft and use it watch for malicious activity. Keep it open and when you browsing and re-directed to that site, you can check PE to see if any file activity is occurring.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

golubovski's picture

:)))

For the time being I am quite positive I am not infected! However, I was hoping that Symantec would be aware of this malware since there are lots of "how to remove" guides on google.

Anyway, since Symantec is "oblivious" than I conclude there is no such "local to clients" threat. Though it would be really nice to hear an official standpoint from Symantec on this issue.

R

golubovski's picture

James,

Nothing new - I am either infected or sitees are :) My previous attempts included adwcleaner, malware-bytes, ... - all resulting in 0 detections!

My Q to the general community would be - is "tracking.teebick.com" redirector really a downloaded virus, or just "infected" sites' malware?

R

Mick2009's picture

Hi golubovski,

This forum is intended for peer-to-peer support.  If you are looking for official Symantec help against a potential threat, it would be best to open a case with Technical Support and supply the SymHelp output, etc for examination.

With best regards,

Mick

With thanks and best regards,

Mick