Endpoint Protection

 View Only
Expand all | Collapse all

tracking.teebic.com (loa.teebik.com)

  • 1.  tracking.teebic.com (loa.teebik.com)

    Posted Apr 04, 2014 02:42 PM

    Hello,

    I have a problem with the subjected sites which seem to auto-open regularly without my consent. Windows XP, Windows 7. It seems that Browsers are affected. Alrady tons of webseites with very recent dates posting "how to remove guides". However, this/these malwares seem resiliant toi ANY antivirus/antiadware/antimalware/... programs available.

    Any positive experiences or maybe a Symantec solution?

    Thanks in advance,



  • 2.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 04, 2014 06:24 PM

    Please download the SymHelp tool and run a Threat Analysis Scan:

    How to run the Threat Analysis Scan in Symantec Help (SymHelp)

    http://www.symantec.com/docs/TECH215519

    Let's see what that comes back with.

    What's the exact SEP version that you're running? In addition to AV, are you also running NTP (Firewall and IPS) as well as Proactive Threat Protection?



  • 3.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 05, 2014 05:10 PM

    Brian,

    Thank you for helping!

    I have attached 4 JPGs. It seems that I am clean?! I reconsidered the history of my problem with the sudden, multiple http://tracking/teebik.com/... redirections. I am not 100% sure, but it seems to me that all those incidents occure when I click on couple of news links via my Facebook account. Is it possible that those sites (and not my computers) are infected and trigger the redirections?

    Thanks in advance,



  • 4.  RE: tracking.teebic.com (loa.teebik.com)



  • 5.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 06, 2014 04:14 AM

    James,

    Nothing new - I am either infected or sitees are :) My previous attempts included adwcleaner, malware-bytes, ... - all resulting in 0 detections!

    My Q to the general community would be - is "tracking.teebick.com" redirector really a downloaded virus, or just "infected" sites' malware?

    R



  • 6.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 06, 2014 08:44 AM

    I would follow the recommended action by the symhelp tool. Have you removed that bad file?



  • 7.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 06, 2014 08:57 AM

    No, that is my email checker which only reads my POP accounts for emails without ever executing attachments. Anyway, it has been present in my Windowses for decades :) The SEP (being completely active) never complains on PopTray.

    I am not familiar with the WEB technologies but the redirections occur only when I open particular news portal in my FB account. My Q is now the following:

    Can this suspicious website trigger the redirections when Firefox executes its scripts or do they only trigger from within my system (Firefox)? Again, NONE of the malware clients (adwcleaner, malware bytes, SEP, ...) find a single detecition!!!

    PS: SEP's intrusion detection is an active extension in my Firefox!

    Thanks again,

    R



  • 8.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 06, 2014 09:22 AM

    It definitely could trigger re-directions.

    And that was going to be my next suggestion to try a third party scanner such as Malwarebytes, etc. but you already did that :)

    Another idea I might suggest is to download Process Explorer from Microsoft and use it watch for malicious activity. Keep it open and when you browsing and re-directed to that site, you can check PE to see if any file activity is occurring.



  • 9.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 06, 2014 02:46 PM

    :)))

    For the time being I am quite positive I am not infected! However, I was hoping that Symantec would be aware of this malware since there are lots of "how to remove" guides on google.

    Anyway, since Symantec is "oblivious" than I conclude there is no such "local to clients" threat. Though it would be really nice to hear an official standpoint from Symantec on this issue.

    R



  • 10.  RE: tracking.teebic.com (loa.teebik.com)

    Posted Apr 07, 2014 08:17 AM

    Hi golubovski,

    This forum is intended for peer-to-peer support.  If you are looking for official Symantec help against a potential threat, it would be best to open a case with Technical Support and supply the SymHelp output, etc for examination.

    With best regards,

    Mick