Endpoint Protection

hi guys i see you have the http://sh.st/AeotZ problem as well so i scanned my pc with malwarebytes and here is a pic of the important things 

https://ibb.co/cw3Mdw  here is the pic  i will give you the code of the file here  -------------------------------------------------------------------------------------------------------------------------------- 

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">  
<RegistrationInfo>    
<Date>2017-07-25T23:47:01</Date>    
<Author>Alib234</Author>  
</RegistrationInfo>  
<Triggers>    
<CalendarTrigger>      
<StartBoundary>2017-07-25T23:47:00</StartBoundary>      
<Enabled>true</Enabled>      
<ScheduleByDay>        
<DaysInterval>1</DaysInterval>      
</ScheduleByDay>    
</CalendarTrigger>  
</Triggers>  
<Settings>    
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>    
<DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>    
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>    
<AllowHardTerminate>true</AllowHardTerminate>    
<StartWhenAvailable>false</StartWhenAvailable>    
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>    
<IdleSettings>      
<Duration>PT10M</Duration>      
<WaitTimeout>PT1H</WaitTimeout>      
<StopOnIdleEnd>true</StopOnIdleEnd>      
<RestartOnIdle>false</RestartOnIdle>    
</IdleSettings>    
<AllowStartOnDemand>true</AllowStartOnDemand>    
<Enabled>true</Enabled>    
<Hidden>false</Hidden>    
<RunOnlyIfIdle>false</RunOnlyIfIdle>    
<WakeToRun>false</WakeToRun>    
<ExecutionTimeLimit>PT72H</ExecutionTimeLimit>    
<Priority>7</Priority>  
</Settings>  
<Actions Context="Author">    
<Exec>      
<Command>C:\Windows\explorer.exe</Command>      
<Arguments>"http://sh.st/AeotZ"</Arguments>    
</Exec>  
</Actions>  
<Principals>    
<Principal id="Author">      
<UserId>Alib234-PC\Alib234</UserId>      
<LogonType>InteractiveToken</LogonType>      
<RunLevel>LeastPrivilege</RunLevel>    
</Principal>  
</Principals>
</Task> 
-------------------------------------------------------------------------------------------------------------------------------- 

the first interesting thing in this code is that it sets the author to your account name on your pc it probably it is just because windows needs a author in a task file

but by that logic we can know on which account the virus was injected on.

then we have this set of lines
"<Exec>      
<Command>C:\Windows\explorer.exe</Command>      
<Arguments>"http://sh.st/AeotZ"</Arguments>    
</Exec>"
this just executes the link through explorer so it opens in the default browser

also on the start of the code it has a date so we can know when the computer was infected with the virus 

so i have nothing more to say so if you guys have any idea why symantec is doing this please let me know

but i think it's because the products were not selling well

so they made a little malware\virus pointing to their website but throught a sh.st link so they can make money but that is just my idea :P
 

**also if the link to the pic is not working then delete "%C2%A0" at the end of it

打开计算机管理,找到 SVC Update,禁用就行了....

Thank you very much.But  something still opens my browser,jump to this webpage,I can't find the "PPI Updates" as Weiho above.

Use Cleanwipe:

http://www.symantec.com/docs/HOWTO124983

hi,symantec,I have uninstalled the symantec ,but everyday ,my brower will auto run and open the link "http://sh.st/AeotZ" ,and play ads.When I click the button "skip this ad",it will jump to the "https://www.symantec.com/connect/blogs/download-insight-sep-121" page.So please tell me how to get rid of symantec completely

it works, thanks~

I have had the same problem and I just solved it. You can either disable or delete the ''PPI Updates'' in Task scheduler. You should be able to find it in the main window if not you should be find it somewhere in the task scheduler library. Since I deleted it I have no more issues.

This is Norton NOT SEP. Post over in the Norton community:

https://community.norton.com/

Hello, i just registered in this page just to comment. i tried every method but i couldn't stop your link from making a chrome redirect pop-up tab. it ususlly happenes when i'm idle or playing a game. it looks like your product is made to help other computers' security, but i think this kind of advertising method is not safe at all. and it seems like i'm not the only one having this problem. if you are confident that your product is made to protect our browsers and computers, please help me to get protected from your illegal adware. please prove your product is worth downloading by advertising your product legally, properly and formerly so you will gain more trust from people. that's how you make more people make use of your product.

in one sentence, please tell me how to stop your pop-up ads. thank you.

Having the same problem as Weiho above. Every night at about 10 pm chrome opens a link to this page. I can assure you I will not be using any of your products in the future as I consider this harrasment.

hi,

My chrome brower always pop out this webpage everydayat 23:48p.m. 

The only connection is that once I used the symantec to clean virus ramnit.A or ramnit.B. 

After the behavior of poping out webpage, I used the "Spyhunter"&"Norton", but they didn't work.

Hope that I didn't bother you but it's annoying indeed. Would you give me some advices? Thx~~

Hsu weiho

xuweihechitu@126.com

Thanks for the fast response, the information you have provided is very useful.

Thanks

Tim

Hi,

Supported Web browsers are as per the following.

• Microsoft Internet Explorer 7, 8, 9, or 10
• Mozilla Firefox 3.6 through 15.0.1
• Google Chrome, through 22.0.1229.79

Note: This list of supported browsers applies to the Symantec Endpoint Protection Manager only. For a list of supported browsers for Browser Intrusion Prevention, please see Supported Browser versions for Browser Intrusion Prevention

http://www.symantec.com/docs/TECH174537

Also check this article.

System Requirements for Symantec Endpoint Protection, Enterprise and Small Business Editions, and Network Access Control 12.1.2

http://www.symantec.com/docs/TECH195325

Hi Chetan,

Is chrome support on the roadmap? (We have many web devs using chrome)

Cheers

Tim

Hi,

It won't degrade the performance. 

Hi,

Thanks for the info..iam having one doubt..whether it will affect the performance if we turned ON both insight and auto protect?