I have a problem with deploy the new Symantec Endpoint Protection 12.1.3, not with the installation of the client but with an internet explorer add-on.

There is a new IE Add-on "Symantec Vulnerability Protection" for Insight-Lookup. The first start of the IE9 after the installation there is an pop-up with this quesiton:

But i don't want that the user see this after the first start of IE9. It should be enabled by dedault. 

So I made an Active Setup after the installation with this commands:

:: Active Setup for Usersettings


if not exist "%inst%\Active Setup" md "%inst%\Active Setup"

if not exist "%inst%\Active Setup\%AppName%" md "%inst%\Active Setup\%AppName%"

copy /y "%~dp0ie9_AddOnEnable.reg" "%inst%\Active Setup\%AppName%\ie9_AddOnEnable.reg" >>"%LogFile%"

copy /y "%~dp0UserInstall.cmd" "%inst%\Active Setup\%AppName%\UserInstall.cmd" >>"%LogFile%"

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\%AppName%" /v "StubPath" /t REG_SZ /d "\"%inst%\Active Setup\%AppName%\UserInstall.cmd\"" /f

in the UserInstall.cmd i make a 

regedit /s "%~dp0ie9_AddOnEnable.reg"


Windows Registry Editor Version 5.00



This Reg enables the Add-On. But anyway there comes the pop-up above with the question if you want to enable or disable it.

How can I hide this message, any ideas?

Answer Summary:
0 Comments   [ + ] Show Comments


Please log in to comment



Have a read of this - the webpage has nothing to do with it but it has the pic :P "see Automatically enable newly installed add-ons".

This i the tech info:

I think that GPO will resolve your issue. Mean you can get ride of that scripty stuff too!

Answered 08/07/2013 by: rileyz
Red Belt

  • Thanks, but the problem is, I don't want to allow all of the installed add-on. Because I have packages where we disable an add-on. I think we will have a performance issue on some clients, when we accept all add-ons.
  • You must be missing some Reg settings still, get RegShot and do a gap capture of the before - after clicking the button. Hopefully Regshot will nab that pesky hidden key I think is missing.

    Might be worth getting Regshot to Watch your user dir as well, I think it will be in the reg, but your never know, could be written to file as well.
  • I found the solution my dword Flag was wrong.
    Wrong "Flags"=dword:00000000
    Right: "Flags"=dword:00000400

    Windows Registry Editor Version 5.00

Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja