08/07/2013 6233 views

I have a problem with deploy the new Symantec Endpoint Protection 12.1.3, not with the installation of the client but with an internet explorer add-on.

There is a new IE Add-on "Symantec Vulnerability Protection" for Insight-Lookup. The first start of the IE9 after the installation there is an pop-up with this quesiton:

But i don't want that the user see this after the first start of IE9. It should be enabled by dedault. 

So I made an Active Setup after the installation with this commands:

:: Active Setup for Usersettings


if not exist "%inst%\Active Setup" md "%inst%\Active Setup"

if not exist "%inst%\Active Setup\%AppName%" md "%inst%\Active Setup\%AppName%"

copy /y "%~dp0ie9_AddOnEnable.reg" "%inst%\Active Setup\%AppName%\ie9_AddOnEnable.reg" >>"%LogFile%"

copy /y "%~dp0UserInstall.cmd" "%inst%\Active Setup\%AppName%\UserInstall.cmd" >>"%LogFile%"

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\%AppName%" /v "StubPath" /t REG_SZ /d "\"%inst%\Active Setup\%AppName%\UserInstall.cmd\"" /f

in the UserInstall.cmd i make a 

regedit /s "%~dp0ie9_AddOnEnable.reg"


Windows Registry Editor Version 5.00



This Reg enables the Add-On. But anyway there comes the pop-up above with the question if you want to enable or disable it.

How can I hide this message, any ideas?

Answer Summary:
0 Comments   [ + ] Show comments


All Answers


Have a read of this - the webpage has nothing to do with it but it has the pic :P "see Automatically enable newly installed add-ons".

This i the tech info:

I think that GPO will resolve your issue. Mean you can get ride of that scripty stuff too!

Answered 08/07/2013 by: rileyz
Red Belt

  • Thanks, but the problem is, I don't want to allow all of the installed add-on. Because I have packages where we disable an add-on. I think we will have a performance issue on some clients, when we accept all add-ons.
  • You must be missing some Reg settings still, get RegShot and do a gap capture of the before - after clicking the button. Hopefully Regshot will nab that pesky hidden key I think is missing.

    Might be worth getting Regshot to Watch your user dir as well, I think it will be in the reg, but your never know, could be written to file as well.
  • I found the solution my dword Flag was wrong.
    Wrong "Flags"=dword:00000000
    Right: "Flags"=dword:00000400

    Windows Registry Editor Version 5.00