Scripting Question

Deploy Symantec Endpoint Protection 12.1.3

08/07/2013 6651 views

I have a problem with deploy the new Symantec Endpoint Protection 12.1.3, not with the installation of the client but with an internet explorer add-on.

There is a new IE Add-on "Symantec Vulnerability Protection" for Insight-Lookup. The first start of the IE9 after the installation there is an pop-up with this quesiton:

But i don't want that the user see this after the first start of IE9. It should be enabled by dedault. 

So I made an Active Setup after the installation with this commands:

:: Active Setup for Usersettings


if not exist "%inst%\Active Setup" md "%inst%\Active Setup"

if not exist "%inst%\Active Setup\%AppName%" md "%inst%\Active Setup\%AppName%"

copy /y "%~dp0ie9_AddOnEnable.reg" "%inst%\Active Setup\%AppName%\ie9_AddOnEnable.reg" >>"%LogFile%"

copy /y "%~dp0UserInstall.cmd" "%inst%\Active Setup\%AppName%\UserInstall.cmd" >>"%LogFile%"

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\%AppName%" /v "StubPath" /t REG_SZ /d "\"%inst%\Active Setup\%AppName%\UserInstall.cmd\"" /f

in the UserInstall.cmd i make a 

regedit /s "%~dp0ie9_AddOnEnable.reg"


Windows Registry Editor Version 5.00



This Reg enables the Add-On. But anyway there comes the pop-up above with the question if you want to enable or disable it.

How can I hide this message, any ideas?

Answer Summary:
0 Comments   [ + ] Show comments


All Answers


Have a read of this - the webpage has nothing to do with it but it has the pic :P "see Automatically enable newly installed add-ons".

This i the tech info:

I think that GPO will resolve your issue. Mean you can get ride of that scripty stuff too!

Answered 08/07/2013 by: rileyz
Red Belt

  • Thanks, but the problem is, I don't want to allow all of the installed add-on. Because I have packages where we disable an add-on. I think we will have a performance issue on some clients, when we accept all add-ons.
  • You must be missing some Reg settings still, get RegShot and do a gap capture of the before - after clicking the button. Hopefully Regshot will nab that pesky hidden key I think is missing.

    Might be worth getting Regshot to Watch your user dir as well, I think it will be in the reg, but your never know, could be written to file as well.
  • I found the solution my dword Flag was wrong.
    Wrong "Flags"=dword:00000000
    Right: "Flags"=dword:00000400

    Windows Registry Editor Version 5.00

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ