Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Prevent registration of new Browser Helper Objects (HIPS) [AC15]

Created: 07 Jan 2013 | 5 comments
Elements_Media's picture

Hi @ All

 

We are using a AC rule in SEP to Prevent registration of new Browser Helper Objects. Now it is blocking us some windows updates... (f.e. for Internet Explorer)

How do I have to design the Application Control exclusion?

 

Thanks for you help

Comments 5 CommentsJump to latest comment

.Brian's picture

in the application policy, add msiexec under "Do not apply this rule to the following processes:"

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

.Brian's picture

Add the file hash of msiexec

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Elements_Media's picture

Am I right or is that not allmost the same as disabling the policy? Because allmost anything uses msiexec to install itself, not?

Is there not a possibility to say, msiexec will just be excluded when it is used by the windows update?

Thanks for your help, Brian.

Mithun Sanghavi's picture

Hello,

What version of SEP 12.1 are you running?

{B4F3A835-0E21-4959-BA22-42B3008E02FF} is a BHO itself with File name URLREDIR.DLL.

However, in your case, msiexec.exe is trying to register itself with the above BHO and is being blocked by SEP.

Could you let me know if the msiexec.exe application is legitimate??

If yes, please diable the ADC rule and run the Application again.

Hope that helps!!

 

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.