Video Screencast Help

Removing commercial toolbars with EndPoint

Created: 05 Mar 2009 • Updated: 23 May 2010 | 5 comments
FredF's picture

Hi Guys,

Can I remove commercial toolbars (ie. Yahoo, Live, Google) on the clients with Endpoint?

Would be nice...



Comments 5 CommentsJump to latest comment

ShadowsPapa's picture

You could block access to their files, the DLLs and so on, with SEP. Application control - setup a rule where any process can't launch or touch those files. I also added a google folder to the program files folder, then locked it so even system and admin can't get into it, prevents any installs since the folder already exists.

I use SEP to block the GOOGLE and YAHOO crap. We don't need our users getting into ads, and being tracked where they go and search.

And as a heads-up - a couple years back a person here SOMEHOW got the google desktop search installed. An hour later, ITE management contacted us with the IP and MAC address of that computer - it was attempting to access their domain controllers! That @#$%^ google crap was doing a search of the WHOLE state network and hammering away at DCs.

We've banned any google software ever-since.

FredF's picture

Thanks for the heads-up ShadowsPapa. I already wondered why I couldn't find any toolbar blocking topics while any company wants to block that crap.

A suggestion for Symantec as well to include an option in Endpoint to block these apps!

Anyone know the .dll's to block while I really do not want to install the stuff.


Tech2Tech's picture

While I can seen the benefit of blocking the toolbar applications the real problem here is that software publishers allow third party applications to beinstalled with their security/software updates. Probably the worst offender here is Sun that I believe has enabled Google, Yahoo and now MSN toolbars to be installed. Adobe is not far behind with their 'offerings'

I find it virtually hypocritical for a software company to allow 3rd party installs with its own automatic security updates.

I have asked Sun for clarification and of course received no response.

We need somehow to put pressure on these companies to make these installs by selection and not by default if they are at all necessary.

Any ideas how we can do this?

FredF's picture

Well Tech2TEch, you do have a point.  but for now the workaround I requested is a way of protesting, just by discussing it.

I certainly think Symantec could play a role in this by categorizing these apps as threads. If you think clearly these apps are what they are and from our System Management view they are a secutiry thread for the IT organization. If Symantec recognizes these apps as a thread as well, we are a step closer to a more secure environment.

An official Symantec point of view wouldn't hurt in this discussion. :-)



ShadowsPapa's picture

Program Files\Google\googletoolbar.dll if I recall.

i blocked the loading of the DLL and then blocked access to the google folder.

I've not seen any new installs since. It's in application control.

Adobe sucks - you update flash, unless you look VERY closely, you get the google toolbar.  Flash in itself is usually a security risk, as is their acrobat reader. Funny, Adobe gets their hands on something, it's suddenly full of risks! They have decided that scripts, and XML inside of IMAGES is cool, so now IMAGES are a threat! Geesh, Adobe, quit being MS and making things so bloody simple for the badguys! Why do we need XML and scripts inside JPG files?? We don't. Images used to be safe, not now with Adobe at the wheel.