Symantec Endpoint Protection Browser Intrusion Prevention is malfunctioning with Client Intrusion Detection System (CIDS) 14.1 or above.
SEP client record errors: Browser Intrusion Prevention is malfunctioning with Internet Explorer. Try to update the signatures Browser path.
Symantec has made changes in CIDS Version 14.1 where the IPS BHO Plugin should be disabled. (By Default, IPS BHO is Disabled in CIDS 14.0) If any configured GPOs in the environment force IPS BHO into the Enabled state, this Pop-up alert is generated. This is by design.
For more information please see Internet Explorer displays a pop-up stating "The Symantec Intrusion Prevention add-on from Symantec Corporation is ready for use" and New Features in Client Intrusion Detection System (CIDS) 14.1
In order to resolve this alert, withdraw any GPOs which force the BHO to be enabled. Alternately, disable the BHO manually.
The GPO which controls this behavior is as follows:
User Configuration/Policies/Administrative Templates/Windows Components/Internet Explorer/Security Features/Add-on Management.