cgoldman I think Rico is referring only to certain tracking cookies which he is trying to keep, by way of using the ignore option:
>>It's just certain cookies I want to keep. Otherwise my system is clean.>>
>>There is nothing in Quarantine to recover.
Apparently, it just deletes them>>
I have this problem as well which I was discussing earlier today with a member. Possibly what is happening is that when the setting is set to "Remove" they are automatically removed and put into Quarantine, where if you select "Ask Me" or as in Rico's case "Ignore", or get prompted to take an action, they are not Quarantined.
I see, well I don't really. All my tracking cookies are tracked through quarantine. Can I suggest that it would be useful to have documentary evidence please. When you get a threat, you should be told before the scan is completed or at least when the scan is completed. Can you then copy off the threat to another non-scaned area and can you screen capture what is happening. I would also like to see the quarantine list. Of course we should all be talking about Norton 360 v2, and not what might be happening in say NIS.
It would also be useful if you could know which website you goto to pick up the tracking cookie that is deleted rather than recorded.
In your case I would also be grateful for confirmation of your setting - are you using ignore or automatic?
In the case of the referral I have already made, I have provided all of the above. Even that example had issues because the cookie was neither excluded or ignored.
Well the threats that I am detecting are Tracking Cookies and these are in quarantine and can be recovered. When you confirmed by point by point, I though we were talking cookies. I can reproduce the problem at will at least with tracking cookies and have escalated this to a Symantec employee (this despite not having the double confirmation that I would have liked). I hope I was not too premature. It would help to know then exactly what low risk threat you are getting and if you can reproduce this issue. Presumably when you get to the option to exclude or fix, it tells you eactly what it has found? Maybe at that point you could find the threat and copy it off?
Yes, 'm also getting Tracking cookies, but it seems 360 is deleting them instead of being quarantined
Very strange. I think Johna will have the same result.
When you scan do you get a pop up "Alert Manual Fixes required"?
If you click on Tracking Cookie you will get another pop up "risk properties", please confirm
If you click details you should see what Norton has found. Please provide the details - based only on opening and closing 9down.com please.
Close risk properties.
On your desktop or behind other windows you should see Norton results for the scan. At this point it should say Total risks found 1
total risks fixed 0.
In the Alert Manaual fixes, you should select fix and apply.
It should now say "This threat has been successfully fixed".
Hit refresh for good measure and close.
Check view details, more information against last virus scan and advise whether it found 1 and fixed one or just found 1.
You see how detailed we need to be.
Something is not right because when I did this slowly, which I usually do not, I have ended up actually fixing the tracking cookie, but the virus details reporting unfixed. The tracking cookie was however fixed as a further scan proves.
I think I see my problem. When I select "ignore" as opposed to automatic or "Always ask", the result is that the threat is not marked fixed even if I select "fix" but it is fixed and it is quarantined.
I await your results and your worked example of how to reproduce your problem exactly.
I can advise that my particular set of instructions which causes the threat not to be excluded and saved in quarantine has been successfully reproduced by Symantec and therefore has been reported. It is considered a problem and is now escalated to the next level for a team to look at.
If any solution is forthcoming in the future, that solution may fix your circumstances. However, for some reason you cannot exactly reproduce my steps and I am waiting of course for your posting of your steps. However, clearly there is at least one issue here.
Sorry but I wanted to be clear that I still very much welcome your responses to my recent msgs.
I appeciate your problem is slightly different to the circumstances I produced and therefore would like your steps to reproduce your problem and an example of the low level risk and where you got it from i.e. how to reproduce a low level risk that is deleted and is not in quarantine.
No problem, I'm just pushing to try to get as many issues resolved or fwd before the end of July.
Those cookies, did they end up in quarantine? There is no process with Norton 360, afaik, to clean out quarantine.
Matt Kanok's response previously has been "
The Quarantine is purely for historical reasons so that you can see what Norton 360 has caught and when. There's no chance that anything in Quarantine can come back to infect you. Even if you restored it out of Quarantine, our Auto-Protect feature would prevent it from executing anything malicious on your system."
Johna, a regular contributor, gave this response:-
"t's easy to delete the files held in Quarantine.
Go to>Start>Search>All files and folders> type 'quarantine'. After all the results come up, scroll down until you see a line with Norton in it. This will lead you to the Norton Quarantine folder. Open it, select all contents of the folder, delete."
I dont know, in my case the directory that came up was "C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP"
but access is denied. You probably can delete in "safe" mode but I have not tried. Just be careful what you delete, or copy off the directory to a safe place first, test and then delete the files saved off.
Otherwise just make a note or screen capture the list before you begin.
I do not have an answer for you because I have a clean system. Nevertheless, might I suggest that you post your operating system and release, and the version of Norton 360 you are using and the release.
I do not recall anyone else posting this issue. Hopefully, it will not be long before someone responds with more specific help.