Hello all, new forum member running Norton Internet Security v. 16.8.0.41 under Win XP Pro.

After Windows task scheduler starts a full system scan, my scan goes fine and I eventually get the final dialog window telling me that all is well (prompts me to click Finish to close).

I have noticed that until I click Finish or otherwise manually close this last dialog box, the results of my scan are not written to the log file for later review!  If I switch Windows users or shut down without taking some form of manual action to close that final window, the scan results are nowhere to be found later on.

This sucks when you're trying to start a scan, then retire for the evening and let your PC shut itself down after the scan completes.  I've tried telling Windows task scheduler to shut down the program after it runs a reasonable length of time (a workaround I read in these forums), but that stupid last window still won't close.

If anyone knows of a command-line switch or other fix that would remedy this problem, it would be greatly appreciated.  I can work around a scan that takes an hour or two, but scanning my (defrag'd) PC takes about 3 hours these days.  It's getting so I just about HAVE to do full system scans at night.  Leaving my PC running all night long is not an option I want to consider, either.  Thanks!

HI Beretta92,

Welcome to the Norton Community. It looks like your post got missed for a few days, apologies for that.

Which SP do you have with Windows XP?

Also I see from your description that you have NIS 2009 which is out of date. You are entitled to a free update to NIS 2010 provided your subscription is current.

Are you running a scheduled scan because you need better control over when it runs vs the normal FULL Idle scan? The Full IDLE scans already runs in the background.

I have reproduced the behavior you have outlined in my own testing after I saw your thread here.

Using the Windows command line scheduler you are able to specify command line options but unfortunately I don't believe there is one to tell NIS to run silently. You might find the following thread of interest.

http://community.norton.com/t5/Norton-Internet-Security-Norton/NIS-2009-Command-Line-switches/m-p/87487/highlight/true#M46739

I will make an inquiry with Symantec to see if there is a way of doing this that I have not found. In the meantime I don't believe there is a way to accomplish this. BTW, I have also tested this on NIS 2011 BETA and see the same behavior where the scan results are not saved until you click Finish.

I would also suggest that you post this in Norton Ideas.

In the meantime I would recommend that if it is possible that you rely on the built in IDLE scans which runs in the background and will automatically save results in history.

Hope this helps.

Best wishes.

Allen

HI Beretta92,

As mentioned in my last post I would recommend that you upgrade to NIS 2010 which is free with a current subscription.

You can do this as follows:

Please download the full version of NIS 2010 from here and save to a convenient location such as your desktop.

Just in case any problems are encountered you should back up your Identity Safe (if used) by follow this procedure.

Also in case of any unforeseen problems you should make note of your product key which you can get from your Norton Account.

You can install NIS 2010 over the top of your NIS 2009 as long as your current version is working with no problems.

Please let us know how it goes.

Best wishes.

Allen

Thanks for your feedback on my issue. Helpful to know what I can and can’t do, for better or for worse. Idle time scans have been turned off, since I’ve previously been using scheduled scans. I’ll see if I can get it to run IDLE full system scans at night. That’s an option that I haven’t fully explored! FYI, am using Windows SP3. My system scan times have risen from 1.5 hours to 4 hours in the last several weeks, and I can’t abide it during daytime hours any more. I just about have to scan late at night now, given the severe performance impact. If the idle scanning saves the logfile without user interaction, that will accomplish my task just as well. Appreciate your time and trouble. Cheers!

Thanks for the NIS 2010 link.  Even if it doesn't fix the logging problem, perhaps it will improve the scan times.  Probably can't hurt to have a more recent edition, either.  Cheers!

HI Beretta92,

IDLE time full scans run approx. once per week and when the time comes due will run after 10 minutes of IDLE time (by default). You can configure the IDLE timeout in MIsc. Settings. It is configurable for anywhere from 1-10 minutes in 1 minute increments. You can also set the frequency of IDLE time scans in Computer Settings.

I would suggest giving this a try and see if it will run at the right time for you. I believe it will.

Say you go to bed and the time is due for the weekly full scan. After 10 minutes the scan starts and since you are away from your computer it should complete provided that your computer does not shut down in the middle of it.

Also when IDLE time scans start, it will automatically be paused when you start using your computer. So even if it does start during the day it should not interfere with your work.

And YES please update to NIS 2010, not only for possible improvements in scanning time but also because it is the latest AV engine and will provide better protection over-all.

Hope this helps.

Best wishes.

Allen

am:
> when IDLE time scans start, it will automatically be paused when you start using your computer.

That statement is not correct.

Touching the mouse or keyboard but then _not_ using the computer will stop the scan.

On the other hand, the cpu can be 100% busy (e.g., mbam full scan, windows update, whatever) and the "idle" (sic) scan will proceed.

---

joen wrote:

am:
> when IDLE time scans start, it will automatically be paused when you start using your computer.

 

That statement is not correct.

 

Touching the mouse or keyboard but then _not_ using the computer will stop the scan.

 

On the other hand, the cpu can be 100% busy (e.g., mbam full scan, windows update, whatever) and the "idle" (sic) scan will proceed.

---

Hi Joen,

I know that some people have had problems with this but in general it does work and I've tested it quite a bit at different times. Using the mouse and keyboard is the primary detection of Idle time from NIS's viewpoint.

If something else is running in the background during a NIS Idle scan, this does not interfere with the use of the computer.

Allen

Hello Beretta92

If you are going to try the Idle Full System Scan, please make sure you get rid of the scheduled scan so that both scans don't run especially at the same time.. Also you can try running Norton Insight and hit refresh, that might cut down a little on the scan time . If you have Scan Performance Scan set to High Trust, that can cause longer scans . You can use Standard Trust if you aren't already.

I use the Idle Full System Scan every week and my scans are logged without me doing anything at all. I check my scan log and it's been there every week and I check it sometimes before i even see the notice that the scan has completed.

Hope this will be of some help to you. Thanks.

---

floplot wrote:

Hello Beretta92

 

If you are going to try the Idle Full System Scan, please make sure you get rid of the scheduled scan so that both scans don't run especially at the same time.. Also you can try running Norton Insight and hit refresh, that might cut down a little on the scan time . If you have Scan Performance Scan set to High Trust, that can cause longer scans . You can use Standard Trust if you aren't already.

 

I use the Idle Full System Scan every week and my scans are logged without me doing anything at all. I check my scan log and it's been there every week and I check it sometimes before i even see the notice that the scan has completed.

 

Hope this will be of some help to you. Thanks.

---

Hi Floplot,

High trust results in shorter scan times but is not the recommended setting. Full scan results in all files being scanned.

A good description of the difference between Standard and High trust is here.

Hi Beretta92,

To delete a scheduled scan, please see this post. Click on Application ratings from the main NIS window. What trust level is it set to? Standard trust is recommended.

Best wishes.

Allen

NIS 2010 now installed and configured.  I don't remember having an option to manually run an Idle Full System Scan under NIS 2009, am VERY happy to see that option in the 2010 version!

Provided that the idle scan results are indeed written to the log automatically, this may very well fix my problem.  I'll update here when I find out for sure, looks pretty promising right now.

Thanks again for your time and trouble.  Cheers!

Hi Beretta92,

No problem at all. Not sure what you mean by manually running a full Idle system scan though. You can run a full manual system scan but you cannot force an IDLE full system scan. 

Please do let us know how things goes.

Best wishes.

Allen

am:
> some people have had problems with this

OK

> but in general it does work

You use the most peculiar logic.  I have _multiple_ computers where it does not work correctly.  Others have the same problem also.  I just can't figure out where you're going with this.  Whether you're apologizing for Symantec or if you're dismissing the problem.  I just can't figure out what you're actually  trying to say.

Here's the logic.

1. The standard dictionary definition of "idle" is "not working or active; doing nothing; not in use or operation."

That's not my definition, that's the dictionary guru's definition.  But I agree with it.  It's just COMMON SENSE.

2. NIS 2010 will run an "idle" (sic) scan when the cpu is 100% busy.  That's an absolute fact, not an unfounded belief, rumor, or assumption.  Multiple customers.  Multiple computers.  Multiple OS's.

3. But NIS 2010 will _not_ run an idle scan when the cpu is 0% busy -- if the mouse is touched.  Go figure.

Conclusion:  (well, _one_ conclusion)  Symantec does not use the common definition of the word idle.  The one that makes sense.

Why does this matter?  Because when you start up a LONG RUNNING process and walk away, you expect it to finish in a certain amount of time.  So when you return and see that it's not completed -- but there is an "Idle scan" pop-up on the screen -- you're really disappointed.

> I've tested it quite a bit at different times.

Test some more.  _Multiple computers_.  Multiple OS's (xp, vista, 7).  Mbam and MS malicious software removal tool full scans.  I've even had an idle scan launch during a lengthy windows update!  Video conversion, compile code -- anything where neither the keyboard nor the mouse are touched.

> If something else is running in the background during a NIS Idle scan,
> this does not interfere with the use of the computer.

I'm not sure what to make of this statement.
I'm uncertain whether non sequiter or oxymoron best applies.

Let's parse your words.  First half.

"If something else is running in the background during a NIS Idle scan"

"Something else" does not run "in the background" during an "NIS idle scan".  You have worded it exactly backwards!

An "NIS _idle_ scan", unfortunately, does run "in the background" while "something else" IMPORTANT that the customer started is running in the foreground.

If an "NIS idle scan" is running at the same time as a more important _foreground_ process, then it is not (wait for it) "an IDLE scan"!  You can call it whatever you want -- a whenever-the-computer-is-busy scan -- but it's clearly not an idle scan.

Parse the second half.

"this does not interfere with the use of the computer."

This statement indicates a complete lack of understanding of the problem.

The computer belongs to its owner, in this case a Symantec customer.

When the owner starts a LONG RUNNING PROCESS, he relies on Symantec to keep their word.  In this specific instance, it means not starting an IDLE scan while that customer is running something important that is using, say, 100% of the cpu.  For an important, long running process.

If Symantec starts a while-the-computer-is-100%-busy scan (and perversely calls it an "idle" scan), then Symantec is usurping the computer from its rightful owner.  And greatly lessening the value of their product to their customers.

From the NIS start window, you can select "Norton Tasks" (far left).  Next window lists "Idle Full System Scan" under Background Jobs.  You can start it manually there, don't have to wait for idle time to kick in first!  Sure don't remember seeing that in the 2009 version.

I verified that this does indeed write the scan results into history automatically, hooray!  Unless there are issues with full system scan time, I'm feeling increasingly optimistic.

Will update later, thanks again.

Hi Joen,

I understand your point and I never said it was a perfect system so please don't assume that I did. I said this works for most people and it does.

And trust me, I understand the problem you are referring to precisely.

I am a software engineer and make HEAVY use of my computer and I still do not find this getting in my way. Again for most it works fine but it is not a perfect system.

I'd also make the statement that having a 100% Idle system to include other processes that might occasionally have to do some work would cause the Idle scan to stop and start numerious times on many computers. For example, on my computer I run something called Virtual Weather Station (weather is my hobby). This software tends to take about 15% or so of one of my four CPU cores while it polls the weather station. If NIS included this in the Idle calculation my computer would never be able to run a full Idle scan!

Just to point out that it is simple to quote the dictionary definition of IDLE but in practice it is more difficult than it sounds.

Feel free to post a suggestion on this in the Norton Ideas Forum. I'd be happy to see further improvements in this process also!

Best wishes.

Allen

---

Beretta92 wrote:

From the NIS start window, you can select "Norton Tasks" (far left).  Next window lists "Idle Full System Scan" under Background Jobs.  You can start it manually there, don't have to wait for idle time to kick in first!  Sure don't remember seeing that in the 2009 version.

 

I verified that this does indeed write the scan results into history automatically, hooray!  Unless there are issues with full system scan time, I'm feeling increasingly optimistic.

 

Will update later, thanks again.

 

 

---

Hi Beretta92,

Well I'll be! I honestly had not noticed that you could start an IDLE scan manually in this way!!

Well done on that one!

I'm running one right now just to confirm that it truly is a FULL scan.

I'll look forward to updates after your first NIS initiated FULL Idle scan.

Best wishes.

Allen

This method does indeed show up as a Idle Full System Scan in History! Running one from the main NIS window via Scan Now shows up in History as a Full System Scan, note without the word IDLE in front.

So this does indeed appear to be a way of manually invoking a Full IDLE scan by the user!

It does not get paused when the mouse or keyboard is used like a regular Idle full scan. Makes sense because this is actually initiated by user choice.

Learn something new every day!

Allen

joen -

You can place user defined programs to trigger "Silent Mode" in the Settings > Miscellaneous Settings > Silent Mode Settings > User Specified Programs > Configure.  When any of these programs are running, NIS will go into Silent Mode which suppresses the notification pop ups AND suppresses the starting of the Background Tasks (IDLE time tasks) for as long as those programs are active.  Maybe this will help in what you are experiencing.

am:
> this does indeed appear to be a way of manually invoking a Full IDLE scan by the user!
> Learn something new every day!

OK then, here's another way.
Just start a long running process that uses 100% of the cpu but doesn't use the kb or mouse.  :)

db:

> You can place user defined programs to trigger "Silent Mode" ...
> When any of these programs are running, NIS will go into Silent Mode which suppresses ...
>  the starting of the Background Tasks (IDLE time tasks) for as long as those programs are active.

Thank you for this useful information.  I will use it when, for example, I run full scans with other products, etc.

The problem, of course, is that this is only a partial solution which addresses only the _symptom_ ("idle" scan running while the cpu is 100% busy) and not the problem.

(But I appreciate the information nevertheless, as a workaround.)

It also requires the user to rigorously define the processes _in advance_.  As I mentioned, I was surprised when a Windows update ran surprisingly long and an "idle" scan started.  There are surely other examples.

I request that a Symantec employee ask the developers to explain why an idle scan is started when the cpu is virtually pegged at near 100% busy.  What is it about the algorithm that allows that to happen?

Hi Joen,

As I said I understand your point and your frustration. However this thread was started by Beretta92.

You have another thread tracking this issue here and that is really where we should track and work on your issue.

I am all for seeing improvements in this area of IDLE detection by NIS. I also suggested that you post this suggestion in the Norton Ideas forum and I still think you should.

Also as I mentioned before, though certainly there could be improvements in IDLE detection it is not as easy as just saying "wait until the computer is 100% Idle". If so, then the scan would never get a chance to run because most computers are almost never 100% idle.

In addition to what Dbrisendine said, have you considered also disabling IDLE time scans and creating a schedule of your own choosing for your scans?

Best wishes.

Allen