It seems that the idle quick scan is NOT removing tracking cookies.  I want to the "kontera" website [p.s. don't know if this is against the TOC to link to a tracking cookie website.  If not, just Google "Kontera" and visit the virst result.  Also, any tracking cookies will do] to spike myself with cookies and waited for the idle quick scan to kick in.  It completed the scan but did not pop up any message. I immediately started a manual quick scan and voila, the quick scan detected the cookies and deleted it.  Shouldn't the idle quick scan detect the cookies and delete it and b. display a message that it has "removed" the cookies?

Windows 7 Home Premium (64 bit) SP1, Norton Internet Security 2012 (19.5), Internet Explorer 9.

The "quick scan" that ran during idle time did not detect anything, but the "regular" quick scan I ran manually detected the cookie.  You probably can replicate this behavior.  Spike yourself with a tracking cookie, turn on tracking cookie deletion in settings, and wait for the idle time quick scan to run (after virus definition installation) [Tip to avoid waiting too long for the scan to run, go to Settings>General and change all the values (minutes) to 1 minute].  After the idle time scan completed (I open the Norton task window to see when the scan complete), check the security history.  Without doing anything else (clear cookie, etc), immediately run the manual quick scan (this will remove the cookie that the idle time quick scan did not detect.

To replicate bug:

1. Visit the "kontera" website to spike yourself with tracking cookies.
2. Go to settings>Computer>Computer scan and move "tracking cookie scan" and "low risks" to remove.
3. Update Norton and check whether the virus definition has come in.
4. Go to settings > General settings and change all the idle time to 1 minute.
5. "Flip" the GUI and click "Norton task."
6. Don't disturb your PC and wait for Quick Scan to kick in.
7. Immediately after quick scan completes, check the security history.
8. Close the security history and manually invoke the quick scan using scan now > quick scan, which should detect the tracking cookie the idle time quick scan missed.

Just wanted to add that before the latest 19.5 update, the idle time quick scan was detecting and deleting the tracking cookies just fine. After the update, idle time quick scan no longer detects the cookies (only the manually run quick scan detects and delete the tracking cookies).

Wanted to add that I am using the "full" definition with "smart definition" turned off.

It seems that the idle quick scan is NOT removing tracking cookies.  I want to the "kontera" website [p.s. don't know if this is against the TOC to link to a tracking cookie website.  If not, just Google "Kontera" and visit the virst result.  Also, any tracking cookies will do] to spike myself with cookies and waited for the idle quick scan to kick in.  It completed the scan but did not pop up any message. I immediately started a manual quick scan and voila, the quick scan detected the cookies and deleted it.  Shouldn't the idle quick scan detect the cookies and delete it and b. display a message that it has "removed" the cookies?

Windows 7 Home Premium (64 bit) SP1, Norton Internet Security 2012 (19.5), Internet Explorer 9.

Hi needhelp2234:

Welcome to the Norton Community!

I believe that the Idle Quick Scan does not remove any tracking cookies, only a Quick and/or Full Scan.

Hope this helps.

Atomic_Blast :)

---

Atomic_Blast wrote:

Hi needhelp2234:

 

Welcome to the Norton Community!

 

I believe that the Idle Quick Scan does not remove any tracking cookies, only a Quick and/or Full Scan.

 

Hope this helps.

 

Atomic_Blast :)

---

It did in the past... (before 19.5 update).

Also, I suspected that with the 19.5 update, idle quick scan no longer removes tracking cookies, but wanted confirmation from the "Norton guys."

Did you test it out to see for yourself?

Hi needhelp2234:

You wrote:

Did you test it out to see for yourself? - Yes.

Unless I'm forgetting something, Idle Quick Scans do not scan for tracking cookies in NIS 2012 - even 19.2!

Here's a quick test to validate what I said above:

1) Login to your computer with Admin privs.

2) Go into History -> Security History -> Full History and clear it. (Note, everything in all categories and Quarantine will be deleted.)

3) Go surf some websites. Have fun.

4) Let computer enter an Idle mode, so the Idle Time Quick Scan can run - About 15-20 minutes, I guess.

5) Go back into History ->Security History -> Scan Results. Look for Quick Scans (note the timestamp) and click on the entry.

6) Look through the Summary, there should be no evidence of Tracking Cookies being removed.

See what I mean?

However, tracking cookies can also be managed at the browser level, if they are annoying to you.

You want to accept First-Party cookies and reject Third-Party cookies in that case. Allow Session cookies.

In IE 9... I have it set up this way...

Hope this helps answer your concerns.

Best,

Atomic_Blast :)

Hi needhelp2234:

Addendum to the above post...

The time that the computer goes into an Idle state (on AC power) in NIS is primarily governed by Idle Time Out.

So you need to know what it is set for when and if you decide to perform the above testing. Please see this link for further information.

FWIW.

Atomic_Blast :)

---

Atomic_Blast wrote:

Hi needhelp2234:

 

Addendum to the above post...

 

The time that the computer goes into an Idle state (on AC power) in NIS is primarily governed by Idle Time Out.

So you need to know what it is set for when and if you decide to perform the above testing. Please see this link for further information.

 

FWIW.

 

Atomic_Blast :)

---

I know that, but I usually test immediately after PC starts, so the delay background task is set to 1 minute.  Also, if idle time quick scan does not detect tracking cookies, does it detect low risk threats (option turned "off" by default)

I can't help but wonder if the new design in 19.5 - to only post a "Scans Completed" notification if a threat is actually found by an Idle Quick Scan - may have something to do with this.  If the Idle Quick Scan removed tracking cookies as threats, then the notifications that so many users found "annoying" would continue to appear with irritating frequency.  Worse, the unwanted interruption would concern the removal of Tracking Cookies, which hardly qualify as true threats.  In fact, earlier versions of Norton did alert when Tracking Cookies were found, and this behavior was eliminated due to user complaints about it.

Also, in the settings, "low risk" is turned off by default.  Does idle time quick scan STILL detect low risk threats?  Also, what threats are considered "low risk"? 

Also, can a Symantec employee please confirm idle quick scan not removing tracking cookies by design or is this a defect.

Also, I miss the pop up reminder that a quick scan has completed.  I wonder if Symantec could still display the pop-up if i have set notification to on and supress the pop-ups if I set it to "off."

Also, I know I can manually dump all cookies by pressing ctrl+shift+delete and checking all options except "Favorites website data."

Thank you Atomic_Blast. Thank you ... Thank you!

I absolutely hate tracking cookies from third parties that spy on my activities on the web. I used to run a quickscan daily to get rid of these pesky critters. Now you showed me how to set up IE to block exactly the cookies I want to block. It works like a bomb! No need to run a quickscan regularly, for the sole purpose of getting rid of objects that raise my blood pressure.

Thanks again!

@sendofjives can you please test with low risk threats?  Also, if Norton idle time quick scan is NOT detecting low risk threats, it won't detect any of the threats on this page: http://www.symantec.com/security_response/threatexplorer/threats.jsp since they are classed "low risk"?

Hi neels:

Glad to be of assistance! If there's anything else you need, just post back.

Hi needhelp2234:

If there are any threats beyond tracking cookies in Quick Idle Time Scan, be assured that NIS will take care of them, like it would do during any another scan or realtime compromise of your system. Keep in mind that no one piece of security software, IMHO, is a panacea for all threats. I actually use NIS 2012 in conjunction with Malwarebytes Anti-Malware (free, on-demand version) located here and the Secunia Personal Software Inspector (PSI)  here.

Between these three products and SafeWeb, I have not been infected. Your security "house" is only as good as the foundation on which you build it. If the overall "foundation" is weak, the house will come down, so you have to ensure that your OS, Apps, etc., is fully patched and up-to-date.

All these tools will help you achieve that.

One last thing... Don't surf in unsafe or questionable places. Norton SafeWeb in your supported browser or online at http://safeweb.norton.com/  is a great tool for surfing clean and staying safe. Backup your clean system regularly.

Java, IMO, is also a mecca for security problems but that is a story for another time.

Hope this mini-rant will help you both!

Regards,

Atomic_Blast :)

I scan with Malwarebytes' once a month or whenever I feel like it.  I always keep my drivers/program updated.  I tend to use the Firefox plugin checker at http://www.mozilla.org/en-US/plugincheck/ to check my plugins.  I also update my ATI drivers from http://support.amd.com/us/gpudownload/Pages/index.aspx.  In addition to NSW (Norton Safe Web), I use Web of Trust:WOT (http://www.mywot.com/) and have Smart Screen filter of IE9 turned on.

I just want to know whether Norton removes the "low risk" threats during the idle time scan.  If not, I will probably have to run the manually quick scan once a week to pick up anything the idle time quick scan misses.  I run the manual full scan once a month.  Anybody know what Symantec deems as "low risk" threat?

P.S. I would close this thread as soon as Symantec employee confirm whether:

Idle time quick scan removes (or should remove):

a. Tracking cookies

b. Low risk threats

The removal of both of these risks are turned off by default in settings.

So can I assume that this "bug" is an intended behavior?  How about low risk threats?  Will that be removed?

Hi needhelp2234:

You wrote -

Idle time quick scan removes (or should remove):

a. Tracking cookies

b. Low risk threats

If you look under Settings-> Computer -> Computer Scan, each of above settings has three options -

Remove

Ignore

Ask Me

As for Low Risks, even I would like a few examples (aside from Tracking Cookies,) i.e. Joke Programs, some Spyware, Adware etc.

Atomic_Blast :)

Tracking cookies are definiately not touched by the idle quick scan regardless of settings (I have it on "remove" on both settings).  I would not consider infecting my only PC to test out Norton.

Hi needhelp2234:

I believe that the default setting for Low Risks is "Ask Me" which should not leave you vulnerable.

We just need to quantify what is considered to be low risk in the context of NIS.

Symantec?

Atomic_Blast :)