Why does running NAV2008 on same pc by different window user names give different results?

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

I use Norton Antivirus 2008 on pc running Windows XP with SP2.

 

I have 3 windows accounts set up on the computer. I normally run NAV full system scans with the windows user account that has admin privileges. Normally the only scan result is that it finds tracking cookies, which I have it remove.

 

I noticed the tracking cookies it finds are only for the user account that I ran the scan under.

 

Today I ran a full system scan under the admin account. It found tracking cookies for that account only. It showed total objects scanned were 171638. I then ran a full system scan under a second windows userid, which does not have admin privileges. The scan found 80 tracking cookies for that account. Total objects scanned were 163005.

 

Prior to running the scans, I closed all other programs and disconnected internet connection.

 

1. Why doesn't running a scan with NAV under a windows admin account find all the problems on the computer?

 

2. Why does running a scan under a different account show 8000 fewer objects scanned than a scan run under different account immediately before it ?

 

3. If you have NAV2008 and want to scan your pc for threats, should you run one scan under one windows admin account, or do you need to run scans with each account?

 

Thanks

4 Likes

1. Why doesn't running a scan with NAV under a windows admin account find all the problems on the computer?

Running a scan under a Windows admin account will find & resolve all threats except for tracking cookies. Since cookies are associated with specific user accounts, it was a design decision to only resolve tracking cookies for the user that initiated the scan. We definitely see value in enhancing this design to resolve tracking cookies for all users and will consider this for future releases of NAV & NIS.

 

2. Why does running a scan under a different account show 8000 fewer objects scanned than a scan run under different account immediately before it ?

This is because one of your user account does not have admin rights. Due to lack of priviledge, scans run under that account may not access files/folders that require admin priviledges. For example, by default, it will not have access to \Document and Settings\<Admin User> folder.

 

3. If you have NAV2008 and want to scan your pc for threats, should you run one scan under one windows admin account, or do you need to run scans with each account?

I would suggest running a full system scan from your admin account, then periodically run a quick scan from your other accounts to get rid of tracking cookies for those accounts.

 

Regards,

Spencer

2 Likes

Spencer:

 

Thanks for your reply. I appreciate the info. It makes sense that tracking cookies from other user accounts might not be included in a scan run from a different account.

 

You might consider posting an info message when a complete system scan is run from a non admin user account that not all items on the computer will be scanned since the account doesnt have admin privileges.

 

I do have a question about one part of your message.  


SpencerL wrote:
 

2. Why does running a scan under a different account show 8000 fewer objects scanned than a scan run under different account immediately before it ?This is because one of your user account does not have admin rights. Due to lack of priviledge, scans run under that account may not access files/folders that require admin priviledges. For example, by default, it will not have access to \Document and Settings\<Admin User> folder.

 


In my case, I ran two full system scans. First scan was in user account that had admin privileges. Second scan was in non-privileged user account. Per the NAV scan results:

                                                                  Admin user scan                                   Nonadmin user scan  

Total items scanned                                   171638                                                   163005 

Files & directories                                       169291                                                   159744 

Registry entries                                                235                                                         235 

Processes and startup items                         1410                                                       1402

Network & browser items                                 695                                                       1618

Other                                                                    5                                                             5

 

I can understand the admin scan finding 10000 more files and directories than the nonadmin scan. I don't understand why the admin scan found 823 fewer network & browser items than the nonadmin user scan. Part of the missing network and browser items would be the 80 tracking cookies in the nonadmin user acount. That still leaves 700 network/browser items in one account that the admin scan did not scan.

 

Are the 700 items not scanned by the admin user account all browser cookies in the other user account, or does a complete scan done with admin user ignore other items in other accounts?

 

Thanks.

Are the 700 items not scanned by the admin user account all browser cookies in the other user account, or does a complete scan done with admin user ignore other items in other accounts?

Not quite. The 695 Network & Browser items scanned are cookies associated with the admin user. The 1618 Network & Browser items scanned are cookies associated with the nonadmin user (with 80 of them being tracking cookies). Supposely we have the enhancement to scan and resolve tracking cookies for all users, the admin user scan will report 2313 Network & Browser items scanned with 80 of them as tracking cookies.

 

Regards,

Spencer

1 Like

Spencer, thanks for clearing this up.

Interesting question and I look forward to the answer on what should happen how you make a full system scan a full system scan ...

 

It may just be the way Windows was built to work .... 8:(

 

What I call Working As Designed, Unfortunately .....