Administrator defined scans and full scans ran from Endpoint Protection Manager do not find tracking cookies, but client side and log in scans do.

book

Article ID: 155960

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Weekly Administrator defined scans, and scans ran from the Endpoint Protection Manager (SEPM) do not find tracking cookies.  Client side scans, both full and active, along with log in scans (if enabled) do find tracking cookies.

No error messages.

Resolution

This is expected behavior and is working as designed.  Administrator defined scans and full scans ran from the SEPM are initiated using the SYSTEM account.  Cookie detections rely on the user's account token and are only detected in this space.  Within the product there are user based scans that provide protection for this type of condition.