Risk Notifications for Tracking Cookies from Startup Scans appear on migrated SEP clients.


Article ID: 157561


Updated On:


Endpoint Protection


Risk notifications for "Tracking Cookies" from Startup Quick Scans appear on migrated SEP clients with a specific migration history.  The policy is configured to not display the risk notifications to the user, however, the risk detection pop-up is displayed to the user.

Risk notification pop-ups for tracking cookies are displayed to the user when the policy is configured to not display the alerts.


  • When migrating from SAVECE 10.x to SEP 11.x, the 'Auto Generated Quick Scan' under HKCU should be converted to Active Scan on Start-up, but this was not the case. 
  • With the following migration history of 10.x > 11.x > 12.1 RU1 > 12.1 RU2, the process to MigrateUserScan did not run in 12.1 RU1 causing all the scans to be still there under HKCU.
  • When MigrateUserScan executed in 12.1 RU2 the scans migrated from HKCU to HKLM, however the Start-Up Scan format was wrong it was expected to be under 'Active Scan on Startup' but was under 'Auto-Generated Scan'.  The scan did not migrate correctly and the new keys introduced were not added to the old set which migrated creating an orphaned startup scan.


This issue has been fixed in Symantec Endpoint Protection 12 Release Update 2 (RU2) Maintenance Patch 1 (MP1).  For information on how to obtain the latest build of Symantec Endpoint Protection, read TECH 103088: Obtaining an upgrade or update for Symantec Endpoint Protection or Symantec Network Access Control.

Applies To

This is only reproducible when a client migrates from SAVCE 10.x  >  SEP 11.x  >  SEP 12.1 RTM  >  SEP 12.1 RU1 MP1  >  SEP 12.1 RU2