Risk notifications for "Tracking Cookies" from Startup Quick Scans appear on migrated SEP clients with a specific migration history. The policy is configured to not display the risk notifications to the user, however, the risk detection pop-up is displayed to the user.
Risk notification pop-ups for tracking cookies are displayed to the user when the policy is configured to not display the alerts.
When migrating from SAVECE 10.x to SEP 11.x, the 'Auto Generated Quick Scan' under HKCU should be converted to Active Scan on Start-up, but this was not the case.
With the following migration history of 10.x > 11.x > 12.1 RU1 > 12.1 RU2, the process to MigrateUserScan did not run in 12.1 RU1 causing all the scans to be still there under HKCU.
When MigrateUserScan executed in 12.1 RU2 the scans migrated from HKCU to HKLM, however the Start-Up Scan format was wrong it was expected to be under 'Active Scan on Startup' but was under 'Auto-Generated Scan'. The scan did not migrate correctly and the new keys introduced were not added to the old set which migrated creating an orphaned startup scan.