NIS Popup "Action Required" refers to deleted file. Cannot stop popup

Norton Security | Norton Internet Security
1

Greets,

 

We have Norton Internet Security (NIS) 2010 installed on 3 business computers as well as my wife's home computer, and have installed up-to-date virus signatures, etc.

 

The problem involves my wife's computer. When she upgraded to a faster winXP computer from her older win98 machine, I ZIPped her e-mail INBOX file and transferred it to her new computer, placing it in C:/TEMP for possible future use. The ZIP file has never been decompressed.

 

When the system starts, NIS pops up an "Action Required" window, and says it has found multiple instances of W32.Swen.A@mm in the e-mail ZIP file. I dismiss the popup, but when the system is restarted it appears again (understandably). So I finally removed the ZIP file, and it is no longer on the computer. Still, NIS pops up the same warning every time the system is shut down and restarted.

 

Since the file in question is no longer on the system, why does NIS keep "finding" it, and how can I bring this vicious cycle to a permanent end?

 

Thanks for any tips,

 

Ed Crosby

 

(Email address removed to protect your privacy.)

2

Hi EdCrosby,

 

Open Norton Security History and click the "Show" dropdown list.  Select "Unresolved Security Risks."  If the threats in question appear there, click the "Clear Entries" button to remove them.  The reason you are seeing the alerts is that once Norton finds a threat but is not involved in its removal, Norton will continue to assume that the danger is still present.

3

Thanks. All clear now.

 

I removed all NIS activity logs, then did a full system scan with no risky results.

 

As a check, I then plugged in the external storage device to which I had copied the infected file, ran another scan, and NIS found the infection(s) again. I removed the storage device, cleared the logs, and rescanned with no infections indicated.

 

As a result of the above, I'd suggest having NIS automatically double-check the system after finding required actions in the scan log to verify that the infected file(s) are still on the system and potentially dangerous.

 

Thanks again,

 

Ed