Hi Vincenzo,
Hope this explains things to some extend.
But when I click on one of the files and then More Details, it lists all the files I referred to above on the C drive, and says "No action required". At the bottom of the list it shows the file from the external drive, and says "Removed" next to it.
So what is Norton doing? Why does it list files that do not seem to exist as far as I can tell, then say "No action required" on them?
At first, let me tell that this is quite normal after a successful threat removal. Thats how it is designed to work.
If you clicked the drop box which shows ''File Actions' you can select and view the other actions like regarding the registry or network.
And why is a scan on an external drive showing threats on the internal C: drive?
May be this is my personel view:
There is noting to worry about the files listed by NIS, because NIS scanned the threat as if it was already on system, which means it (threat) created some files for its (threat's) proper execution (which was not correct in your case) and NIS tried to remove that non-existant files (may be existing too, I cannot tell it). That was not your case, so dont worry, again.
Let me make it clear:
The threat (adware in your case) will need some files and registry entries to exist in a system. These essential files must be removed to clear the threat completely. So Norton has searched your C: (which is the favorite location of most threats as well as legitimate programs) for that particular files (which were not really there ) and tried to clean it.
So I closed Norton without removing the threats, ran a scan on the C drive, and it came up clean. Thats why your C: came up clean.
I'm not too much expert in malware analysis, but I can tell you, may be (its a possiblity only) some of those files was in your system if your system was infected instead of that external drive. The reporting of non-existing files in C: is confusing.
And if I navigate to the locations that Norton says the infected files are located, I do not see the files, sometimes the folder it indicates does not even exist. And I am set to show hidden files and folders.
I hope this will explain you :
I had and have a problem currently with my NIS, which is that, the hidden files and system files become visible after NIS removes certain threats (those were residing in my USB flash, not in my system).
It recomes after a lot of reinstallations of both NIS, OS everything, thus I went to the URL provided on the threat name and manually searched for the threat & its side effects and found that the registry keys related to hidden files and system files visiblity was modified by that threat to conceal its presence on system (But my system was not infected and I had manually set the hidden files and system files to be invisible) along with some other registry entries and files too.
Hence Norton tried to revert that setting in registry back to 'view all hidden and system files', assuming that' hide all hidden and system files' was set by that threat. As a result, after successful removal of that threat, my hidden files and system files were visible.
Also some files which it said, it removed was never in my system, especially some shortcuts on desktops.
So in your case NIS assumed some files and registry entries of the popup (aka residue of threat) were in your system and removed it.
You may say it as a drawback or glitch of Norton, but since that files were non existant, nothing to concern about.
Hope it eases you.....
Message edited for readablity.......