Hi MrBrateee,

Can you tell us the name of the threat that Norton says it is blocking?  It should appear in the alert itself  or in one of the entries in the Intrusion Prevention logs in Norton History.

It is not related to the reports of the source code theft, which only affects users of pcAnywhere.

Is there stealing source code and, am I safe if install Norton again?

My problem is not solved. :(

Hi MrBrateee,

OS Attack: MS PRCSS Attack CVE-2004-01162 is an exploit of an old vulnerability that was patched by Microsoft in 2004, so you are not likely to be susceptible to this specific attack unless you are running an OS that was not patched as listed here:

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=20386

If you are seeing these only occasionally, especially when you are visiting a particular website, it may just be that the site is compromised and Norton is successfully preventing an exploit hosted there from running on your computer.  On the other hand, an OS attack is serious business, and if you are getting these repeatedly it may indicate something already on your system that is connecting out to launch the exploit.   When you look in your IPS logs, do you see any entries that list the threat as "System Infected?"  If so, you may wish to post to one of the free malware removal forums where trained experts can run tools to find any hidden malware that may be on your PC:

http://www.bleepingcomputer.com

http://www.geekstogo.com/forum/

http://www.cybertechhelp.com/forums/

http://forums.whatthetech.com/

Again, this has absolutely nothing to do with the stolen code from 2006, so persuing that angle will not be very productive.