Firewall rule customization screen ---Norton Saves me AGAIN !!!!!

Yes....it happened again , even I can't believe.

 

This time it wasn't the logs..............BUT this time it was the Firewall rule customization screen which gave me a shock

 

that there is something intrusive work going on in my system.

 

2-3 days back , I was testing a rogue , and in the process I executed it.

 

I was keeping a watch on my task manager and saw that the process of that rogue suddenly got terminated.

 

Thinking that SONAR 2 might have caught it (so the process termination)..........I was relaxed.

 

Today I was reconfiguring some firewall rules where I saw that application in the list.............Huh ??????

 I first blocked it and... checked ..........It was there in my system.

 

I traced the path which was given there on screen and immediately deleted the file......

 

Again I don't know how much damage it would have done if I would not have noted it.

Here is VT report on file. 

 

http://www.virustotal.com/analisis/6c9324eecbd8787982d469e358757fcc8199403424035290d7e380ade15df9ea-1255535614

 

 Here is the screenshot

untitled.JPG 

 

Wow ......Thanks to  Norton Again !!!!!

 

I think NIS , other than an AV product , is a solid Informative suite .

 

Further , If we keep a look at what NIS logs and firewall says .......I think absolutely no malware can slip through our radar 

EDIT :NIS 2010 (17.0.0.136), Xp Sp 3

[edit: Modified subject for clarity.]
Message Edited by shannons on 10-14-2009 08:05 AM
Message Edited by Shridhar on 10-14-2009 09:28 PM