Hi Golani,
Take these notifications seriously. Examine the IPS logs to see which .exe is responsible for the traffic: it is most likely wscript.exe, which will be running a .vbs file somewhere on the system. Locate that and submit it to Security Response for examination!
Here’s an excellent illustrated guide, with video:
How to Run Load Point Analysis for Symantec Support
Article URL http://www.symantec.com/docs/TECH203028
All the best,
Mick