I recently downloaded software from Brother (www.brother-usa.com) for a new label printer.  The files pew50200bus.exe and puw10003.exe were blocked by SEP 11 (RU6MP3) as malicious downloads, and my internet connection was blocked by SEP.  When the files were finally downloaded and expanded, I ran a virus scan using SEP and no problems were found.

The same files download using Norton Internet Security 2012 without any problems, and the files and web site check out as trusted by NIS.  I am assuming that these files are OK, and SEP is issuing a false warning.

Depends on sensivity set for different anti virus.

Pls check the following:

How to increase the sensitivity of Proactive Threat Protection in Symantec Endpoint Protection 11.x

http://www.symantec.com/business/support/index?page=content&id=TECH97855&actp=search&viewlocale=en_US&searchid=1326852471441

Specifying the actions and sensitivity levels for detecting Trojan horses, worms, and keyloggers

http://www.symantec.com/business/support/index?page=content&id=HOWTO27052&actp=search&viewlocale=en_US&searchid=1326852471441

Creating exceptions for Symantec Endpoint Protection

http://www.symantec.com/business/support/index?page=content&id=HOWTO55204&actp=search&viewlocale=en_US&searchid=1326852404202

What was the threat detected as ?

Was it bloodhound?

you can create a centralized exception policy as explained in the article

http://www.symantec.com/business/support/index?page=content&id=HOWTO27313

Or you can open a ticket with support to exclude this from detection considering the files are clean.

Hello,

Could you please let us know what is Symantec is detecting those Threat Files as?

Could you please Submit these Files to the Symantec Security Response Team by:

https://submit.symantec.com/false_positive/

https://submit.symantec.com/websubmit/gold.cgi

http://www.threatexpert.com/submit.aspx

Note: ThreatExpert is owned by Symantec.

OR

Could you please work on this Article for Web Submission Process. Document ID: TECH102419

OR

Run a SEP Support Tool and submit the suspicious files to the Symantec Security Response Team.

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

Hope that helps!!

Hi,

It may happen browser IPS was taking action while downloading.

May be download source was not authenticated & after running software locally on system it came clean.

Only make sure system is regularly updated with windows updates & system patches also.

I hope it will help you !!!

The Symantec web sites will not accept the 23 MB file, but I was able to scan it using VirusTotal.com.  The only program to detect amything in the file was ClamAV  (PUA.Packed.PECompact-1).  I think this is just a false positive. 

My guess is that the Brother web sites are being confused with Brothersoft web sites.