Hello,
It is a web attack so as to download the suspicious script by a browser it may be specified as an image, thus evading some types of monitoring software.
Check this Article:
http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=22819
You should then look at the right logs:
Open the SEP > view logs > client management > security logs, you should see there more details on the attack, if the source of the attack is there, block it, for example with the firewall.
You should also try to scan the system with a more aggressive scanner of ours:
Open SEP > Help and Support > Download Support Tool, launch it and execute a scan with the Power Eraser.
Again, if you find any suspicious activity OR Want to submit the suspicious files to the Security Response Team then, check this Article:
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
Hope that helps!!