The signature indicates suspicious traffic, which
could indicate a threat that is as yet undetected by the definitions you have. If
Rapid Release defs can't detect it, I would suggest using the Support Tool with Load Point Analysis to see if suspicious files are found.
Title: 'The Symantec Endpoint Protection Support Tool'
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008071709480648
Title: 'About the Load Point Analysis feature in the Symantec Endpoint Protection Support Tool'
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009092215125548
If there are, you can submit them for analysis.
I second Thomas' recommendation to migrate up off of MR2 MP1 (from May of '08). I would ensure, though, that the machine is not actually infected, since trying to install AV onto an infected machine is sometimes problematic.
sandra