Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Created: 19 Feb 2013 | Updated: 21 May 2013 | 4 comments

Language Translations

Machine Translations

Mithun Sanghavi Symantec Employee Technical Support Accredited

Hello,

In case if you are running the Legacy SEP Support Tool, please follow the Instructions provided in the Article:

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

SymHelp is a cross-product diagnostic utility designed for troubleshooting and identifying common issues that customers encounter.

SymHelp is designed to support the Symantec Endpoint Protection 12.1 RU2 and Windows 8 & Windows 2012 Operating Systems.

Supported Products

Currently SymHelp supports the following Symantec products:

Symantec Backup Exec 11d to 2012
Symantec Backup Exec System Recovery 6.5 to 8.x
Symantec Data Loss Prevention 11.0 and later
Symantec Endpoint Protection 11.0 and later
Symantec Mail Security for Microsoft Exchange 6.5.2 and later
Symantec System Recovery 2010 to 2012

Check these Articles:

About Symantec Help (SymHelp) http://www.symantec.com/docs/TECH170735

Symantec Help (SymHelp) http://www.symantec.com/docs/TECH170752

Download Instructions

1. Click Download Symantec Help from

http://www.symantec.com/techsupp/home_homeoffice/products/sep/SymHelp.exe.

2. On the File Download dialog, click Save

3. Select the location to where you want the file saved, and click Save

4. Go to the location of the downloaded file and double-click the SymHelp.exe icon.

Here are the Steps on how to collect the Suspicious Files and Submit the same to Symantec Security Response Team.

1) Once Symantec Help (SymHelp) application is Run, it would first verify with Symantec Server on the Version Status.

This Requires Internet Connection.

2) If there is a newer Release of SymHelp, it would download the same and update itself automatically.

3) Click on "I accept the EULA" and you would see the "Symantec Help" getting launched.

4) You would see the Home Screen of "SymHelp". Please Select the Correct Products for which you have to submit the SymHelp Logs.

Check the box of "Symantec Load Point Analysis" and then click on "Click to Start Scan"

5) The Load Point Analysis window would appear.

6) Click on "Settings" Button to change the Load Point Scan Settings and Proxy Settings (if any) and Click OK.

7) Click on "Scan" Button as shown in Point 5 to Scan the machine with Symantec Load Point Analysis.

8) Once done with Scanning, the Symantec Load Point Analysis would show the Report as below:

The Report would show Suspicious files, processes which are being detected by Symantec.

By Clicking on the Button "Copy files to a Folder" would let you could save the suspicious files to a particular directory of your choice.

Please zip the folder/s. Make sure that zip file does not include more than 9 files and /or 10MB of size.

You will want to submit these suspicious files, to the Symantec Security Response for analysis,

Click on this link to begin the process:

For Retail License Holders

https://submit.symantec.com/retail

For Essential License Holders

https://submit.symantec.com/essential

For BCS License Holders

https://submit.symantec.com/bcs

Fill out the form and upload the file(s).

Your Technical Contact ID: (check with your Local Technical Support Representative)

You will receive a confirmation email with a tracking number, and within 24 to 48 hours you should receive an email telling you if the file is viral or not. If it is viral, you will be provided with a set of rapid release definitions. These can be installed to your system so that Symantec Endpoint Protection or Symantec AntiVirus can then detect the infected file and prevent a re-infection.

9) Submit the file to Threat Expert (owned by Symantec).

Automated analysis can be performed for some types of threats through http://www.threatexpert.com. This step can quickly identify the sites the threat is coded to contact so they can be blocked at the firewall. Symantec Support does not provide troubleshooting for http://www.threatexpert.com, and this step does not replace the need to submit files to Symantec Security Response.

http://www.symantec.com/docs/TECH96745

10) To collect the SymHelp Load Point Analysis Logs for the Symantec Support, check this Article:

https://www-secure.symantec.com/connect/articles/using-symhelp-how-do-we-collect-load-point-analysis-logs-and-submit-same-symantec-technical

11) Once the Full Report is Saved, you may submit the Load Point Analysis and Full Data Collection Report to the Symantec Technical Support Team.

In case, you haven't created any support case, please follow the steps provided in the Articles below:

How to create a new case in MySymantec

http://www.symantec.com/business/support/index?page=content&id=TECH58873

How to update a support case and upload diagnostic files with MySupport

http://www.symantec.com/docs/TECH71023

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:

United States: 800-342-0652 (407-357-7600 from outside the United States)
Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
United Kingdom: +44 (0) 870 606 6000

Additional contact numbers: http://www.symantec.com/business/support/contact_t...

Hope that helps!!

Article Filed Under:

Security, Endpoint Protection Small Business Edition 12.x - 12.0, Endpoint Protection Small Business Edition 12.x - 12.1, Endpoint Protection (AntiVirus) - 11.x, Endpoint Protection (AntiVirus) - 12.x, Endpoint Protection (AntiVirus), Endpoint Protection Small Business Edition 12.x, Best Practice, Documentation, Features, Tip/How to, Troubleshooting

Login or register to post comments
Comments RSS Feed

Comments 4 Comments • Jump to latest comment

yang_zhang Symantec Employee Accredited

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. - Comment:26 Feb 2013 : Link

A really useful tool!

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.

Milan_T

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. - Comment:27 Feb 2013 : Link

Really useful tool and information.

We can use this easy tool for troubleshoot issue for SEP in future.

Salim Shaikh786

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. - Comment:01 Mar 2013 : Link

but we can check with total virus and directly submitt to symantec support

RicheeDiaz

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. - Comment:01 Apr 2013 : Link

Thanks Mithun for the Wonderful Article

Thanks

Richard

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Machine Translations

Comments 4 Comments • Jump to latest comment

Would you like to reply?

Links