Video Screencast Help
Security Community Blog

Symantec released a new version of Symhelp – 2.1.22.177

Including new feature - Threat Analysis Scan
Created: 13 Mar 2014
SebastianZ's picture
+1 1 Vote
Login to vote

Symantec Help (SymHelp) is a diagnostic utility used to help automate support for multiple Symantec products.  SymHelp features a new utility, the Threat Analysis Scan, that can help to identify suspicious files on a system.  This new feature replaces the previously known Load Point Analysis and Power Eraser tools.

Use the Threat Analysis Scan when you believe there might be malware on a system but security software is either unable to detect it or to remediate it. The Threat Analysis Scan can help to identify the following types of malware

  • New variants of existing threats that are not detected by the current definition sets
  • Fake antivirus applications and other rogueware
  • Rootkits
  • System settings that have been tampered with maliciously

Because the Threat Analysis Scan uses aggressive heuristics to detect these threats, there is a risk that it can select some legitimate programs for removal. You must always review the files identified as suspicious and clear those that are known to be safe applications before taking steps to further investigate or remove those files from a system.  

The Threat Analysis Scan uses Symantec Insight to help identify if a file can be trusted.  Symantec Insight is a reputation based rating system that is available to Symantec products as an online (cloud) service.  For this reason a Threat Analysis Scan must be run (or completed) on a system that is connected to the internet.

By default the Threat Analysis Scan is configured to collect the required data when working with Symantec Support, but it can also be used to find and remove suspicious files without Support assistance.

 

symhelp_0.png

About the Threat Analysis Scan
 
How to run the Threat Analysis Scan in Symantec Help (SymHelp)