Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

need to submit suspicous files

Created: 07 Nov 2012 • Updated: 06 Dec 2012 | 4 comments
This issue has been solved. See solution.

hi i suspect a file which is more than 20 mb.when i contacted symantec they suggested me to zip the file to less than 10 mb which seems to impossible..

can any help me with this

Comments 4 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

You may upload multiple files at once by using WinZip or WinRar. A zipped file must not be password-protected. The maximum size for one submission is 10 MB. Please submit no more than 9 files in any zip file regardless of size. Its important to note that some file types, like .jar and .cab may be containers and may contain files that will exceed the maximum file count. 

However, In case if you have Large file, you could either break the file with the assistance of Winzip and submit the same and then create a case with Symantec Technical Support Team.

OR

Upload the file on your FTP website and then create a case with Symantec Technical Support Team.

Once done, the Technical Support Team with direct the same to Symantec Security Response Team.

NOTE: Make sure the file is not password protected.

Reference:

How to Use the Web Submission Process to Submit Suspicious Files 

http://www.symantec.com/docs/TECH102419

Symantec Support Tool: How to collect suspicious files and submit the samples to the Symantec Security Response Team.

http://www.symantec.com/docs/TECH147870

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
.Brian's picture

https://www.symantec.com/security_response/submits...

How big is the file?

Just try to submit

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Chetan Savade's picture

Hi,

Please go through the following article.

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/docs/TECH102419

Specifically this question

Q) How many files may I submit?
A) You may upload multiple files at once by using WinZip or WinRar. A zipped file must not be password-protected. The maximum size for one submission is 10 MB. Please submit no more than 9 files in any zip file regardless of size. Its important to note that some file types, like .jar and .cab may be containers and may contain files that will exceed the maximum file count.

OR 

Generally, infectious files are not that large, however if a files is still suspected and is more than 10 Megabytes, it can either be split into parts and upload those or upload them to the customers FTP site.  Then create a Security Response task including the path, username and password for the site.

Submission by splitting the file.

Follow the instructions in the below KB article from WinZip to split the file in to parts.
http://kb.winzip.com/kb/entry/86

Then submit the files one by one to https://submit.symantec.com/gold  (Submission site to use depends on customer’s entitlement)

Collect the tracking IDs that is sent through mail.
Create a SRL task informing them about the split file submission & mention the tracking IDs.
SRL will then take over the task & proceed appropriately.

Symantec Support Tool: How to collect suspicious files and submit the samples to the Symantec Security Response Team.

http://www.symantec.com/docs/TECH147870

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Thomas K's picture

For a quick check, you can submit the file (up to 32MB) to VirusTotal for analysis.

https://www.virustotal.com/