Hello,
Here are few Suggestions and it Really works...
1) Make sure all the Microsoft Security Patches & Service Pack updates are in Place.
2) Use Symantec Support Tool.
Check the steps on how to Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
To explain the entire procedure, please follow the steps below:
1) Download the Symantec Endpoint Protection Support Tool from
2) To generate this data for Technical Support, please follow the steps below:
a. Open the utility, and accept the license agreement.
b. Place a check mark next to each category that is relevant to your issue, and then click Next.
c. After the utility has finished collecting data, click Collect full data for support.
This data is saved by default to the root of drive C,with a filename in the following format :
"<computer name>_<date>_<time>_full.sdbz"
Submit this report to your Technical Support agent, and attach the .sdbz file to the email he /she has send to you from above as a file attachment.
This will automatically attach the report file to your case.
3) While Running the Utility, you can collect the Suspicious files as shown in the picture below:
By Clicking on the Button "Copy the files to a single location", you could save the suspicious files to a particular directory of your choice.
Please zip the Files. Make sure that zip file does not include more than 9 files and /or 10MB of size.
4) You will want to submit these suspicious files, to the Symantec Security Response for analysis, Click on this link to begin the process:
https://submit.symantec.com/gold/
Fill out the form and upload the file(s).
Your Technical Contact ID: (check with your Local Technical Support Representative)
You will receive a confirmation email with a tracking number, and within 24 to 48 hours you should receive an email telling you if the file is viral or not. If it is viral, you will be provided with a set of rapid release definitions. These can be installed to your system so that Symantec Endpoint Protection or Symantec AntiVirus can then detect the infected file and prevent a re-infection.
5) Submit the file to Threat Expert (owned by Symantec).
Automated analysis can be performed for some types of threats through
http://www.threatexpert.com. This step can quickly identify the sites the threat is coded to contact so they can be blocked at the firewall. Symantec Support does not provide troubleshooting for
http://www.threatexpert.com, and this step does not replace the need to submit files to Symantec Security Response.