Video Screencast Help

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Created: 28 Feb 2011 • Updated: 01 Mar 2012 | 11 comments
Language Translations
Mithun Sanghavi's picture
+10 10 Votes
Login to vote
To explain the entire procedure, please follow the steps below:
1) Download the Symantec Endpoint Protection Support Tool from
2) To generate this data for Technical Support, please follow the steps below:
            a. Open the utility, and accept the license agreement.
            b. Place a check mark next to each category that is relevant to your issue, and then click Next.
            c. After the utility has finished collecting data, click Collect full data for support.
This data is saved by default to the root of drive C,with a filename in the following format :
"<computer name>_<date>_<time>_full.sdbz" 

Submit this report to your Technical Support agent, and attach the .sdbz file to the email he /she has send to you from above as a file attachment. 

This will automatically attach the report file to your case. 
3) While Running the Utility, you can collect the Suspicious files as shown in the picture below:
By Clicking on the Button "Copy the files to a single location", you could save the suspicious files to a particular directory of your choice.
Please zip the Files. Make sure that zip file does not include more than 9 files and /or 10MB of size.

4) You will want to submit these suspicious files, to the Symantec Security Response for analysis,

Click on this link to begin the process:

For Retail License Holders

For Essential License Holders

For BCS License Holders

Fill out the form and upload the file(s).

Your Technical Contact ID:  (check with your Local Technical Support Representative)

You will receive a confirmation email with a tracking number, and within 24 to 48 hours you should receive an email telling you if the file is viral or not. If it is viral, you will be provided with a set of rapid release definitions. These can be installed to your system so that Symantec Endpoint Protection or Symantec AntiVirus can then detect the infected file and prevent a re-infection.
5) Submit the file to Threat Expert (owned by Symantec).
Automated analysis can be performed for some types of threats through This step can quickly identify the sites the threat is coded to contact so they can be blocked at the firewall. Symantec Support does not provide troubleshooting for, and this step does not replace the need to submit files to Symantec Security Response.

Comments 11 CommentsJump to latest comment

Mohan Babu's picture

Gud one

Mohan Babu

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

Login to vote
Ambesh_444's picture

Nice toll yaa. 

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as   solved."

Login to vote
Mick2009's picture

Updated article on this topic now available!

Using Today's SymHelp to Combat Today's Threats

With thanks and best regards,


Login to vote