Hello,
In case if you are running the Legacy SEP Support Tool, please follow the Instructions provided in the Article:
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
SymHelp is a cross-product diagnostic utility designed for troubleshooting and identifying common issues that customers encounter.
SymHelp is designed to support the Symantec Endpoint Protection 12.1 RU2 and Windows 8 & Windows 2012 Operating Systems.
Supported Products
Currently SymHelp supports the following Symantec products:
- Symantec Backup Exec 11d to 2012
- Symantec Backup Exec System Recovery 6.5 to 8.x
- Symantec Data Loss Prevention 11.0 and later
- Symantec Endpoint Protection 11.0 and later
- Symantec Mail Security for Microsoft Exchange 6.5.2 and later
- Symantec System Recovery 2010 to 2012
Check these Articles:
About Symantec Help (SymHelp) http://www.symantec.com/docs/TECH170735
Symantec Help (SymHelp) http://www.symantec.com/docs/TECH170752
Download Instructions
1. Click Download Symantec Help from
2. On the File Download dialog, click Save
3. Select the location to where you want the file saved, and click Save
4. Go to the location of the downloaded file and double-click the SymHelp.exe icon.
Here are the Steps on how to collect the Suspicious Files and Submit the same to Symantec Security Response Team.
1) Once Symantec Help (SymHelp) application is Run, it would first verify with Symantec Server on the Version Status.
This Requires Internet Connection.
2) If there is a newer Release of SymHelp, it would download the same and update itself automatically.
3) Click on "I accept the EULA" and you would see the "Symantec Help" getting launched.
4) You would see the Home Screen of "SymHelp". Please Select the Correct Products for which you have to submit the SymHelp Logs.
Check the box of "Symantec Load Point Analysis" and then click on "Click to Start Scan"
5) The Load Point Analysis window would appear.
6) Click on "Settings" Button to change the Load Point Scan Settings and Proxy Settings (if any) and Click OK.
7) Click on "Scan" Button as shown in Point 5 to Scan the machine with Symantec Load Point Analysis.
8) Once done with Scanning, the Symantec Load Point Analysis would show the Report as below:
The Report would show Suspicious files, processes which are being detected by Symantec.
By Clicking on the Button "Copy files to a Folder" would let you could save the suspicious files to a particular directory of your choice.
Please zip the folder/s. Make sure that zip file does not include more than 9 files and /or 10MB of size.
You will want to submit these suspicious files, to the Symantec Security Response for analysis,
Click on this link to begin the process:
You will receive a confirmation email with a tracking number, and within 24 to 48 hours you should receive an email telling you if the file is viral or not. If it is viral, you will be provided with a set of rapid release definitions. These can be installed to your system so that Symantec Endpoint Protection or Symantec AntiVirus can then detect the infected file and prevent a re-infection.
9) Submit the file to Threat Expert (owned by Symantec).
Automated analysis can be performed for some types of threats through
http://www.threatexpert.com. This step can quickly identify the sites the threat is coded to contact so they can be blocked at the firewall. Symantec Support does not provide troubleshooting for
http://www.threatexpert.com, and this step does not replace the need to submit files to Symantec Security Response.
10) To collect the SymHelp Load Point Analysis Logs for the Symantec Support, check this Article:
11) Once the Full Report is Saved, you may submit the Load Point Analysis and Full Data Collection Report to the Symantec Technical Support Team.
