The Symantec Endpoint Recovery Tool is an image that you can burn on a disc, which you can use to scan and remove malware from client computers. You use this tool for the computers that are too infected for Symantec Endpoint Protection to clean effectively.
You can download the tool from https://fileconnect.symantec.com/ and you need your license number like B1234567891.
Download the tool and get a USB key with at least 512 MB space
1. Using WinRAR or similar, extract the SERT.iso file to the local file system (assume C:\SERT).
2. Open a command prompt with admin rights.
3. Insert the USB stick into the computer.
4. Type the following command to start Diskpart:
5. Type the following command to list the available disks:
list disk <enter>
This command is important. It will show you what number your USB drive is. Failure to select the right disk at this point may result in loss of data from your hard disk. Normally the drive is Disk 1, but you should confirm before proceeding.
6. Type following commands to format the USB stick and prepare it for SERT:
select disk <number> <enter>
create partition primary <enter>
select partition 1 <enter>
format fs=fat32 <enter>
7. At the command prompt, type the following to copy the SERT files to the USB Stick:
xcopy C:\SERT\*.* <removable disk drive letter>\ /e /h /f <enter>
For updated definition files, download the JDB files and unzip them to the USB key. The JDB files can be found at http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce
To see how the SERT tool can be updated with the downloaded JDB file, read the following article: http://www.bvanleeuwen.nl/faq/?p=748