This document provides step-by-step instructions to customize the Symantec Endpoint Recovery Tool. The Symantec
Endpoint Recovery Tool is a bootable ISO image provided by Symantec, typically from the http://fileconnect.symantec.com
site. A SEP product serial number or registered license will be required to download from Fileconnect. The SERT disk is used to
boot from a CD-ROM drive and scan a system with the main Operating System in a non-running state in order to improve
chances of detecting hard to find malware.
Instructions in this whitepaper are not supported by Symantec. Instructions provided as-is.
The first objective of the document is to show how to create the SERT Disk with extra utilities for malware identification, capture and response.
The second objective in this document is to make the customized SERT disk bootable from USB media.