{"id":130,"date":"2010-05-23T17:18:54","date_gmt":"2010-05-23T23:18:54","guid":{"rendered":"http:\/\/www.digitallachance.com\/blog\/?p=130"},"modified":"2010-05-23T17:18:54","modified_gmt":"2010-05-23T23:18:54","slug":"virus-definition-update-on-the-f-secure-rescue-cd","status":"publish","type":"post","link":"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/","title":{"rendered":"Virus definition update on the F-Secure rescue CD"},"content":{"rendered":"

So, a co-worker from the office asked me to clean their personal laptop from one of those anti-virus application that install themselves and creates a bunch of pop-ups telling you you are infected.\u00a0 Obviously, I didn’t want to connect that machine to our corporate LAN, so I figured I should use a rescue CD of some sort that does AV scans.\u00a0 I was highly recommended to use F-Protect’s rescue CD for this type of malware in my SANS 504 course that I just took last week.<\/p>\n

A quick Google search returned a very useful page from techmixer.com titled FREE Bootable AntiVirus Rescue CDs Download List<\/a>.\u00a0 This page lists seven freely available Antivirus rescue CD options.\u00a0 So I downloaded the ISO for F-Protect and burned it to a CD.\u00a0 Obviously, you want to make sure you are scanning with the latest virus definition update, but since the CD is a read-only media, you can’t update the virus definition on it.\u00a0 The ISO contains a virus definition file from July 2009, but that’s way to old to be useful.\u00a0 I tried to follow the instructions that were on the techmixer.com page about F-Protect to use the updates on a USB stick, but without success.\u00a0 When all else fails, read the instructions.\u00a0 \ud83d\ude09<\/p>\n

I downloaded the PDF manual from http:\/\/www.f-secure.com\/linux-weblog\/files\/rescue_cd_user_guide.20090717.pdf<\/a> and those instructions, unlike the ones on the techmixer.com ones, instructed to create a fsecurerescuecd folder on your USB stick.\u00a0 That way, the virus definition gets expanded to the rescuecd folder as well as the results of the scan is saved in a reports folder.\u00a0 The trick is to use a USB drive that has nothing else on it.\u00a0 Why they had to do it that way, I’m not sure.\u00a0 I wished that it wasn’t so because I would rather carry only one stick instead of dedicating one to having the F-Secure virus definition file.<\/p>\n

For those of you who prefer bullets and get ‘er done, here is a step-by-step how-to:<\/p>\n

    \n
  1. Download the ISO\u00a0 from the F-Secure web site.\u00a0 As of this writing, version 3.11 is current.<\/li>\n
  2. Burn the ISO to a CD.<\/li>\n
  3. Have a FAT formated USB thumb drive with nothing on it.<\/li>\n
  4. Create a fsecure folder at the root of the drive.<\/li>\n
  5. Create a rescuecd folder in the fsecure folder.<\/li>\n
  6. Download the latest virus definition file from F-Secure from http:\/\/download.f-secure.com\/latest\/fsdbupdate9.run<\/a><\/li>\n
  7. Copy the fsdbupdate9.run to the root of your USB drive.<\/li>\n
  8. Plug-in the USB drive on the sick computer and then boot the rescue CD.<\/li>\n<\/ol>\n

    F-Secure picked-up that I had a USB drive connected and used the virus definition for the scan.\u00a0 Simply follow the on-screen instructions and your computer will be cleaned up.<\/p>\n","protected":false},"excerpt":{"rendered":"

    So, a co-worker from the office asked me to clean their personal laptop from one of those anti-virus application that install themselves and creates a bunch of pop-ups telling you you are infected. Obviously, I didn’t want to connect that machine to our corporate LAN, so I figured I should use a rescue CD of some sort that does AV scans. I was highly recommended to use F-Protect’s rescue CD for this type of malware in my SANS 504 course that I just took last week.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[4,7,8,1],"tags":[14,25,33],"yoast_head":"\nVirus definition update on the F-Secure rescue CD - IT A Digital Life<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"2 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#website\",\"url\":\"https:\/\/digitallachance.com\/blog\/\",\"name\":\"IT A Digital Life\",\"description\":\"All things digital\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/digitallachance.com\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/#webpage\",\"url\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/\",\"name\":\"Virus definition update on the F-Secure rescue CD - IT A Digital Life\",\"isPartOf\":{\"@id\":\"https:\/\/digitallachance.com\/blog\/#website\"},\"datePublished\":\"2010-05-23T23:18:54+00:00\",\"dateModified\":\"2010-05-23T23:18:54+00:00\",\"author\":{\"@id\":\"https:\/\/digitallachance.com\/blog\/#\/schema\/person\/8a2f0b2a18af80d71541deadfac4d02f\"},\"breadcrumb\":{\"@id\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/\",\"url\":\"http:\/\/digitallachance.com\/blog\/2010\/05\/virus-definition-update-on-the-f-secure-rescue-cd\/\",\"name\":\"Virus definition update on the F-Secure rescue CD\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#\/schema\/person\/8a2f0b2a18af80d71541deadfac4d02f\",\"name\":\"Francois\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digitallachance.com\/blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"http:\/\/0.gravatar.com\/avatar\/ce2ee0649f3fb6a643ffff9a9f1e63e4?s=96&d=mm&r=g\",\"caption\":\"Francois\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts\/130"}],"collection":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/comments?post=130"}],"version-history":[{"count":0,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/posts\/130\/revisions"}],"wp:attachment":[{"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/media?parent=130"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/categories?post=130"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/digitallachance.com\/blog\/wp-json\/wp\/v2\/tags?post=130"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}