Save my windows-infected flash drive using linux

May 6, 2009 at 9:06 pm (Linux for beginners) (, , , , , , , )

This article is intended for beginners only.

As many people are suffering from the virus problem these days (specially in SL); which are mainly traveled through the pen drives I thought of giving a simple solution, which is removing them using linux. This is far better than searching for keys for the kasper-sky and getting black-listed in the process. As this can be done using a live-cd too, people who (still) have windows running, can insert the pen to windows after cleaning it in linux. And the main thing is that viruses which attack Linux are extreamly rare, and they never travel via pen drives! (How about a part time job of recovering friends’ pen drives?)

A typical faith of a pen drive inserted in to windows

A typical faith of a pen drive inserted in to windows

Just insert the pen drive in when linux is running. A fairly modern linux distribution will show up a shortcut on the desktop. Double click it. You should be able to indentify viruses as they are

  • Mostly .exe files or .bat

  • autorun.inf is a virus launcher

  • Always have sizes smaller than 3MB. From this you can identify which .exe are viruses

  • Mostly in the root of flash drive, anyway folders inside may have viruses usually having the exact name of the folder. If this is frequently found in other folders, this should be a virus.

  • What you didn’t send to your pen drive could be a virus (ex: Autorun folder, recycled folder etc..)

  • Note: In a U3 pen drive, U3 system is no virus and Documents and System folders are no virus.

Identify the viruses, and shift + delete as you would do in windows.

But some will not remove saying “permission denied”. For these, open command line (ex: terminal) and type

———- For non-debian based systems(ex: fedora, mandriva) only; type:

su –

password: (type admin password here) now you are root. Do this anytime if you get “permission denied” error. continue down.————–

cd /media

ls

This will show up the folders of removable media. The pen drive will show in it’s name. Type

cd <name of the folder here> && ls

is the tough guy is a file; type, rm <filename here>

if it’s a folder type, rm -Ir <folder name>

———For a live CD or debian based system (ex: ubuntu, mint, kubuntu) use word sudo infront of each command (which avoids “permission denied” issues.)——————

formatting flash drive on FAT32 using linux

I have met many people complaining about “lost” drive space in their pen drives. This is not because of hidden files, I guess this is a bug in FAT. They also say formatting under windows won’t help. But formatting under Linux does well.

You should first unmount the volume. type,

Cd /

df

this shows up a list as below. Identify your pen drive by name, and write down it’s file system name (ex: /dev/sdb1 )

The output of df

The output of df

umount /media/<pen folder>

and type this

mkdosfs -c -F 32 -I -n <new drive name you want> -v <what you noted down before, the filesystem name>

Name should be a single word; and you will get something like this (see the example there).

output of mkdosfs

output of mkdosfs

You’re done now. Pen is Ready!

When you try to remove a file, if it says read-only disk then you should mount it with read/write previlages. For that you have to unmount the drive as mentioned above. Then use

mount -o rw <file system name> <a path you like, an empty folder>

this should create a short cut in new versions. Try removing virus process again. For more use of mounting, see here.

Permalink 1 Comment