My Kingston DT 101 II 2GB infected by autorun.inf & gi2ky.exe and becom read-only!!
Hi,
Just like I said in the subject, and it isn't just in Linux, but in Windows XP too! I tried to turn off the write protection by "hdparm -r 0 /dev/sdc1" and "blockdev --setrw /dev/sdc1" but it still read-only file system, even if I try to format it... for more information: dmesg Code:
usb 1-8: new high speed USB device using ehci_hcd and address 38 Code:
# /etc/fstab: static file system information. |
Hi, Welcome to LQ. With over 3 million posts, many questions have been answered.
you may get a faster answer by using the fantastic search function here at LQ. One thing I see that does not make sense to me is the line... from fstab, Quote:
Quote:
Probably sdc1 as you mention above. The /mnt/"directory-name" must exist, If the system does not create it for you, mkdir for your self. To save changes to this file you need to be root, I hope that helps. regards Glenn |
Hi, sorry for that, but it's not working any way!
I'm going to edit the post right now Thanks |
Any other idea??
|
Quote:
Quote:
|
Hi!
It's formated in fat16, I tried to write vfat in fstab but the problem still the same.. |
Do you have important data on it ? If not, zero it:
Code:
dd if=/dev/zero of=/dev/sdc |
I dont care about the content, so I tried your solution but:
Code:
dd: opening `/dev/sdc1': Read-only file system |
So you ran it on '/dev/sdc' right ? not '/dev/sdc1' ?
|
Both of them!
|
Hi, that is all I have really, the only other things...
1. Mount the flash drive in your home dir. Never tried that with a flashdrive, but It works for other partitions I want access to, I set up /home/glenn/local/ ..... And mount all the other partitions here, as well as the other os's on this box. 2. you might need to be root to dd the drive. 3. Make sure the drive, is formatted fat16, and Has no hidden files, like an encryption program (oem) or backup. .... hope that helps. |
This may seem like a silly question, but does the drive have a write protect switch on it and is it on or off?
|
Quote:
Is there a way to remove the 'autorun.inf' even if it's write protected? Quote:
|
Hi, once the system has laoded and everything is settled, look in...
/etc/mtab this file lists the currently mounted filesystems/partitions. You may find out more about the drive here. I have tried msdos, fat16 and auto. These have worked for me.... Code:
/etc/fstab entries (at some time, but not together).... Some of the args in fstab when changed may negate other args. man fstab Quote:
wiki http://en.wikipedia.org/wiki/Fstab regards Glenn |
I've tried msdos, vfat and auto in fstab...
cat /etc/mtab Code:
/dev/sdc1 /mnt/usb msdos ro,noexec,nosuid,nodev 0 0 |
How old is this drive ? It may just be broken...
|
I buy it 4 months ago, and I'm just trying to to know if it's corrupted or not...
|
any other suggetion because I dont think that's a good idea to buy a flash disk every 4 months...
|
hi, ro means read only.(in fstab)
see what happens if you change ro to user or rw. Quote:
Another thing you could try.... Make sure the disk is loaded in the system. change to the root directory and ls -la it should output a list of files. to be sure , to be sure. WARNING! "removes files recursively throughout the directories." then once you're sure it is the right drive.... type and execute as root.... rm -rf *.* That command is very dangerous with root priv. It removes files recursively throughout the directories, if any, then removes the directories too!... cheers, Glenn you may have a trojan on there, mbr? |
sorry, thanks any way
and there is a virus in it, like i mentioned in the title.. |
That's OK. I forgot you mentioned the virii.
rm -rf will remove it. Once you have fstab organised it should be a piece of cake. I do this all the time on winxp boxes, not so much usb sticks. Then I would zero the drive as suggested by our learned friend above. A handy tool is to have a live Linux distro on a CD-ROM or a flash stick. I have found Mepis and Slax (respectively) really useful for these tasks. regards Glenn |
I want to continue with this thread instead to create another.
I have the same problem, and try all your tips, but all the solutions have the same thing, the USB is detected as Write protected since you plug it, the dmesg show: sd 3:0:0:0: [sdb] Write Protect is on So, commands like dd, fdisk, mount and others always show a warning The device is write protected. And nothing can be donde, so i think that the solution could be something like: 1.- Plug the drive 2.- Eject ($eject /dev/sdb) 3.- ¿? I need your help? Extra: Or my memory raise the all the read/write cycles. |
OPPS almost wrote this.
If you can't format it try to partition it. It seems to be damaged beyond repair. Does any other flash drive work correctly. |
Yes, i have other USB pen drive and works fine, and i plug others (friends and family), and also works.
|
All times are GMT -5. The time now is 05:24 AM. |