Sunday, December 07, 2008

NTFS Formatting an Imation USB Disk

If you read down to near the end of my Security and Forensics Roundup: Heavy Version #2 you will find that yesterday I got daughter-unit Alvis her very own USB disk to use for school.

I had bought a 2 GB USB stick with a write-block switch and it is an Imation brand.

This morning I was setting it up for her.

It did not come with any U3 stuff, so that was good.  Imation also kindly tossed in a partition-encryption program called “Imation Lock”.

Imation Lock

Figured I would play with it a bit to see if it would work better than with adding a TrueCrypt container.

Well, I wasn’t impressed. 

Basically you create a public and an private partition.  The private partition is the encrypted one. You set a password and then by using the software, can unlock and load the encrypted partition.

Sounds nice but it sucks.  Bad.

First I read the whole manual.  Yes.  All 16 large-font pages of it.

The same one that shows the “Effective” date of 25-Sep-2006. 

Oh bother.  Not a good sign.

On our XP system (under a full admin account) the configuration steps went fine. No real problems.

It was when I started actually using it that the problems showed up.

First, on my humble system, I never could get both the secure and public drives to show up at the same time.  One or the other baby, despite the photos in the manual.

Mounting and dismounting was pain and required removal and replugging of the USB drive when I switched between those volumes.

So I decided to reformat the USB drive and stick with my original plan with a TrueCrypt volume.

Format Away!

I used the Imation Lock program to remove the secure volume, then right-clicked the drive in My Computer and selected “format”, only it was formatted as a FAT volume and my only other choice was to format as FAT32. 

I wanted NTFS.

What gives?

More searching and here’s a modified version on how to do it:

To enable NTFS as an available File system option in the pull-down menu, the policies for your USB device must be set to "Optimize for performance".

    1. Insert USB drive into the computer’s USB port.
    2. In My Computer or Windows Explorer, highlight the USB's drive letter.
    3. Right click on the drive and select Properties. The Removable Disk Properties dialogue box will open up.
    4. Select the Hardware tab and then select the correct USB device for the drive.
    5. Click the Properties button near the bottom of the dialogue box. The Device Properties box will open up.
    6. Select the Policies tab in the dialogue box and then select the "Optimize for performance" radio button.
    7. Click the OK button in the Device Properties dialogue box to exit. Click the OK button again in the Removable Disk Properties dialogue box to exit.
    8. The NTFS option will now be an available option to select for the File system format. Follow normal procedures for formatting a drive volume in Windows.

Worked like a charm and the thing NTFS formatted in less than a minute (it’s only 2 GB).

Follow Up

I rounded it out with one of the PortableApps Suites along with some extra games and useful applications from the site as well.

Did you know you can add a 48x48 pixel image to the Portable Apps menu? Kind of like in XP/Vista’s Start menu? I stuck Polka-Dot’s (our family’s hamster) picture there.  Thought Alvis would be impressed.

polkadot   Kawaii! (“cute/adorable” in Japanese).

I added a TrueCrypt container.  Much, much easier to use and manage. 

Even for Alvis.

I copied her icanhascheezburger image collection to it.  What can I say….

Then I showed her how to manually launch the Portable Apps suite (since the autorun.inf file is now a folder) along with mounting/opening her TrueCrypt container.

She was impressed.

--Claus V


Anonymous said...

She'll have to have admin rights to load the Truecrypt drivers though. It might be a problem at school (I'm a school admin).

Claus said...

@ Anon School Admin - Thanks for the comment!

You are correct. (I asked her and apparently they are using Vista in her school lab.)

I really don't intend for her necessarily to use it at the school environment (though that would be nice).

I had more of a two-fold purpose in that decision.

First since I made it a big deal that I felt she was responsible enough to have her own "personal" USB stick, I wanted to load it with enough fun/practical things that she might appreciate how useful it could be beyond stashing files. Hence the "user-icon" of the beloved pet, adding her funny pictures, etc.

Since she is a very clever girl, I also wanted to take the time to begin educating her in data-security methods and make sure she was comfortable using such a encrypted solution and understood the basic concepts. I'm giving her pop-drills from time to time to measure mastery. If I do it right, hopefully she will carry that awareness into her college years and beyond.

Second it's a way for me to empower her and give her a measured amount of "privacy" for things she wouldn't want others to see. Sure, I've still got the password myself, but as long as I don't need to pull the "kid-in-danger" card on her, both of us respect her privacy and it is a small way to show her that.

I've got a question for you if you don't mind.

How should I approach the High School administration about asking about their school pc security policy? Looking for feedback about a/v scan policy and currentness, if they audit the systems periodically, what that audit consists of, etc. I'm curious as a IT Dad looking to preserve both our own systems from back-n-forth cross contamination. Would they mind me asking general but directed questions? Or maybe sit down with me at one of the lab pc's and let me have a supervised look around?

Thanks for any advice!

Claus V.

Anonymous said...

I don't know how your daughter's school district is organized, but where I work, we have a Technology Department responsible for all the schools in the district. So I would direct my questions to the technology staff, they should know what security software is installed and how tightly they lock down the students' computers.
We use NOD32 Enterprise, mandatory profiles, and group policies to keep the labs up and running.

Nathaniel said...

Cool. Such a nice dad. =^)

daael said...

I want to delete the partition safe to take all available space for me, without the Imation lock program remove me any space and then delete the program Imation lock.

but if I try and insert my usb I realized that he had only 2 GB capacity and my memory is 4GB usb and format and nothing to do?

Claus said...

@ daael - I'm going to assume that the device really is a 4 GB size unit. (I say that as a friend bought a USB stick for a "deal" online but turns out it was fake had the actual volume was far less than advertised.)

You didn't say what OS you are using, but the following should work for XP/Vista/Win7 (I'm going to use Win7).

Insert the Imation USB disk into the PC.

The system should find and recognize it.

Select "Start" & "Run". In the line type then the following command:


You should get the computer management console window.

Look under the "Storage" item on the left for the "Disk Management" item and click it.

All the storage devices (fixed system internal HDD and USB storage should be listed. Find the disk that corresponds to the Imation USB disk in the list.

Does it say about 2 GB or 4 GB?

Take a look at the shading and colored bars. Does it report just one entire single partition or does it have two? I'm guessing it might have 2. If it does have a 2nd partition it might be seen as Unallocated space (actually controlled by the Imation software) and may be where the "missing" 2 GB is located.

You might be able to reformat the Imation device from here, or you may have to do it from the Command Line.

If you do, do so very carefully because making a mistake could be very serious and you could wipe your main hard-drive by mistake. I've had knowledgeable tech-guys do that to their own systems! Follow along below only at your own risk!

Note, this will "delete" all data on the USB device so be sure to back-up anything on it you want to safe first! Once you "CLEAN" it, it will be very difficult to get anything back accidentally lost! It will also probably remove all the Imation software as well so the USB drive will then just be a "dumb" USB stick. Sounds like that is what you are after...if so, continue carefully after reading and understanding the following steps to be taken.

Open an Elevated (administrator) level Command Prompt window (if on Vista/Win7).


You will now be on the DISKPART> "prompt"


this will show all the disks your system sees. Make very careful note of the Imation disk # which should match what you saw in the "Disk Management" GUI window earlier. The drive size should be 4 GB if all is well.


(where # = # of your Imation disk noted)


Note, this wipes out the MBR/MFT area of the entire disk! Say Goodbye to all that data!


This assigns a single partition to all the addressable space on the drive (all 4 GB).


You can pick any free drive letter you want, you don't have to use "H", but typically letters A-F are already in use on most of my systems....


Now you can go back to the Computer Management GUI view and your Imation drive will be listed as drive letter H under whatever Disk # it matched to.

Now you can right-click on it and select "Format" and take it from there.

I hope this helps...

Claus V.

Anonymous said...

Hi! I followed your last instructions to leave the usb drive as a dumb drive as you said
After all the process I see that 64.8 MB are USED ???? (I formatted as NTFS, it is a 8 GB pendrive)
What's wrong? Thanks

Claus said...

@ Anonymous - I'm not certain.

It sounds like a portion of your USB device got reformatted, but maybe not the entire device as a single 4GB partition. Depending on the device and what was on it, it is possible that there was the accessible (small) partition and then the secure volume with the majority of the device size there.

First, did you use the Imation Lock program to first remove the secure volume before starting?

Was the USB policy for the device showing "Optimize for performance"?

In the post comment just before yours was a suggestion to a different method after a user daael had a similar problem.

Did you try those steps? They are a bit more hand's on and technical than the suggestion in the main post.

If that also doesn't work, you might try a LiveCD tool such as Parted Magic.

It is easy to use but not for novices..if you aren't sure of what you are doing you can destroy your system drive partition information and that's a bad, bad, thing!

That said, if you can use it and are comfortable with some basic Linux stuff, it is a super-powerful tool and may be able to sort out your USB device partition problems without much more work.

I recently used Parted Magic to resize a 64 GB USB stick that was formatted to just 16 GB. that 16 GB partition had a lot of data on it, but I wanted to reclaim the remaining unallocated space and get the full 64 GB as NTFS accessible. This tool did the trick with no problems or data loss.

Retry the information in the post again first, assuming you haven't deleted the secure partition area first.

If that doesn't work, then try the steps I outlined in the comments just above yours if you are up to it.

If that still doesn't work, check out Parted Magic and see if you are up to using it. Just be 100% sure you are comfortable and can figure out how to do it with a USB stick before attempting.

Please let me know if any of this helps.

There may be some other USB reformatting tools out there that have come along since this post. If I find any in the next few days, I'll post those as well. Off the top of my head, RMPrepUSB comes immediately to mind. It does a whole lot of stuff, but the basic steps of reformmating and prepping a USB drive may be sufficient.

Check it out and see it might work before trying something like Parted Magic. It may be easier.


Claus V.

Claus said...

@ anonymous.

See this section specifically regarding RMPrepUSB:

Wipe, Partition and Format a USB drive


Claus V.