Mal-ware Modified Partitions (Visible in Linux, Not Windows) - Are There More? The Next CEO of...
What is the purpose of the Evocation wizard's Potent Cantrip feature?
How to solve a differential equation with a term to a power?
How do I make a variable always equal to the result of some calculations?
Rotate a column
If Nick Fury and Coulson already knew about aliens (Kree and Skrull) why did they wait until Thor's appearance to start making weapons?
What exact does MIB represent in SNMP? How is it different from OID?
Can I equip Skullclamp on a creature I am sacrificing?
Make solar eclipses exceedingly rare, but still have new moons
Why has the US not been more assertive in confronting Russia in recent years?
MessageLevel in QGIS3
Parametric curve length - calculus
Is there a way to save my career from absolute disaster?
Skipping indices in a product
Between two walls
How do we know the LHC results are robust?
Can I run my washing machine drain line into a condensate pump so it drains better?
What is ( CFMCC ) on ILS approach chart?
Unreliable Magic - Is it worth it?
Contours of a clandestine nature
How fast would a person need to move to trick the eye?
How does the mv command work with external drives?
If a black hole is created from light, can this black hole then move at speed of light?
Anatomically Correct Strange Women In Ponds Distributing Swords
Inappropriate reference requests from Journal reviewers
Mal-ware Modified Partitions (Visible in Linux, Not Windows) - Are There More?
The Next CEO of Stack OverflowUnderstand warnings after “fdisk -l” commandsLinux server boot issueHow to migrate SD Card with Linux?How to recover lost partitions using a bootable pen drive?USB flash drive is not detected in Ubuntu 12.04Replaced a RAID 10 drive on my Debian server - what do I do next?mkfs - The device apparently does not exist; did you specify it correctly?Add new partition to CentOS file systemPossible USB pendrive hardware corruptionDual boot Windows 10 after initial Arch Linux instilation
While using diskpart in Windows 10, I am able to see only one partition which i've created and installed Windows in a .vhdx file, but this is the only visible partition seen using that utility while booted from installation media. I decided to see what a Dr. Web rescue CD/USB showed and what I found doen't make sense. First, I used the command fdisk /dev/sda and the results matched diskpart but when I ran fdisk /dev/sda1, it appears that there are four additional/sub partitions and are sized (somehow) much larger than the 500G HDD i have in the machine.
What has been done with the partitioning and how is it possible to have partitions that are significantly larger than the capacity of the physical drive?
How can I check if there are other partitions on the drive that are not visible?
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 9603D5A0-AAEE-41B0-96E0-813FB368B872
Device Start End Sectors Size Type
/dev/sda1 2048 204802047 204800000 97.7G Microsoft basic data
Command (m for help):
root@drweb:~# fdisk /dev/sda1
Welcome to fdisk (util-linux 2.27.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/sda1: 97.7 GiB, 104857600000 bytes, 204800000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x6e697373
Device Boot Start End Sectors Size Id Type
/dev/sda1p1 1936269394 3772285809 1836016416 875.5G 4f QNX4.x 3rd part
/dev/sda1p2 1917848077 2462285169 544437093 259.6G 73 unknown
/dev/sda1p3 1818575915 2362751050 544175136 259.5G 2b unknown
/dev/sda1p4 2844524554 2844579527 54974 26.9M 61 SpeedStor
Partition table entries are not in disk order.
Command (m for help): v
Partition 1: overlaps partition 2.
Partition 1: overlaps partition 3.
Partition 2: overlaps partition 3.
Partition 1: overlaps partition 4.
Total allocated sectors 3463497636 greater than the maximum 204800000.
Command (m for help): i
Partition number (1-4, default 4): 1
Device: /dev/sda1p1
Start: 1936269394
End: 3772285809
Sectors: 1836016416
Cylinders: 114287
Size: 875.5G
Id: 4f
Type: QNX4.x 3rd part
Start-C/H/S: 335/2/10
End-C/H/S: 327/13/84
Attrs: 0d
Command (m for help): i
Partition number (1-4, default 4): 2
Device: /dev/sda1p2
Start: 1917848077
End: 2462285169
Sectors: 544437093
Cylinders: 33890
Size: 259.6G
Id: 73
Type: unknown
Start-C/H/S: 371/37/114
End-C/H/S: 256/36/101
Attrs: 70
Command (m for help): i
Partition number (1-4, default 4): 3
Device: /dev/sda1p3
Start: 1818575915
End: 2362751050
Sectors: 544175136
Cylinders: 33874
Size: 259.5G
Id: 2b
Type: unknown
Start-C/H/S: 364/50/116
End-C/H/S: 372/44/65
Attrs: 43
Command (m for help): i
Partition number (1-4, default 4): 4
Device: /dev/sda1p4
Start: 2844524554
End: 2844579527
Sectors: 54974
Cylinders: 4
Size: 26.9M
Id: 61
Type: SpeedStor
Start-C/H/S: 372/51/101
End-C/H/S: 269/52/114
Attrs: 72
linux windows partitioning
asked 1 hour ago
blackpineblackpine
125
add a comment |
While using diskpart in Windows 10, I am able to see only one partition which i've created and installed Windows in a .vhdx file, but this is the only visible partition seen using that utility while booted from installation media. I decided to see what a Dr. Web rescue CD/USB showed and what I found doen't make sense. First, I used the command fdisk /dev/sda and the results matched diskpart but when I ran fdisk /dev/sda1, it appears that there are four additional/sub partitions and are sized (somehow) much larger than the 500G HDD i have in the machine.
What has been done with the partitioning and how is it possible to have partitions that are significantly larger than the capacity of the physical drive?
How can I check if there are other partitions on the drive that are not visible?
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 9603D5A0-AAEE-41B0-96E0-813FB368B872
Device Start End Sectors Size Type
/dev/sda1 2048 204802047 204800000 97.7G Microsoft basic data
Command (m for help):
root@drweb:~# fdisk /dev/sda1
Welcome to fdisk (util-linux 2.27.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/sda1: 97.7 GiB, 104857600000 bytes, 204800000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x6e697373
Device Boot Start End Sectors Size Id Type
/dev/sda1p1 1936269394 3772285809 1836016416 875.5G 4f QNX4.x 3rd part
/dev/sda1p2 1917848077 2462285169 544437093 259.6G 73 unknown
/dev/sda1p3 1818575915 2362751050 544175136 259.5G 2b unknown
/dev/sda1p4 2844524554 2844579527 54974 26.9M 61 SpeedStor
Partition table entries are not in disk order.
Command (m for help): v
Partition 1: overlaps partition 2.
Partition 1: overlaps partition 3.
Partition 2: overlaps partition 3.
Partition 1: overlaps partition 4.
Total allocated sectors 3463497636 greater than the maximum 204800000.
Command (m for help): i
Partition number (1-4, default 4): 1
Device: /dev/sda1p1
Start: 1936269394
End: 3772285809
Sectors: 1836016416
Cylinders: 114287
Size: 875.5G
Id: 4f
Type: QNX4.x 3rd part
Start-C/H/S: 335/2/10
End-C/H/S: 327/13/84
Attrs: 0d
Command (m for help): i
Partition number (1-4, default 4): 2
Device: /dev/sda1p2
Start: 1917848077
End: 2462285169
Sectors: 544437093
Cylinders: 33890
Size: 259.6G
Id: 73
Type: unknown
Start-C/H/S: 371/37/114
End-C/H/S: 256/36/101
Attrs: 70
Command (m for help): i
Partition number (1-4, default 4): 3
Device: /dev/sda1p3
Start: 1818575915
End: 2362751050
Sectors: 544175136
Cylinders: 33874
Size: 259.5G
Id: 2b
Type: unknown
Start-C/H/S: 364/50/116
End-C/H/S: 372/44/65
Attrs: 43
Command (m for help): i
Partition number (1-4, default 4): 4
Device: /dev/sda1p4
Start: 2844524554
End: 2844579527
Sectors: 54974
Cylinders: 4
Size: 26.9M
Id: 61
Type: SpeedStor
Start-C/H/S: 372/51/101
End-C/H/S: 269/52/114
Attrs: 72
linux windows partitioning
asked 1 hour ago
blackpineblackpine
125
add a comment |
While using diskpart in Windows 10, I am able to see only one partition which i've created and installed Windows in a .vhdx file, but this is the only visible partition seen using that utility while booted from installation media. I decided to see what a Dr. Web rescue CD/USB showed and what I found doen't make sense. First, I used the command fdisk /dev/sda and the results matched diskpart but when I ran fdisk /dev/sda1, it appears that there are four additional/sub partitions and are sized (somehow) much larger than the 500G HDD i have in the machine.
What has been done with the partitioning and how is it possible to have partitions that are significantly larger than the capacity of the physical drive?
How can I check if there are other partitions on the drive that are not visible?
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 9603D5A0-AAEE-41B0-96E0-813FB368B872
Device Start End Sectors Size Type
/dev/sda1 2048 204802047 204800000 97.7G Microsoft basic data
Command (m for help):
root@drweb:~# fdisk /dev/sda1
Welcome to fdisk (util-linux 2.27.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/sda1: 97.7 GiB, 104857600000 bytes, 204800000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x6e697373
Device Boot Start End Sectors Size Id Type
/dev/sda1p1 1936269394 3772285809 1836016416 875.5G 4f QNX4.x 3rd part
/dev/sda1p2 1917848077 2462285169 544437093 259.6G 73 unknown
/dev/sda1p3 1818575915 2362751050 544175136 259.5G 2b unknown
/dev/sda1p4 2844524554 2844579527 54974 26.9M 61 SpeedStor
Partition table entries are not in disk order.
Command (m for help): v
Partition 1: overlaps partition 2.
Partition 1: overlaps partition 3.
Partition 2: overlaps partition 3.
Partition 1: overlaps partition 4.
Total allocated sectors 3463497636 greater than the maximum 204800000.
Command (m for help): i
Partition number (1-4, default 4): 1
Device: /dev/sda1p1
Start: 1936269394
End: 3772285809
Sectors: 1836016416
Cylinders: 114287
Size: 875.5G
Id: 4f
Type: QNX4.x 3rd part
Start-C/H/S: 335/2/10
End-C/H/S: 327/13/84
Attrs: 0d
Command (m for help): i
Partition number (1-4, default 4): 2
Device: /dev/sda1p2
Start: 1917848077
End: 2462285169
Sectors: 544437093
Cylinders: 33890
Size: 259.6G
Id: 73
Type: unknown
Start-C/H/S: 371/37/114
End-C/H/S: 256/36/101
Attrs: 70
Command (m for help): i
Partition number (1-4, default 4): 3
Device: /dev/sda1p3
Start: 1818575915
End: 2362751050
Sectors: 544175136
Cylinders: 33874
Size: 259.5G
Id: 2b
Type: unknown
Start-C/H/S: 364/50/116
End-C/H/S: 372/44/65
Attrs: 43
Command (m for help): i
Partition number (1-4, default 4): 4
Device: /dev/sda1p4
Start: 2844524554
End: 2844579527
Sectors: 54974
Cylinders: 4
Size: 26.9M
Id: 61
Type: SpeedStor
Start-C/H/S: 372/51/101
End-C/H/S: 269/52/114
Attrs: 72
linux windows partitioning
asked 1 hour ago
blackpineblackpine
125
While using diskpart in Windows 10, I am able to see only one partition which i've created and installed Windows in a .vhdx file, but this is the only visible partition seen using that utility while booted from installation media. I decided to see what a Dr. Web rescue CD/USB showed and what I found doen't make sense. First, I used the command fdisk /dev/sda and the results matched diskpart but when I ran fdisk /dev/sda1, it appears that there are four additional/sub partitions and are sized (somehow) much larger than the 500G HDD i have in the machine.
What has been done with the partitioning and how is it possible to have partitions that are significantly larger than the capacity of the physical drive?
How can I check if there are other partitions on the drive that are not visible?
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 9603D5A0-AAEE-41B0-96E0-813FB368B872
Device Start End Sectors Size Type
/dev/sda1 2048 204802047 204800000 97.7G Microsoft basic data
Command (m for help):
root@drweb:~# fdisk /dev/sda1
Welcome to fdisk (util-linux 2.27.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/sda1: 97.7 GiB, 104857600000 bytes, 204800000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x6e697373
Device Boot Start End Sectors Size Id Type
/dev/sda1p1 1936269394 3772285809 1836016416 875.5G 4f QNX4.x 3rd part
/dev/sda1p2 1917848077 2462285169 544437093 259.6G 73 unknown
/dev/sda1p3 1818575915 2362751050 544175136 259.5G 2b unknown
/dev/sda1p4 2844524554 2844579527 54974 26.9M 61 SpeedStor
Partition table entries are not in disk order.
Command (m for help): v
Partition 1: overlaps partition 2.
Partition 1: overlaps partition 3.
Partition 2: overlaps partition 3.
Partition 1: overlaps partition 4.
Total allocated sectors 3463497636 greater than the maximum 204800000.
Command (m for help): i
Partition number (1-4, default 4): 1
Device: /dev/sda1p1
Start: 1936269394
End: 3772285809
Sectors: 1836016416
Cylinders: 114287
Size: 875.5G
Id: 4f
Type: QNX4.x 3rd part
Start-C/H/S: 335/2/10
End-C/H/S: 327/13/84
Attrs: 0d
Command (m for help): i
Partition number (1-4, default 4): 2
Device: /dev/sda1p2
Start: 1917848077
End: 2462285169
Sectors: 544437093
Cylinders: 33890
Size: 259.6G
Id: 73
Type: unknown
Start-C/H/S: 371/37/114
End-C/H/S: 256/36/101
Attrs: 70
Command (m for help): i
Partition number (1-4, default 4): 3
Device: /dev/sda1p3
Start: 1818575915
End: 2362751050
Sectors: 544175136
Cylinders: 33874
Size: 259.5G
Id: 2b
Type: unknown
Start-C/H/S: 364/50/116
End-C/H/S: 372/44/65
Attrs: 43
Command (m for help): i
Partition number (1-4, default 4): 4
Device: /dev/sda1p4
Start: 2844524554
End: 2844579527
Sectors: 54974
Cylinders: 4
Size: 26.9M
Id: 61
Type: SpeedStor
Start-C/H/S: 372/51/101
End-C/H/S: 269/52/114
Attrs: 72
linux windows partitioning
linux windows partitioning
asked 1 hour ago
blackpineblackpine
125
asked 1 hour ago
blackpineblackpine
125
asked 1 hour ago
blackpineblackpine
125
asked 1 hour ago
blackpineblackpine
125
asked 1 hour ago
blackpineblackpine
125
125
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1419234%2fmal-ware-modified-partitions-visible-in-linux-not-windows-are-there-more%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1419234%2fmal-ware-modified-partitions-visible-in-linux-not-windows-are-there-more%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
