Dual boo + Hide partitions

Markusc

Member
Hey! I know this has been brought up a few times, but I was unable to gather the information I need from the other threads.

I have a triple boot of Windows 7, Ubuntu and Windows 8, all installed on the same hard drive but in separate partitions. My Windows 7 will endure unrecognised software which may contain malware, I would therefore want to stop Windows 7 from accessing my main OS partition (Windows 8).


In other word I would like to hide Win8's partition from Win7. I have looked into NeoGrub which for some reason I was unable to install through EasyBCD. Are there other options to NeoGrub and which option would serve best in this situation? or should i keep trying to install NeoGrub?

Thanks


Disk.JPG
*My setup
 
MS boot managers don't manipulate the hide bit.
If you want to truly "hide" a partition (using the MBR "hide" bit) then you can't boot using bootmgr to choose any hidden partition.
You can set the hide bit using any partition manager.
If you just want W8 not to see W7, then you can just remove the W7 disk letter from W8's Disk Management.
EasyBCD loads Neogrub to use it in chaining from bootmgr to other non-MS OSs, not to replace bootmgr.
 
I would like to hide W8 from W7. If i remove the W8's disk letter from Disk Management will i still be able to boot W8 without having to change Disk Management back?

How would i truly "hide" a partition?

I've also read the HnS can do this? but i can find any information/tutorials on HnS.

How-To: Hide Vista Partition from XP with NeoGrub! | The NeoSmart Files This NeoGrub tutorial is from 2009 but it hides Vista from XP, cant i do the same just with W8 from W7? and is this method outdated?

Addendum

Btw, i get an error when i try to change the driver letters in Disk Managment; "Assigning or removing drive letters on the current boot or pagefile volume is not allowed."
Remove.JPG
 
Last edited:
HnS (which I still use in a heavily customized form) never made it out of Beta, so the only documentation for it is the appropriate thread. (be prepared for a long read)

Disk letters are virtual, not real. They only exist in the mind (registry) of the running system. When your system is turned off, there are no letters associated with any device or partition. For that reason, it's of no importance to W8 whether W7 has a letter describing it or not.
You won't be able to remove a disk letter in Disk Management if the partition is flagged as "system", "boot" or "page".
Disk Management flags have the following meanings
"boot" = "this is the system you're running"
"system" = "this is where I found the boot files for the currently running system"
"active" (on the first HDD in the BIOS boot sequence) = "this is where I started the search for the boot files"
"active" (on subsequent HDDs in the BIOS boot sequence) ="this is where I will look if I don't find something in the MBR on the first HDD"
"page" = "this partition contains the page (swap) file for the currently running system"

In your case "system" and "active" should be the system reserved partition, so as long as you don't have W7 booted (it isn't "boot"), the only thing which will stop you removing the letter is "page".
You can work around that by moving the page file off the W7 partition. . It's good practice to have the page file on a different HDD if you have one, to avoid head contention between the OS and the pagefile, but if you don't you can still allocate W7's pagefile on W8 (it will use the same space whichever is booted, it's only empty space when the OS is not in use)
Computer (right click) > Properties > Advanced > Performance > Settings > Advanced > Virtual Memory > Change
Allocate space elsewhere, then unallocate the space on C. (reply yes if it asks whether you want to overwrite the W8 pagefile)
 
Last edited:
Thanks! I will give the drive letter method a try and let you know how it goes.

Addendum

Everything worked great! thanks again for your post, it clarified a lot. Do removing the drive letter disable all access to the drive? i'm wondering if malware is still able to write/read on a hidden drive?
 
I suppose, strictly speaking, there's nothing a clever piece of malware couldn't do to a drive that's up and running on your PC, but I've never heard of anything that attacked an unbooted OS. (with or without a letter)
Virus writers want their code to work on the maximum number of targets and the vast majority of PCs on the planet contain a single OS (and mostly just a C disk), so that's what the malware will be looking to exploit, not take a poke around looking for multi-boots on the off-chance. Some exploits like the conficker worm targetted USB flash drives, so that you'd carry the infection with you to another PC (or cross infect your multi-boot if you moved to a second system to try disinfecting the first and didn't remove all your USB drives)
Removing the drive letter means that Explorer (and hence most of your installed apps) cannot address anything thereon, so it effectively doesn't exist. That doesn't mean that more specialist software (like Disk Management and Partition Managers) can't access it. (that's how you can put the letter back)
Even the hide bit is just a convention. The drive is not hidden from a partition manager which will turn the bit back off for you, else you'd never see it again.
 
That doesn't mean that more specialist software (like Disk Management and Partition Managers) can't access it. (that's how you can put the letter back).

Or EasyBCD! :grinning:

That's how we modify boot files on non-mounted disks.
 
Hey, just wanted to let you know that everything works great! I think the partitions are quite isolated from each other. Thanks again for your support!
 
Back
Top