bare-metal installation of Windows 7 users, after running the diskmgmt.msc open disk manager, you can see that there is a hidden partition of 200MB before the system partition (usually C partition). What is the connection between this particular hidden partition and the Windows 7 system? Let's take a look at it.
1, partition status
The format of the partition is NTFS, there is no disk label and no drive letter assigned, its disk status is described as: system, activity, primary partition. Because there is no drive letter, it is not visible in the resource manager. (Figure 1)
2. What is in this partition?
In order to find out, I assigned a drive letter F to it. To do this, select the partition in Disk Manager, right-click and select “Change Drive Letter and Path>; Popup Change Wizard. Click the “Add” button in the pop-up dialog box to click “ Assign the following drive letter & rdquo;, then click on the drop-down list to select F from it, and finally & ldquo; OK & rdquo; exit. Next, open “computer” to see a new disk partition F, enter the partition and find two hidden directories Boot and System Volume Information, in addition to two hidden files bootmgr and BOOTSECT.BAK. There is no doubt that Windows 7 saves the system's boot files in this hidden partition. (Figure 2)
3. Does the partition number increase the system startup?
Next we restart the system to see if the above operation (adding a drive letter) will affect the startup of Windows 7. The test results system starts normally, and it can be seen that the above modifications will not affect the system startup. This is very well understood, the operation of reassigning the drive letter to the boot partition does not modify the system's boot file, nor does it modify the disk boot sector. It can be seen that the reason why Microsoft put the boot file of Windows 7 in a separate hidden partition must be the protection of the boot file. (Figure 3)
4. Can I return the partition to the hidden mode?
Since the hidden partition is to protect the system boot file, let's test if we can cancel the drive number we just gave it. . Right click on the partition and select “change drive letter and path”, try “change" or “delete" drive letter shows <; cannot delete/change the drive letter of the volume" Is the system or boot volume. Thus, the process of adding a drive letter to this particular hidden partition in Windows 7 is irreversible. (Figure 4)
5. Does deleting the files in the partition affect the system startup?
The following is how we try to delete the system boot files in the partition. The author logs in to the system as an administrator, enters the F partition and then deletes the file. During the deletion process, some of the files were undelete, indicating that the file is being used ” or the prompt <;no delete permission”. Then tried to give the administrator the "full control permission", the result was rejected. After testing, even the system does not have full control permissions, only the TrusterInstaller user has full control permissions. This user is unique to Windows 7. Its task is single and related to system installation. There is no such user in Windows 7 users and groups (lusrmgr.msc). Let's see if it affects system startup after deleting some files in the partition. Restart the system, no problem, the system starts normally. It can be seen that the file we just deleted has nothing to do with the system startup, and the files that are really related to the system startup cannot be deleted. (Figure 5)
6. Does the deletion of the partition affect the system startup?
With the disk manager, the author tries to <formatting”,“delete volume” can not be successful, visible Windows 7 The protection of this partition is very good. Since the system tools don't work, try a third-party tool. I tested it with Acronis Disk Director Suite 10.0, which used the tool to delete the partition and its data, and then restart the system. The display "BOOTMBR is missing", that is, the main boot sector is lost and the system cannot be started. It can be seen that the hidden partition saves the boot file of the system and the primary boot partition information of the disk. (Figure 6)
Summary: Through the above test, the mystery of this hidden partition is revealed. This 200MB hidden partition is very important for Windows 7, it saves the system boot file and the disk boot fan. District information. If it is lost or destroyed, it will be catastrophic for Windows 7. In general, saving Windows 7 boot files in a hidden partition undoubtedly enhances its security. However, because the target is single, it is also easy to be the target of the attack. Therefore, it is recommended that you do not assign a drive letter to the hidden partition, so that it can prevent human or virus Trojans from causing damage to a large extent.