0

Rev. 1 - Added mount points for reference and additional blk/snap info. Rev. 2 - Added log files in code block and screenshot as they appear not to match.

I believe there is a hidden or masked partition on either my local SSD or the live USB which i've used to boot my laptop in this particular instance, and that the partition contains malware I have been unable to remove. After executing the udisksctl command on my live USB, I get the output shown below. The USB (microSD card in a PNY card reader) has been physically write protected prior to ever being inserted into an infected PC, so I know that the USB is clean and has not been infected. Can someone help me understand the output and explain how I can remove the object from my PC?

Note:

I have included the output from fdisk -l in a second code block for additional information. I have only one SSD in the laptop and only one USB card reader attached, containing my microSD card (live USB). The microSD card has been used to boot the PC using Ubuntu 18.10.

  root@ubuntu:/home/ubuntu# udisksctl info -p /dev/sdb1

    (udisksctl info:8905): GLib-GIO-CRITICAL **: 06:27:40.321: g_dbus_object_manager_get_object: assertion 'g_variant_is_object_path (object_path)' failed
    Error looking up object with path /dev/sdb1
    root@ubuntu:/home/ubuntu# udisksctl info -b /dev/sdb1
    /org/freedesktop/UDisks2/block_devices/sdb1:
      org.freedesktop.UDisks2.Block:
        Configuration:              [('fstab', {'fsname': , 'dir': , 'type': , 'opts': , 'freq': , 'passno': })]
        CryptoBackingDevice:        '/'
        Device:                     /dev/sdb1
        DeviceNumber:               2065
        Drive:                      '/org/freedesktop/UDisks2/drives/Multiple_Card__Reader_058F63666438'
        HintAuto:                   true
        HintIconName:               
        HintIgnore:                 false
        HintName:                   
        HintPartitionable:          true
        HintSymbolicIconName:       
        HintSystem:                 false
        Id:                         by-uuid-18E7-1F79
        IdLabel:                    MULTIBOOT
        IdType:                     vfat
        IdUUID:                     18E7-1F79
        IdUsage:                    filesystem
        IdVersion:                  FAT32
        MDRaid:                     '/'
        MDRaidMember:               '/'
        PreferredDevice:            /dev/sdb1
        ReadOnly:                   true
        Size:                       15661531136
        Symlinks:                   /dev/disk/by-id/usb-Multiple_Card_Reader_058F63666438-0:0-part1
                                    /dev/disk/by-label/MULTIBOOT
                                    /dev/disk/by-partuuid/f7cd59a9-01
                                    /dev/disk/by-path/pci-0000:00:14.0-usb-0:1.4:1.0-scsi-0:0:0:0-part1
                                    /dev/disk/by-uuid/18E7-1F79
        UserspaceMountOptions:      
      org.freedesktop.UDisks2.Filesystem:
        MountPoints:        
        Size:               0
      org.freedesktop.UDisks2.Partition:
        Flags:              128
        IsContained:        false
        IsContainer:        false
        Name:               
        Number:             1
        Offset:             4194304
        Size:               15661531136
        Table:              '/org/freedesktop/UDisks2/block_devices/sdb'
        Type:               0x0c
        UUID:               f7cd59a9-01  
  root@ubuntu:/home/ubuntu# fdisk -l
Disk /dev/loop0: 1.9 GiB, 1999503360 bytes, 3905280 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x133f436e

Device       Boot   Start     End Sectors  Size Id Type
/dev/loop0p1 *          0 3905279 3905280  1.9G  0 Empty
/dev/loop0p2      3828884 3833811    4928  2.4M ef EFI (FAT-12/16/32)


Disk /dev/loop1: 1.8 GiB, 1905549312 bytes, 3721776 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop2: 87.9 MiB, 92123136 bytes, 179928 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop3: 140.9 MiB, 147722240 bytes, 288520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop4: 2.3 MiB, 2355200 bytes, 4600 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop5: 13 MiB, 13619200 bytes, 26600 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop6: 14.5 MiB, 15208448 bytes, 29704 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop7: 3.7 MiB, 3878912 bytes, 7576 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes




Disk /dev/sdb: 14.6 GiB, 15665725440 bytes, 30597120 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xf7cd59a9

Device     Boot Start      End  Sectors  Size Id Type
/dev/sdb1  *     8192 30597119 30588928 14.6G  c W95 FAT32 (LBA)


Disk /dev/loop8: 42.1 MiB, 44183552 bytes, 86296 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
root@ubuntu:/home/ubuntu#  
  ubuntu@ubuntu:~$ findmnt
TARGET                                SOURCE     FSTYPE  OPTIONS
/                                     /cow       overlay rw,relatime,lowerdir=//
├─/sys                                sysfs      sysfs   rw,nosuid,nodev,noexec,
│ ├─/sys/kernel/security              securityfs securit rw,nosuid,nodev,noexec,
│ ├─/sys/fs/cgroup                    tmpfs      tmpfs   ro,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/unified          cgroup2    cgroup2 rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/systemd          cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/freezer          cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/perf_event       cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/hugetlb          cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/memory           cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/cpu,cpuacct      cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/devices          cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/cpuset           cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/rdma             cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/net_cls,net_prio cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ ├─/sys/fs/cgroup/blkio            cgroup     cgroup  rw,nosuid,nodev,noexec,
│ │ └─/sys/fs/cgroup/pids             cgroup     cgroup  rw,nosuid,nodev,noexec,
│ ├─/sys/fs/pstore                    pstore     pstore  rw,nosuid,nodev,noexec,
│ ├─/sys/firmware/efi/efivars         efivarfs   efivarf rw,nosuid,nodev,noexec,
│ ├─/sys/fs/bpf                       bpf        bpf     rw,nosuid,nodev,noexec,
│ ├─/sys/kernel/debug                 debugfs    debugfs rw,relatime
│ ├─/sys/fs/fuse/connections          fusectl    fusectl rw,relatime
│ └─/sys/kernel/config                configfs   configf rw,relatime
├─/proc                               proc       proc    rw,nosuid,nodev,noexec,
│ └─/proc/sys/fs/binfmt_misc          systemd-1  autofs  rw,relatime,fd=30,pgrp=
├─/dev                                udev       devtmpf rw,nosuid,relatime,size
│ ├─/dev/pts                          devpts     devpts  rw,nosuid,noexec,relati
│ ├─/dev/shm                          tmpfs      tmpfs   rw,nosuid,nodev
│ ├─/dev/mqueue                       mqueue     mqueue  rw,relatime
│ └─/dev/hugepages                    hugetlbfs  hugetlb rw,relatime,pagesize=2M
├─/run                                tmpfs      tmpfs   rw,nosuid,noexec,relati
│ ├─/run/lock                         tmpfs      tmpfs   rw,nosuid,nodev,noexec,
│ └─/run/user/999                     tmpfs      tmpfs   rw,nosuid,nodev,relatim
│   └─/run/user/999/gvfs              gvfsd-fuse fuse.gv rw,nosuid,nodev,relatim
├─/isodevice                          /dev/sdb1  vfat    ro,relatime,fmask=0022,
├─/cdrom                              /dev/loop0 iso9660 ro,noatime,nojoliet,che
├─/rofs                               /dev/loop1 squashf ro,noatime
├─/tmp                                tmpfs      tmpfs   rw,nosuid,nodev,relatim
├─/snap/core/5662                     /dev/loop2 squashf ro,nodev,relatime
├─/snap/gnome-3-26-1604/70            /dev/loop3 squashf ro,nodev,relatime
├─/snap/gnome-calculator/238          /dev/loop4 squashf ro,nodev,relatime
├─/snap/gnome-characters/124          /dev/loop5 squashf ro,nodev,relatime
├─/snap/gnome-logs/45                 /dev/loop6 squashf ro,nodev,relatime
├─/snap/gnome-system-monitor/57       /dev/loop7 squashf ro,nodev,relatime
└─/snap/gtk-common-themes/701         /dev/loop8 squashf ro,nodev,relatime

 ubuntu@ubuntu:~$ sudo snap list
Name                  Version    Rev   Tracking  Publisher   Notes
core                  16-2.35.4  5662  stable    canonical✓  core
gnome-3-26-1604       3.26.0     70    stable/…  canonical✓  -
gnome-calculator      3.30.0     238   stable/…  canonical✓  -
gnome-characters      3.29.91    124   stable/…  canonical✓  -
gnome-logs            3.30.0     45    stable/…  canonical✓  -
gnome-system-monitor  3.30.0     57    stable/…  canonical✓  -
gtk-common-themes     0.1        701   stable/…  canonical✓  -
ubuntu@ubuntu:~$ sudo losetup
NAME SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE                         DIO LOG-SEC
/dev/loop1
             0      0         0  1 /cdrom/casper/filesystem.squashfs   0     512
/dev/loop8
             0      0         1  1 /var/lib/snapd/snaps/gtk-common-themes_701.snap
                                                                       0     512
/dev/loop6
             0      0         1  1 /var/lib/snapd/snaps/gnome-logs_45.snap
                                                                       0     512
/dev/loop4
             0      0         1  1 /var/lib/snapd/snaps/gnome-calculator_238.snap
                                                                       0     512
/dev/loop2
             0      0         1  1 /var/lib/snapd/snaps/core_5662.snap
                                                                       0     512
/dev/loop0
             0      0         0  1 /isodevice/multiboot/ubuntu-18.10-desktop-amd64/ubuntu-18.10-desktop-amd64.iso
                                                                       0     512
/dev/loop7
             0      0         1  1 /var/lib/snapd/snaps/gnome-system-monitor_57.snap
                                                                       0     512
/dev/loop5
             0      0         1  1 /var/lib/snapd/snaps/gnome-characters_124.snap
                                                                       0     512
/dev/loop3
             0      0         1  1 /var/lib/snapd/snaps/gnome-3-26-1604_70.snap
                                                                       0     512
ubuntu@ubuntu:~$ sudo lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
loop0    7:0    0   1.9G  1 loop /cdrom
loop1    7:1    0   1.8G  1 loop /rofs
loop2    7:2    0  87.9M  1 loop /snap/core/5662
loop3    7:3    0 140.9M  1 loop /snap/gnome-3-26-1604/70
loop4    7:4    0   2.3M  1 loop /snap/gnome-calculator/238
loop5    7:5    0    13M  1 loop /snap/gnome-characters/124
loop6    7:6    0  14.5M  1 loop /snap/gnome-logs/45
loop7    7:7    0   3.7M  1 loop /snap/gnome-system-monitor/57
loop8    7:8    0  42.1M  1 loop /snap/gtk-common-themes/701
sda      8:0    0 465.8G  0 disk 
sdb      8:16   1  14.6G  1 disk 
└─sdb1   8:17   1  14.6G  1 part /isodevice
sr0     11:0    1  1024M  0 rom  

 09:24:26 gnome-logs: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
09:24:26 gnome-logs: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
09:24:26 gnome-logs: g_file_info_get_attribute_boolean: assertion 'G_IS_FILE_INFO (info)' failed
09:24:01 gnome-shell: main.go:192: cannot change mount namespace of snap "gnome-logs" according to change mount (/snap/gtk-common-themes/701/share/icons/Suru /snap/gnome-logs/45/data-dir/icons/Suru none bind,ro 0 0): cannot use "/snap/gtk-common-themes/701/share/icons/Suru" as bind-mount source: not a directory
09:23:24 systemd: Started Cleanup of Temporary Directories.
09:23:24 systemd-tmpfile: [/usr/lib/tmpfiles.d/spice-vdagentd.conf:2] Line references path below legacy directory /var/run/, updating /var/run/spice-vdagentd → /run/spice-vdagentd; please update the tmpfiles.d/ drop-in file accordingly.
09:23:24 systemd: Starting Cleanup of Temporary Directories...
09:20:13 sudo: pam_unix(sudo:session): session closed for user root
09:17:02 cron: pam_unix(cron:session): session closed for user root
09:14:01 gnome-shell: (/usr/lib/firefox/firefox:4819): dconf-WARNING **: 09:14:01.070: Unable to open /var/lib/snapd/desktop/dconf/profile/user: Permission denied
09:10:45 systemd-timesyn: Synchronized to time server 91.189.94.4:123 (ntp.ubuntu.com).
09:10:27 whoopsie: [09:10:27] online
09:10:26 nm-dispatcher: req:2 'dhcp6-change' [eno1]: start running ordered scripts...
09:10:26 avahi-daemon: Registering new address record for fd23:ebf1:2476::8e8 on eno1.*.
09:10:26 NetworkManager:   [1546247426.2969] dhcp6 (eno1): state changed unknown -> bound, event ID="82:3b:21:9b|1546247426"
09:10:26 dhclient: RCV: Reply message on eno1 from fe80::e695:6eff:fe43:ef1b.
09:10:25 avahi-daemon: Registering new address record for fd23:ebf1:2476:0:f9f2:9185:8ede:f286 on eno1.*.
09:10:24 dhclient: message status code NotOnLink.
09:10:23 avahi-daemon: Withdrawing address record for fe80::27c:1685:20f4:5560 on eno1.
09:10:23 NetworkManager:   [1546247423.9360] dhcp6 (eno1): dhclient started with pid 4611
09:10:22 systemd-resolve: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
09:10:22 nm-dispatcher: req:1 'up' [eno1]: start running ordered scripts...
09:10:22 systemd: Started Network Manager Script Dispatcher Service.
09:10:22 dbus-daemon: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
09:10:22 gsd-sharing: Failed to StopUnit service: GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit gnome-remote-desktop.service not loaded.
09:10:22 systemd: Starting Network Manager Script Dispatcher Service...
09:10:22 dbus-daemon: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.18' (uid=0 pid=1193 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
09:10:22 dhclient: bound to 192.168.8.145 -- renewal in 17038 seconds.
09:10:22 NetworkManager:   [1546247422.1574] device (eno1): Activation: successful, device activated.
09:10:22 avahi-daemon: Registering new address record for 192.168.8.145 on eno1.IPv4.
09:10:22 NetworkManager:   [1546247422.1514] dhcp4 (eno1): state changed unknown -> bound
09:10:22 dhclient: DHCPACK of 192.168.8.145 from 192.168.8.1
09:10:22 avahi-daemon: Registering new address record for fe80::27c:1685:20f4:5560 on eno1.*.
09:10:22 NetworkManager:   [1546247422.1169] dhcp4 (eno1): dhclient started with pid 4522
09:10:22 kernel: r8169 0000:02:00.0 eno1: link up
09:10:22 NetworkManager:   [1546247422.1006] device (eno1): carrier: link connected
09:09:41 su: pam_unix(su:session): session closed for user root
09:09:03 systemd: Startup finished in 4.950s (firmware) + 14.452s (loader) + 21.870s (kernel) + 51.332s (userspace) = 1min 32.606s.
09:09:02 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-calculator.gnome-calculator" pid=4373 comm="apparmor_parser"
09:09:01 kernel: audit: type=1400 audit(1546247341.308:225): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-calculator.gnome-calculator" pid=4341 comm="apparmor_parser"
09:09:01 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-calculator.gnome-calculator" pid=4341 comm="apparmor_parser"
09:09:01 kernel: audit: type=1400 audit(1546247341.068:224): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-calculator" pid=4339 comm="apparmor_parser"
09:09:01 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-calculator" pid=4339 comm="apparmor_parser"
09:09:00 kernel: audit: type=1400 audit(1546247340.892:223): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-logs.gnome-logs" pid=4332 comm="apparmor_parser"
09:09:00 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-logs.gnome-logs" pid=4332 comm="apparmor_parser"
09:09:00 kernel: audit: type=1400 audit(1546247340.664:222): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-logs" pid=4330 comm="apparmor_parser"
09:09:00 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-logs" pid=4330 comm="apparmor_parser"
09:09:00 kernel: audit: type=1400 audit(1546247340.420:221): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-logs.gnome-logs" pid=4322 comm="apparmor_parser"
09:09:00 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-logs.gnome-logs" pid=4322 comm="apparmor_parser"
09:09:00 kernel: audit: type=1400 audit(1546247340.196:220): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-logs" pid=4320 comm="apparmor_parser"
09:09:00 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap-update-ns.gnome-logs" pid=4320 comm="apparmor_parser"
09:09:00 kernel: audit: type=1400 audit(1546247340.028:219): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-characters.gnome-characters" pid=4312 comm="apparmor_parser"
09:09:00 apparmor_parser: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.gnome-characters.gnome-characters" pid=4312 comm="apparmor_parser"

Screenshot of Logs

Screenshot of Logs

Improve this question
2
  • What kind of "physical write protection" to your µSD card do you mean? If you were relying on that tiny switch, check here or here. µSD might well have been altered by malware.
    – jvb
    Commented Dec 31, 2018 at 9:35
  • @jvb Well I was counting on the physical switch but apparently, you cant count on that any longer. News to me but thanks for the info.
    – user919501
    Commented Dec 31, 2018 at 9:42

1 Answer 1

Reset to default
0

I'd say there are no extra partitions.

The loop devices are traces of snap packages present on the "Live USB"

Compare to a newly downloaded 18.04 - "live USB" [on 4GB USB Flash-mem]
(I have removed sda, sdb and sdc - my actual harddisks):

ubuntu@ubuntu:~$ snap list
Name                  Version    Rev   Tracking  Publisher  Notes
core                  16-2.33.1  4917  stable    canonical  core
gnome-3-26-1604       3.26.0     70    stable/…  canonical  -
gnome-calculator      3.28.2     180   stable/…  canonical  -
gnome-characters      3.28.2     103   stable/…  canonical  -
gnome-logs            3.28.2     37    stable/…  canonical  -
gnome-system-monitor  3.28.2     51    stable/…  canonical  -
gtk-common-themes     0.1        319   stable/…  canonical  -


ubuntu@ubuntu:~$ losetup
NAME       SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE                                         DIO LOG-SEC
/dev/loop1         0      0         1  1 /var/lib/snapd/snaps/core_4917.snap                 0     512
/dev/loop6         0      0         1  1 /var/lib/snapd/snaps/gnome-logs_37.snap             0     512
/dev/loop4         0      0         1  1 /var/lib/snapd/snaps/gnome-calculator_180.snap      0     512
/dev/loop2         0      0         1  1 /var/lib/snapd/snaps/gtk-common-themes_319.snap     0     512
/dev/loop0         0      0         0  1 /cdrom/casper/filesystem.squashfs                   0     512
/dev/loop7         0      0         1  1 /var/lib/snapd/snaps/gnome-system-monitor_51.snap   0     512
/dev/loop5         0      0         1  1 /var/lib/snapd/snaps/gnome-characters_103.snap      0     512
/dev/loop3         0      0         1  1 /var/lib/snapd/snaps/gnome-3-26-1604_70.snap        0     512


ubuntu@ubuntu:~$ lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
loop0    7:0    0   1.8G  1 loop /rofs
loop1    7:1    0  86.9M  1 loop /snap/core/4917
loop2    7:2    0  34.7M  1 loop /snap/gtk-common-themes/319
loop3    7:3    0 140.9M  1 loop /snap/gnome-3-26-1604/70
loop4    7:4    0   2.3M  1 loop /snap/gnome-calculator/180
loop5    7:5    0    13M  1 loop /snap/gnome-characters/103
loop6    7:6    0  14.5M  1 loop /snap/gnome-logs/37
loop7    7:7    0   3.7M  1 loop /snap/gnome-system-monitor/51

---8<---

sdh      8:112  1   3.8G  0 disk /cdrom
├─sdh1   8:113  1   1.8G  0 part 
└─sdh2   8:114  1   2.3M  0 part 
sr0     11:0    1  1024M  0 rom  


ubuntu@ubuntu:~$ sudo fdisk -l
Disk /dev/loop0: 1.8 GiB, 1864450048 bytes, 3641504 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop1: 86.9 MiB, 91099136 bytes, 177928 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop2: 34.7 MiB, 36323328 bytes, 70944 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop3: 140.9 MiB, 147722240 bytes, 288520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop4: 2.3 MiB, 2433024 bytes, 4752 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop5: 13 MiB, 13619200 bytes, 26600 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop6: 14.5 MiB, 15196160 bytes, 29680 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/loop7: 3.7 MiB, 3887104 bytes, 7592 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes




Disk /dev/sda: ...

Disk /dev/sdb: ...

Disk /dev/sdc: ...

Disk /dev/sdh: 3.8 GiB, 4040748544 bytes, 7892087 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x663eb4c4

Device     Boot   Start     End Sectors  Size Id Type
/dev/sdh1  *          0 3815135 3815136  1.8G  0 Empty
/dev/sdh2       3737268 3741939    4672  2.3M ef EFI (FAT-12/16/32)


ubuntu@ubuntu:~$

Analysis of the available data in the question

The fdisk -l output

2GB Install-media-disk arranged to be bootable, compare to /dev/sdh above. loop0p1 and ...p2 are two partitions here. This is the first level of content in ubuntu-18.10-desktop-amd64.iso

Disk /dev/loop0: 1.9 GiB, 1999503360 bytes, 3905280 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x133f436e

Device       Boot   Start     End Sectors  Size Id Type
/dev/loop0p1 *          0 3905279 3905280  1.9G  0 Empty
/dev/loop0p2      3828884 3833811    4928  2.4M ef EFI (FAT-12/16/32)

The collection of loop devices, mounted snap packages, except #6:

Disk /dev/loop1: 1.8 GiB, 1905549312 bytes, 3721776 sectors
Disk /dev/loop2: 87.9 MiB, 92123136 bytes, 179928 sectors
Disk /dev/loop3: 140.9 MiB, 147722240 bytes, 288520 sectors
Disk /dev/loop4: 2.3 MiB, 2355200 bytes, 4600 sectors
Disk /dev/loop5: 13 MiB, 13619200 bytes, 26600 sectors
Disk /dev/loop6: 14.5 MiB, 15208448 bytes, 29704 sectors
Disk /dev/loop7: 3.7 MiB, 3878912 bytes, 7576 sectors
Disk /dev/loop8: 42.1 MiB, 44183552 bytes, 86296 sectors
Check the output of lsblk in your Question for the details. The first is a "CD-ROM" mounted as /rofs (Read Only File System) The others are snap packages included in there. loop6 either part of snap packages and/or place for logfiles during the Ubuntu installation process, similar to a RAM-resident disk.

The SSD:

Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
... a single partition

Now sdb/sdb1 must be the USB-memory's main partitioning. Is the one you boot possibly 16GB? It is bootable as "Boot" has a "*" below it.

Disk /dev/sdb: 14.6 GiB, 15665725440 bytes, 30597120 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xf7cd59a9

Device     Boot Start      End  Sectors  Size Id Type
/dev/sdb1  *     8192 30597119 30588928 14.6G  c W95 FAT32 (LBA)
Improve this answer
7
  • I'm not sure what's going on then. I've attached my log files for reference and added additional info in rev 1 of the body of the question. Maybe this info will shed some light where I am misunderstanding.
    – user919501
    Commented Dec 31, 2018 at 9:29
  • I have not checked your logs, It doesn't appear to be necessary from a quick glance...
    – Hannu
    Commented Dec 31, 2018 at 10:07
  • @ Hannu Just for a little more clarity, at the time I posted the question and provided the additional info, I had not installed any snap packages and there was no disk in the optical drive. Also, where you mentioned that loop6 and sdb were similar in size, sdb is 14G and loop6 is 14M, not that it really matters I'm sure. I just wasn't following your thought process and wanted to make sure that is whet you where trying to convey. Thank you very much for your time and help.
    – user919501
    Commented Dec 31, 2018 at 18:49
  • Ahh... I realize this is guesswork in large parts, for facts one would need to peek into and verify the structure of the Live disc. Updated. The Snap packages are likely included in the Live USB. I wish I had downloaded 18.10 (as that was what you used) and not 18.04.
    – Hannu
    Commented Jan 1, 2019 at 10:05
  • One last question and then I will stop, what is the reference to path /org/freedesktop/UDisks2/drives/Multip..... I have not been able to find that folder and I see reference to it in multiple places.
    – user919501
    Commented Jan 2, 2019 at 13:33

You must log in to answer this question.