Master boot record

Abstract: A system and method for performing disk drive diagnostics and restoration using a host-inaccessible partition are disclosed. The system includes a disk drive including: a host-accessible user partition; a host-inaccessible hidden partition independent of the host-accessible user partition; and a disk controller. The user partition includes: a user partition address range; a host-selected operating system; and a host-selected master boot record. The host-inaccessible hidden partition includes: a hidden partition address range outside the user partition address range; diagnostic software for determining a condition of the computer system; and a drive-selected master boot record for waiting for a user input; if the user input is received within a predetermined time period: loading and executing the diagnostic software; and if the user input is not received within the predetermined time period: loading the host-selected master boot record; and loading and executing the host-selected operating system identified by the host-selected master boot record.

Abstract: A predetermined number of erasable blocks positioned at a start of a volume area in a semiconductor memory card are provided so as to include volume management information. A user area following the volume management information includes a plurality of clusters. A data length NOM of an area from a master boot record & partition table sector to a partition boot sector is determined so that the plurality of clusters in the user area are not arranged so as to straddle erasable block boundaries. Since cluster boundaries and erasable block boundaries in the user area are aligned, there is no need to perform wasteful processing in which two erasable blocks are erased to rewrite one cluster.

Abstract: The invention may be embodied in a method and a related computer system. The computer system includes a host computer with a native drive-access routine having a limited address range, and a disk drive with a protected area that is inaccessible to a user's preferred operating system. The protected area also lies beyond the limited address range. The method includes receiving and detecting a command in the disk drive for reading a master boot record to initiate a bootload of the operating system. In response to detecting the command, the method includes transferring a drive-selected master boot record that, when executed in the computer system, initiates a process that enables address spoofing, loads an extended-address drive-access routine from the protected area using spoofed addresses within the limited address range, and executes the extended-address drive-access routine to replace the native drive-access routine for providing access to the protected area.

Abstract: A method, an apparatus and a virtual machine for detecting a malicious program(s) are disclosed. The method comprises: setting a virtual memory (301); reading a Master Boot Record (MBR) and storing the MBR in the virtual memory (302); and executing each instruction of the MBR in the virtual memory simulatedly, and detecting whether the virtual memory is modified after executing each instruction (303); if so, a malicious program is found, otherwise, continuing to execute the next instruction simulatedly until completing simulation execution of all instructions of the MBR. The technical solution can find the deformed malicious program(s).