GPT Drive infections?

[REDACTED]

Can a GPT drive be infected and survive a reinstall (which I might do if necessary). Tell me if you wan't any logs from scanners. Pondus and Eddy, don't piss me off in this report.

[essexboy]

On an MBR disk, the partitioning and boot data is stored in one place. If this data is overwritten or corrupted, you’re in trouble. In contrast, GPT stores multiple copies of this data across the disk, so it’s much more robust and can recover if the data is corrupted. GPT also stores cyclic redundancy check (CRC) values to check that its data is intact — if the data is corrupted, GPT can notice the problem and attempt to recover the damaged data from another location on the disk. MBR had no way of knowing if its data was corrupted — you’d only see there was a problem when the boot process failed or your drive’s partitions vanished. 

A GPT drive can not yet (as far as I have seen) been infected due to this  redundancy, malware will need to change every copy of the GUID.  If it knew where to find it 

Is it possible.. Yes but then so is little green men coming to visit next week who are introduced by a talking dinosaur.  Improbable but not impossible   

[REDACTED]

Say if my GPT was corrupted, ( most likely to be) please help for that. And where do the GPT drives hide at?

[REDACTED]

Btw my laptop doesn't boot. Doesn't work sad times!

[essexboy]

How did you corrupt the GPT as that is very hard to do

What is the operating system and is it 32 or 64 bit..  Progress now as I am aware of what the problem is

Keep everything in this thread now as I will be ignoring the rest

[REDACTED]

Ok, so for GMER, the executable name was 0sdmsqc, try downloading it and see the file name, send me a screenshot that I can see without downloading (on my iPhone) 64bit Windows 8.1 and I think my GPT don't work because of that GMER BSOD error, the error was :
ATTEMPTED_WRITE_TO_READONLY_MEMORY
Thanks, btw I think I am paranoid, don't laugh your head off as I am not joking. Might discuss that with my parents.

[Michael (alan1998)]

GMER is supposed to be randomly named. It makes it slightly more difficult to blacklist the file.

A failed attempt to write to Memory shouldn't result in corrupting your entire GPT.

[essexboy]

You will need a 4GB USB for this

Download the following three programmes to your desktop :
 
 
1.  Rufus 
 
For 64bit systems  
2. Windows 8.1 64bit RC..  I will pm the link
3. Farbar Recovery Scan Tool x64 
 
Insert the USB stick Then run Rufus
 

Select the ISO file on the desktop via the ISO icon. 
 
Press Start Burn

Then copy FRST to the same USB   
 
   
 
 
 
Insert the USB into the sick computer and start the computer.  First ensuring that the system is set to boot from USB 
Note: If you are not sure how to do that follow the instructions Here
 
Windows 8 screen shots
 
When you reboot you will  see this.   
   
Select the language on this screen and keyboard on the next   
   
   
   
Select the Trouble shoot option   
   
   
   
Select Advanced  option    
   
   
   
Select Command prompt   
   
   
   
At the command prompt type the following  :   
   


The notepad opens. Under File menu select Open. 
Select "Computer" and find your flash drive letter and close the notepad. 
In the command window type e:\frst64.exe and press Enter 
Note: Replace letter e with the drive letter of your flash drive. 
The tool will start to run. 
When the tool opens click Yes to disclaimer. 

Press Scan button. 
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[REDACTED]

essexboy, thanks for that but what is that for? And I already have a recovery drive. Can that drive now be infected if I boot from it? I know you think I'm really paranoid now. Sorry, I can't help it without my laptop, it's where I used to live ( for 4-5 hours a day and do all my homework and gaming). I'm crying now and no joke! I'm not lying. My life is dull without it;(. I really appreciate it essexboy, you are my faveourite on this forum. And please answer the question, why do I have to do that log thingy, thanks, your the best.

[REDACTED]

Can anyone post the name that their downloaded GMER had, thanks and why is it a unknown publisher? Please answer this question.

[REDACTED]

essexboy, I'll get the log up for you as soon as possible ( after doing this homework) probably by 7:00 - 8:00 pm in London time. Thanks essexboy.

[REDACTED]

Your also quick at replying essexboy that's one of the best things about you!

[REDACTED]

I can reply, but not post the log unless my parents let me access my laptop essexboy and remember to tell me what did your GMER file name come out as and why is also a unknown publisher. Don't need to reply quickly, just sit down and chillax. To my homework I go!

[REDACTED]

Is there a thing where I can give my laptop in to a technician and scan my pic fully everywhere and another question, where can viruses hide if they survive a full format of the drive and reinstallation of Windows, sorry for all the questions coming in at once, going to go offline and probably ask another question or reply in the next hour, THANKS A TON ESSEXBOY, I will keep the thing that I need to do with that log from Recovery drive, where can I download the FRST64 file thingy from? Now to my homework.

[Lisandro]

Yes, it's possible.
For instance: -http://www.pcworld.com/article/2884952/equation-cyberspies-use-unrivaled-nsastyle-techniques-to-hit-iran-russia.html

I'm not sure if tools like this -http://www.majorgeeks.com/files/details/hdd_low_level_format_tool.html will help/solve.