Cleared a rootkit which disabled XP, reinstalled XP, now HD inaccessible

[lensmeister]

I'm running WinXP SP2 on an aging, but reliable VAR-built desktop with P3 & 2 Gb Ram on an ASUS MB. The boot HD is an 80Gb Maxtor. The 2nd HD (slave) is a 100Gb Maxtor DiamondMax ATA that has about 30Gb of my images on it -- mostly irreplaceable now.  The system has been running along without a problem for more than a couple of years (except I replaced the Power supply in '07 with no problems).  I recently found and eliminated a couple of root kits with MalwareBytes, which in turn unfortunately disabled XP as well .  After reinstalling XP, the slave HD is now inaccessible.  It shows up in BIOS (startup). It's listed in MyComputer as a "Local Disk", but without any details about it. It shows up in Device Manager/DiskDrives and in Properties as 'working properly' and is 'enabled' (still).
THE QUESTIONs:
~ How do I get XP to recognize this HD so I can access and use it again? 
~ Also, if I use the Maxtor install software disk to fix this will it delete all the data on the drive during re-setup?

[dahlarbear]

Tell us how Disk Management reports the "slave" hard drive.  To access:
     o  select "Start"
     o  right-click "My Computer"
     o  select "Manage"
     o  within "Storage" category on left pane of "Computer Management" window, select "Disk Management".

Look for information in both the top right-hand pane and the bottom right-hand panes of Computer Management window.

[patio]

Also, if I use the Maxtor install software disk to fix this will it delete all the data on the drive during re-setup?

Yes...this will wipe the data.

Have you already tried hooking it up as a slave drive to retrieve your data ? ?

[lensmeister]

First, thanks VERY much to one and all for taking the time to help me with this.  ~BB
- - - - - - - -

The HD in question IS currently connected as a slave drive [disk 1] (no change from pre-rootkits).

Dahlarbear:  Here's what Disk Management says:
Both Disk 0 and Disk 1 are 'healthy' -- disk 0 is 'system', disk 1 is 'acitve'.
- - - - - - - -
Disk Management lists the following in the upper right pane for disk 1:
Volume:  F:
Layout:  Partition
Type:  Basic
File System:                [ this item is blank ]
Status:  Healthy (active)
Capacity:  93.15 Gb
Free Space:  93.15 Gb       [ ok, this worries me !! ]
% Free:  100%                  [ ditto ]
Fault Tolerance:  No
Overhead:  0%
- - - - - - - -
In the lower right pane is much the same info, plus "online" in the title block at left (for both disk 0 and disk 1).
- - - - - - - -

[patio]

Yes...this will wipe the data.

Have you already tried hooking it up as a slave drive to retrieve your data ? ?

[dahlarbear]

1.  Save Data.  Best practice when attempting to save data is:
     a.  Slave the drive (connect) to known working computer.
     b.  Ensure computer's system BIOS handles disk of that capacity correctly.
     c.  Do not write to drive containing data.
     d.  Backup the data to another device.
     e.  If necessary, use professional recovery service or recovery software to access and backup data.

I suppose you could try slaving the drive to a different computer, but in this case I don't think it will make any difference as you appear to have working operating system on functional hardware.

2.  Disk Management.  I believe the hard drive containing your data is being reported as:
     o  Basic disk which is "online"
     o  Entire disk capacity allocated to single "active" primary partition
     o  Partition without a file system (no format - raw?)

Which file system did/does the partition have (FAT32, NTFS, other)?

3.  Data Recovery.  You're looking at a recovery operation.  You need to decide what the data is worth to you (or how much risk you're willing to accept).  This would determine whether you seek professional data recovery or attempt to do it yourself.

4.  Best Guess/Recommendation.  My best guess at this point is the partition boot record (not the Master Boot Record) on the second hard drive is corrupt.  This record is/was written when you format the partition and tells the operating system which file system to use for access.

I would use a disk editor (in read-only mode) to view both the physical disk sectors and logical partition to gather more intel on the state of the disk and its data.  See Hex Editor.

You could download, burn the bootable CD, and run the free disk diagnostic software most hard drive manufacturer's provide to test the disk, but I don't think that's the problem here.

There is free reputable recovery software available, but I have limited experience with it (only been able to practice on working systems and disks).

Let us know what you want to do.

5.  Recovery Software.
     a.  http://en.wikipedia.org/wiki/TestDisk and/or http://www.cgsecurity.org/wiki/TestDisk
     b.  http://en.wikipedia.org/wiki/PhotoRec and/or http://www.cgsecurity.org/wiki/PhotoRec
     c.  http://www.piriform.com/recuva
     d.  Windows XP Recovery Console (might be able to rewrite partition boot record of primary partition on second hard drive).