BleepingComputer.com: Secondary Hard Drive Deleted Partition..?

Hello,
I've recently reformatted one of my computers, installed a fresh copy of Windows XP Pro, and left the secondary drive full of data. Initially, there seemed to be no problems, the system was working well. Until I decided to install Avira AntiVir Personal Free Antivirus. A scan revealed that there was an infection in the master boot sector of HD1, and Boot sector D:\. As far as I know, my D drive was set up as HD1, so I'm not sure why the messages were shown twice, but in case it helps, here are the event log messages in order.

Quote

Quote

Quote

It was either after the 2nd set or 3rd set that I noticed my D drive was no longer present in My Computer. I have since determined that it is recognized, but described as unallocated in disk management.

I've heard of people recovering partitions and lost hard drives, and was hoping for some guidance before I go screwing around on my own. I'm open to paying for software or professional services to have it done, but only as a last resort. Any help would be greatly appreciated. Let me know what other info I can provide or if I should be posting this in a different forum. Thanks in advance.

Greetings nitro1,
From your description, the D:\ is no longer shown in "My Computer" because Avira has denied access to it. Your assumption that it is still recognized as unallocated in the disk management console is accurate but I would expand a bit on that point. I believe the volume still contains data but may appear in disk management as unallocated space due to the fact that Avira is currently holding it prisoner. The system still sees the partition but not the data (sort of). And that is the best way I can think of to describe this to you in simple terms.

The Boo/Whistler virus (an avira term) is a member of the family of tdss rootkit infections. Your best move at this point would be to create a thread in the malware removal forum. Include the link there to this thread so we won't lose track of these few pieces of info. Good Luck!

Thanks 1972vet. I have posted a topic here.

I have also used partition wizard to recover my D drive, but am still seeking advice in my new topic on how to disinfect. I think this topic can probably be closed.