Hi all,
I did something REALLY REALLY dumb last night. I was trying to access a laptop drive that a customer had given me that had that hdd password enabled. They did not know the password and wanted it wiped so that they could re-use the drive in another laptop. I did some research and found a program atapwd.exe that someone had written that was supposed to reset that passwd. I ran the program against my main HD by mistake. You have to boot from a dos disk for this to run. I was tired and not paying attention. I had the laptop drive attached as a slave.

Now my system cannot see the drive. I know the drive is good. I'm assuming that this program did something to the firmware on the drive. Is it possible to reset the drives firmware back to factory?

I do have a backup but its two weeks old and I'd rather not have to retype all that invoicing.

If anyone had any ideas please post the up!!!

its an 80gig maxtor Maxtor D740X-6L

Maxtor drive firmware is only available directly through their support channels, and only in certain circumstances (e.g. the NForce issue some time back). However, this will not reset a drive's password. ATA passwords are stored on the platters and lock the drive into a severely constrained ROnly mode until the correct password is chosen. Utilities like atapwd don't reset the password, they simply disable the passwowrd, and you have to know the password for this to work. I'm rather curious what you did with atapwd... did you lock it with a blank password? Also, define "the system cannot see the drive," as this can mean all sorts of things.

I'd agree, specifics of what happens when the system is booting are needed. It may be that the drive requires a PW to be entered, but since most desktops do not support PW entry, the drive will not initialize.

A simple PCBA swap would take care of firmware issues, but since HDD PW are written to the disk, it's likely that something in the protected area of the disk has been overwritten.

Heres my stupidity step by step

I was going to use atapwd to reset the password. The site that I got it from did not mention that you needed the original password. Once i saw that I needed the password I did some research and found a list of what are supposed to be toshiba/hitachi "Master" passwords that the hdd companies use to unlock drives. I figured I'd try them. I had the laptop HDD as a slave in my pc My main disk is an 80gig drive and the laptop disk was an 80gig drive.

I booted into atapwd and selected the wrong drive. One of the options at the bottom of the command list is "prepare drive for deletion" I think is the wording. I ran that and it said ok. I figured great. I'll wipe the drive and then just re-install the OS. I then ran the delete option right under it and I got an error. (i think a password error) then when i went back to the menu I realized that I was working on the wrong drive.

I went to reboot the system and I got the error that there was no boot media.

The drive was recognized in BIOS and in the disk screen in the management console. It had a "!" over the drive. I could not do anything with it. I tried loading it as a slave. nothing.

I have some recovery software that I run that usually will get something as long as the drive is spinning and theres no physical damage. This came up with no files, no partitions and no logical drives. thats when my heart sank.

I talked to maxtor and they said that this drive did not have any bios upgrades and that as far as his tech guys knew (actually got to 2nd level support and this guy was a nerd and was very interested in what happened and was very helpful) there was no way to "reset" the drive to factory standards. I even sent him a copy of the program so that they can see what the program does. He also said that if this was a newer drive there would have been a chance at reflashing the drive.

I ended up sending the drive to Ontrak. I talked to the tech and he was interested in what happened as he had not heard of this type of thing before.. He said that he woud try swapping the electronics in the drive and see if it boots. I hoping the fact that i've become a reseller for them (i get a 15% discount is anybody everneeded it) will keep the price down.

At this point My system is back up and running (thank you acronis!) and I'm about 2-3 weeks out of date. Depending on the price, and what i find i'm missing will determine if i get the drive recovered or not.

I will keep you all posted as to what happens and what the techs say.

Maybe its just conicedence and the drive failed right then and there but it was not that old and did not give any indication of failure

Sounds like there's a bug in the drive's firmware or in atapwd. AFAIK atapwd's erase prepare should map to the ATA command Security Erase Prepare, which just tells the drive to get ready for the next command, Security Erase Unit. If you send SEP without SEU, nothing should happen. If you send SEU without SEP first, the SEU should abort. Think of the two like a confirm delete dialog box. It is with the SEU command that a password is required. Should the user password not be set, you then have to provide the master password as the drive is sitting in security mode Disabled.

Sounds like there's a bug in the drive's firmware or in atapwd. AFAIK atapwd's erase prepare should map to the ATA command Security Erase Prepare, which just tells the drive to get ready for the next command, Security Erase Unit. If you send SEP without SEU, nothing should happen. If you send SEU without SEP first, the SEU should abort. Think of the two like a confirm delete dialog box. It is with the SEU command that a password is required. Should the user password not be set, you then have to provide the master password as the drive is sitting in security mode Disabled.

that makes sense. I got an ok from the first one and an error from the second. I'm not sure why it would have affected the drive. with my luck the drive recognized enough of the string that was sent to mess it up.

but it all comes down to don't work tired and make sure you backup. :D

Hah, no kidding. I spent the week backpeddling at work trying to code something the wrong way and then Tuesday night I managed to nuke my fileserver by issuing 'rm -rf /etc /etc.old' instead of 'cp -Rp /etc /etc.old'; acting as admin after midnight, when trying to troubleshoot a friend's computer over the phone, work on another person's machine locally that had an apparent disk failure, post to this forum, and read the latest Federal reporting guidelines simultaneously is just bad.

'rm -rf /etc /etc.old' .

OUCH!

at one of my first jobs I supported about 12 remote unix sites. I had always told them not to do stuff as root, to login as thenselves. Well this one manager did not listen. They all used WordPerfect for unix. This guy used to generate weekly reports and had been doing so for years. He decided that deleteing the files through the WP interface was too slow. So (i know you can see this coming) he logged in as root and issued rm -r* He wanted to delete all of his "report-week.wp" files and figured -r* would get all of the files starting with r.

that was a very long weekend :D