File Share Encryption

I have an encrypted Dell XPS laptop with an SSD that will not boot into the OS. I've tried decrypting it using a PGP recovery disc (tried 2 different discs, 1 that we have been using for other machines successfully and 1 just burned last week from the Symantec website) and a PGPWDE command line USB drive.

I can boot to the USB drive to run the decryption command but it does not actually progress in the decryption. After running command "pgpwde --decrypt --disk 0 --passphrase ___________" it tells me the request to decrypt was successful. However when checking the status, it consistently will then say "Disk 0 not found" until after the laptop is rebooted. I've checked the status before attempting to decrypt and confirmed the disk is still fully encrypted.

With the CD recovery disks, it gives an error that "disk data are corrupted."

The OS boots to a black screen with a mouse cursor in every mode available (Normal, Safe, LKGC, low res, etc) so decrypting within the OS is not an option. We cannot remove the drive and try to sled it to another machine.

Are there any other options that I can run via the USB command line tool to try to decrypt this? That seems to be the only boot method with any potential that I can use for this machine. The version of PGP that is installed is 10.1.2. The OS is Windows 7 Professional x64.

Hi, sketch484

Can you post some additional infromation from the PGP Boot ISO command line like:

pgpwde --list-users
pgpwde --enum
pgpwde --status
pgpwde --info

Also if there is by any chance a possiblity to slave the drive to another machine I would strongly recommend it.
You could try to authetnicate to the disk and backup important data as I understand you don't have a backup as well.

Also you have stated that "Disk 0 not found" while trying to decrypt the disk from PGP Boot ISO command. Maybe you have got more than 1 disk so the disk which you are trying to decrypt should be disk 1. What output you will get if you run

"pgpwde --decrypt --disk 1 --passphrase ___________"

If the disk is giving you "disk data are corrupted." you might have a problem to successfully decrypt the drive anyway hence Slaving the drive and trying to backup some data should be the first step.

HTH

Hi, thanks for the response. Unfortunately I can't slave the drive in this case because the laptop has a solid state drive and is still under warranty, so we are not allowed to remove it. We also don't have any sleds for SSDs here.

Disk 0 is the internal HD, disk 1 is the USB drive I am booting into to use command prompt for pgpwde commands.

pwpwde --list-users shows the localadmin account and one user account

pgpwde --enum shows Total number of install fixed/removable storage device: 2 Disk 0 and Disk 1 (again, my thumb drive is disk 1)

pgpwde --status shows Disk 0 is instrumented by bootguard. Whole disk encrypted. Total sectors 250067789, high watermark 250067727.

pgpwde --info shows Total number of sectors on disk: 250067790. PGPwde is running in restricted environment. Some features are disabled.

Thank you!

Hi sketch484,

Can you have a look into the following KB:

Diagnosing PGP Whole Disk Encryption Boot Failures on new Intel Sandy Bridge Laptops
http://www.symantec.com/docs/TECH160346

You have provided the version of PGP which is 10.1.2 and your laptop is with Ivy Bridge processor.

Encrypting the laptop with the old version of PGP 10.1.2 (currently SED 10.3.2 MP2) could case this problem as this old version is not supporting Ivy Bridge processor/Sandy Bridge techonology.

Support for this technology started in PGP 10.2.

Please be familiar with the below forum threads:

https://www-secure.symantec.com/connect/forums/pgp-login-not-displayed-when-laptop-starts
https://www-secure.symantec.com/connect/forums/pgp-encrypted-drive-doesnt-recognize-password

and also:

https://www-secure.symantec.com/connect/forums/pgp-wde-boot-screen-bypassed-stage-2-initializing-loader-error-cannot-authenticate-bootguard-

HTH