Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

PGP Encrypted Disk Unable to Boot

Created: 14 Mar 2013 | 8 comments

Hi,

I have a Notebook (HP ProBook 6460p) in the company that is PGP WDE'd which refuse to even go into BootGuard proper. When attempting to boot, it shows that is is trying to load BootGuard, but a second later it shows a black screen (not the usual grey bootguard screen) with the following error: "Some required files are missing or corrupted. You may be able to continue through the Advanced menu or recovery tool. Press any key to return...".

The problem at this point is that the screen freezes here, no response of any kind was exhibited when I 'Press any key to return'. Just hangs there...

So I tried to slave it to another WDE'd notebook. The bootguard could not detect any other drive other than Disk 0 (the 'master' disk).

Regardless, I booted into Win 7 and managed to get the OS to detect the slave drive. As expected, the slave drive shows up, but asks to be reformatted (did not reformat).

Then I tried the PGP command line --enum, Disk 0 enumed fine, Disk 1 only showed 2 drives online (those were the HP tools and recovery partitions) instead of the expected 4 drives.

PGP did not seem to recognize that Disk 1 was WDE'd...

So now, I am trying to get this disk decrypted so my client can get back her data. But I am at a loss of how to carry on at this point.

Please advise, anyone?

Operating Systems:

Comments 8 CommentsJump to latest comment

Tom Mc's picture

I would try the WDE Recovery CD

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

LionelW's picture

Hello Tom,

Thank you for your response.

I forgot to add in the original post that I did use the Recovery CD (10.2, same as the WDE version). 

I first tried it on the notebook itself, it booted into the grey Bootguard screen, pressed a key to acknowledge the Recovery CD. Then it gave me the same error message: "Some required files are...". Pressed a key to continue but it would not respond. Same behavoiur as 'normal' booting, except the Bootguard screen.

Then I tried it as a slave drive. I went into Advanced on the master notebook, it would only show Disk 0, the other disk would not be recognized as encrypted...

I am now wondering if it is a HW issue.

PGP_Ben's picture

What type of boot setup in the BIOS is configured? UEFI or Legacy mode? We only support legacy mode with Drive Encryption today.  If it's GPT partition support that will be available when we come out with our Windows compatible release later this year.

What does diskpart show you also? Are you able to see both drives using diskpart?

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

LionelW's picture

Hi Ben,

Thank you for your response.

It is on Legacy mode. The HDD is currently with another engineer now though, I'll ask him to try diskpart.

Dan Z's picture

Was this issue ever resolved? I'm having the same issue on a Dell Precision T7600 with Win 7. Recovery disk asks me to press the "any key" at which point I am presented with the same "you may be able to continue through the advanced menu or recovery tool" message. Is the boot disk not the recovery tool?

This is fairly typical of my experience with this product. I have bricked my computer so many times its not even amusing any more. I can see the new version is no better.

Dan Z's picture

I was able to get my computer to boot by downloading the free Partion Wizard tool and restoring my partition table. It appears that the WDE replaced my master boot record, but didn't actually encrypt the drive. Why the recovery disk doesn't take this scenario into account, I don't know.

Alex_CST's picture

As soon as you start encrypting, the first thing it does is it encrypts your MBR and replaces it with its own GRUB bootloader (the bootguard authentication)

You obviously dont want to bypass the encryption by simply putting in a recovery disk - that would render the product completely useless.  You need to authenticate and decrypt the disk in order to access the windows MBR in order to restore it.  Making it any easier than that would mean that all an intruder would need to get access to the MBR and therefore the whole system would be to carry a PGP restore disk with them.

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

PGP_Ben's picture

This sounds like several issues that we already addressed in PGP Whole Disk Encryption 10.2.1 Mp5 and subsequently Symantec Drive Encryption 10.3.0 or later related to hybrid sleep mode.

Please see here for a list of known issues fixed in 10.2.1:

http://www.symantec.com/docs/TECH195813

This issue looks specific to the problem maybe?

Resolved an issue so that users no longer see an error message at PGP BootGuard when Microsoft Windows 7 computers with PGP Whole Disk Encryption installed are recovered from sleep or standby. Before encrypting or decrypting, select Power Failure Safety from Encryption Options. [2949616]

 

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.