Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Need process for slaving a drive with PGP WDE

Created: 21 Dec 2012 • Updated: 26 Dec 2012 | 2 comments

Hi,

I've searched the forums and the web, but I seem to be unable to find a solution to my problem.  My company has a need to scan PGP Encrypted drives for viruses on a regular basis.  I am able to mount the drive as a slave, enter in a PGP passphrase to access the drive and scan the drive.  When I disconnect the drive (Safely Remove Hardware) and put the drive back in the original machine; I get the message "Inaccessible Boot Device" after I enter the user credentials at the PGP boot screen.  I think something with what I am doing is changing the MBR.

The process I use to scan the drives is:

  1. Ensure PGP Desktop is running on the scanning machine.
  2. Remove the drive from the originating machine and insert into a USB StarTech cradle.
  3. Power on the cradle.
  4. Enter in the passphrase to access the drive (I can see it in PGP Desktop).
  5. Most often, Windows does not see it in File Explorer.  I use Disk Mangement (sometimes DISKPART) to make the slave drive "Online".
  6. I can access the files, run my virus scans.
  7. To disconnect the drive, I use Safely Remove Hardware and eject the drive.
  8. Power off the USB StarTech cradle.
  9. Unplug the drive and insert back into the originating machine.
  10. Power on and enter user credentials into the PGP boot screen.
  11. I then get an error "Inaccessible Boot Device".

My environment is as follows:

  • Both the originating and scanning system are running Windows 7 Enterprise SP1 (64-bit) and PGP Desktop 10.2.1 MP5.
  • The originating machine is fully encrypted, while the scanning machine is not.
  • On the scanning machine, PGP Desktop is installed and running with a standalone policy.
  • We are using SSD drives.

Is the process of enabling the drive Online changing the MBR?
Is there another process to scan a drive for viruses while as a slave, then use the drive back in the original machine without decrypting?

Thanks!

Chris

Comments 2 CommentsJump to latest comment

PGP_Ben's picture

in my experience anytime you bring the drive "online" with disk management. It modifies the paritions on the disk drive somehow.  I am not sure why you would be having to do that process though to be able to see it. Are you using the same version of PGP Desktop to access the drive as what was used to encrypt it?  THat process you are going through sounds like a pretty normal process of slaving an PGP Whole Disk encrypted disk to me.

You could always try decrypting it first and see if that helps. But that adds a lot of extra time and what could seem to be uncessary step to the whole process.  What virus scan utility are you using to acess the drive?

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Mehmood's picture

If the scan is on regular basis why don't you just carry out the virus scans on the originating machine itself?