Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

WDE Recovery holding at 0%

Created: 10 Jul 2012 • Updated: 11 Jul 2012 | 3 comments
This issue has been solved. See solution.

I have an issue with the decryption of a 500GB disk, which had contained 4 partitions, 2 of them WDE encrypted.  One of the encrypted partitions was no longer needed, and one of the existing ones would be expanded to take up the space (all would end up unencrypted).  I decrypted the partition I was planning to expand via the Windows frontend.  The other encrypted partition, I foolishly just deleted.  I now found that the drive was still instrumented, and I was unable to uninstrument it via the command line as the drive still showed as encrypted.

I decided to resort to the recovery disk (again, perhaps not the best plan).  I chose to decrypt, and now it has been running for ~3 days, HD going 100%, but showing that the disk is '0% encypted' ever since it started.  I have done an proper recovery decrypt on an identical disk before, and it did work, albeit taking well over a week, but at least then it started at 100% and I could see the countdown.  Is this decryption process going to take just as long, is it going to work at all, or is there something I can do to just cut my losses?  Please keep in mind that the data on the disk is of no consequence.

Comments 3 CommentsJump to latest comment

yosifcuervo's picture

OK... so a few hours later I looked, and the laptop had a black screen with a blinking cursor.  Normally a bad thing, but in my case, very good :-).  My assumtion had always been that it was reading the drive sector-by-sector to scan for encrypted parts... 3.5 days is surely better than the 12 days it took for the identical setup where a full decrypt was required.  I've confirmed that the data is solid and in-tact (ie I opened one text file and it contained actual text).  And yes the device is uninstrumented.  Mission accomplished... I actually thought that recover decrypting an unencrypted drive would trash the existing data - I must admit I am continually impressed with the basic quality of this product.

yosifcuervo's picture

Actually I am curious... why would pgpwde not allow me to uninstrument in the first place?  Was it for my protection (not releasing the data to an unwanted party) or for the client's protection (don't lose data)?  I ask because I really just wanted the drive back, yet I felt that PGP was holding hostage to my MBR - it took 3 days of platter-busting action just to get it unlocked.  The data itself if encrypted either way, correct?, so a security issue seems unlikely... Is there a solution to this that I do not understand?

Tom Mc's picture

The concern about uninstrumenting is that if one does not understand what they are doing, and uninstrument an encrypted disk or partition, all that data is suddenly no longer recoverable, and very valuable data may have therefore been avoidably lost.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &