File Share Encryption

Hello,

I recently had a PGP encrypted hard drive that would no longer boot.  I ran a windows utility that fixed bad sectors (it says it found 800 bad sectors and fixed them), and I think that process made things much worse.  After that, the disk wouldn't even be found by the computer.  I have since installed a hard drive utility (HDD Sentinel) that was able to find the disk but tells me that it isn't "initialized".  If I initialize the disk, I'm afraid I'll lose everything (though i'm guessing it's probably already too late).  Is there any way to decrypt a whole disk that is not even being recognized as initialized?  Obviously it's currently not even showing up with a drive letter in Symantec Encryption Desktop.

If the machine would not boot, I am assuming you ran a Boot CD to attempt to fix your hard disk?

Unfortunately, a third party hard disk utility should not be run on an encrypted disk, since it will be unaware of the filesystem and may make inappropriate changes. 

It is possible that your data is lost already. However, I would not initialize your disk just yet, as that will reduce your chances of recovering the data even further.

Our recommended steps always begin with backing up the disk prior to making any changes. So, if this disk may contain important data, back it up with a sector by sector or bit for bit backup utility. Then work from the new backup copy to attempt recovery procedures.

Our recovery procedures are available at the following location : 

Drive Encryption Diagnosis and Recovery - Symantec Drive Encryption & PGP Whole Disk Encryption - http://www.symantec.com/docs/TECH149679

Ideally, you will have a second computer where you can install Symantec Encryption Desktop, then slave the disk. After SED is installed and the disk is slaved, you can run the commands as described in section 2 of the recovery article to attempt decryption or to access the filesystem.

Feel free to let me know if you need clarification of anything. I'll be happy to help. Also, if this resolves the issue / answers your question, please mark this post as the solution.

Best Regards,

Phil

Thank you for the detailed instructions.  Unfortunately I think there will be nothing to recover.  I followed several of the procedures in the link you provided.  

1.  I connected the problem hard drive to an SATA/IDE to USB adaptor to connect it to another computer I had that has PGP Desktop installed.  When I tried to enumerate the hard drives using pgpwde on the command line, the problem hard drive does not even show up.  As a control test, I connected a third, working external hard drive to the adaptor, and the pgpwde --enum command recognized that hard drive and listed it.  So the problem is definitely with the problem hard drive.

2.  I created a recovery disk image using bootg.iso, and booted with it on the computer with the problem hard drive. The recovery program comes up and when I choose the problem disk in the "Enter a choice" field, it says "No record found. Press any key to reboot."

At this point is there nothing else I can do.  Should I assume it is unrecoverable?  I realize that initializing the hard drive will make things even worse as you said, but at this point should I try that since I have nothing to lose?

Thank you again for your help!

If this disk won't enumerate, it is most likely hardware failure..

The final option for recovering a hard disk in the event of hardware failure would be to contact a third party for data recovery. If the data is extremely important, it can be worthwhile but costly. Make sure the third party understands the type of encryption that is on the disk if you are going to go this route. Some recovery companies do have good success rates with PGP encrypted drives, and typically you will have to pass over a passphrase or WDRT to them so they can decrypt the data.

Best Regards,

Phil