Hello Alex_CST,
I had thought the recover command is searching through the drive to locate the PGP user records, as dcats pointed out.
According to this article (http://www.symantec.com/business/support/index?page=content&id=TECH149631), in the case of a corrupt MBR (PGP MBR?), the article outlines to use the PGP fixmbr and recover commands, in that order. I'm presuming the PGP fixmbr command, as opposed to Microsoft's fixmbr, attempts to repair the PGP MBR, not the original MBR. It wouldn't make sense to restore the original MBR and then run try to recover the PGP user records.
I would think you're correct; The PGP MBR is not encrypted and storing the original MBR next to it sounds logical.
Hello dcats,
Thank you for the tip. I'll definitely take a look at DiskProbe. I would be quite curious to examine if your software is writing the original MBR in plaintext (track 0) or encrypted space. I would think next to the PGP MBR makes more sense, especially with exotic PGP system configurations like multi-boot OS or individual encrypted partitions, where one or more OSes are encrypted.
Thank you both for your help.