last week I noticed some problems with disk encryption. I've some new disks for test:
Seagate 500GB AF (AHCI mode)
I've installed Windows XP SP3 on the client machine and encrypted disk with EEP 5.1.8. During the tests I noticed that I can't decrypt the disk using WinTech. I autorise from SBS and run Crypt state / next time I used Force crypt. The process end with infromation that operation finish succesfully. But when I try run the OS, I got the information: "SafeBoot has been corrupted (error 92h)".
When I reinstall the system and choose Remove from SB server, disk decrypt succesfully and I can't use.... Can anybody help me?
If you're using SafeBoot then you must be using the Enterprise installation not the Consumer one, is that correct? If so this properly belongs in a different section.
It must be Enterprise, I've just seen a very similar post in
McAfee Communities / Business / Data Protection / Encryption: EEM Managed / Discussions.
I've moved this question there from Consumer Home and Home office.
What options did you use in WinTech - can you remember exactly what you did? The steps you outline were never going to work on any drive unfortunately.
First, why are you using Force Crypt? That's an option you should NEVER be using if the disk information is good.
Second, decrypting the drive does not remove the pre-boot code, it just decrypts the drive - if you did a forced decrypt over the whole range of sectors, you would have mistakenly decrypted the pre-boot environment code (which was not encrypted in the first place), thus your 92H error on the next boot.
So, you could use force decrypt, then flush the mbr (restore original MBR), but it would be MUCH safer to use the basic "REMOVE" option, or at least the safe crypt options which update the disk information as they go.
Force is neither recoverable in the event of an error/power outage, or safe, AND it will destroy the disk information, so only use it if you need to.Message was edited by: SafeBoot on 2/6/12 8:11:46 AM EST
Ok, thx for your answer.
Steps that I've done:
1. Export machine configuration file (test.sdb)
2. Copy the file to the pendrive
3. Run WinTech on the test machine (Windows XP SP3)
4. I've entered Authorisation Code and after that Authenticated from test.sdb file
5. Next I've chosen Get disk information to get Partition Start Sector and Partition Sector Count
6. I used Force Crypt -> Decrypt option....
I know that using Force Crypt option is not safe but I must try this option. Last year I had 5-6 client machine with disk error and Force Crypt was the only option that I can remove SB. The next step was data recovery.
So if I understand correctly:
if I'll have a disk error on Advanced Format in the future, I'll be able to use Force Crypt if the disk information will be corrupted?
Before I do anything with client disk I allways used to make an image of the disk. So it's ok for me- I use a copy
It's corrupted because you used force crypt, not because it's advanced format.
if the disk information works, there's NO reason to use force crypt ever. It's only use is if the disk information is not valid.
So, flush the MBR back, as long as you did everything correct the machine will boot fine - the error you have at the moment is because you decrypted the drive, but still have an encryption MBR there.
And again, just to be clear - never use force crypt if the disk information is good.