This content has been marked as final. Show 4 replies
With the user being overseas and you not wanting to decrypt the drive. . . it really throws a wrench into things!
The formal process says you should remove encryption along with the SafeBoot boot sector and then repair the OS.
BUT if it is a simple file corruption issue, boot from a BartPE CD containing the SafeBoot Wintech tools. After entering the access codes and authenticating in WinTech, start the A43 file management utility (file viewer) and you should be able to delete/replace the corrupted files. You can also run other corrective utilities from the BartPE command line.
A Bart PE plugin comes with the software. just add the plug, export the key pretty sure its under tools.(sorry can't be more specific sitting at home typing this)
My only suggestion, is to be careful that you not give them something to the user that is reusable. By that I mean, that they could use that same tool or process to decrypt their machine or overcome the encryption used on another computer.
I never provide the decryption tools to an end-user, because it introduces an uncontrollable risk that may spread to other users. Our users do not want to have encryption on their machines. They think that either "no one wants my data" or "I've never had my computer stolen". If their computer is lost/stolen and is not encrypted, it is my job on the line. Our users are not held accountable, because they aren't expected to know all this "technie-stuff".
Since their OS is already trashed (probably by something they did - accident or not), I would have them ship it back to a location with trusted encryption support personnel. If you have spare equipment, setup a suitable replacement for them while you extract their data.
I have a BartPE-based recovery CD I can use but I was hoping there was some way to do something along the lines of the XP Install CD's Repair option. I'll probably have the user ship the laptop back and go from there.
Thanks for the replies!