you could just decrpyt the partition with EETech (the WinPE version is much faster than the standalone), or you could emergency boot the machine with EETech standalone as long as the disk information can be found on the drive.
In the EETECH menu I can force decrypt. I tried that and then connected the disk as a slave to another PC but couldn't read it. Should I only decrypt the partition where the data is located or all partitions? After decrypt is just connecting the disk to another as a slave and read or we have to something else?
You need to decrypt whatever was encrypted - which will be one (or more) partitions.
You can't just decrypt the entire disk - the MBR etc won't be encrypted and that contains the partition tables etc.
1 of 1 people found this helpful
So I Decrypted the partition that was encrypted. To understand what partition was encrypted I used the workspace and took a look at it. After decrypting the right partition, I plugged in the hard drive into a new PC but I couldn't see any files.
So after that, what we did was:
1. In the BIOS the SATA Operation was Raid (in the new PC with the master HDD)
2. We changed the SATA Operation to AHCI as it was with the old PC that failed in the encryption
3. We had to format the master HDD of the new PC
4. Connected the corrupted HDD as a slave in the new PC and it worked!!! we recovered the files normally
Is it possible that the AHCI mode in the Failed PC was the cause of the incident?
No, it's very unlikely indeed.
Why did you have to format the hard disk of the new machine after changing the bios to AHCI? Was it blue screening? If so, you just needed to install the right drivers for the hardware you have THEN change the mode over.
It was blue screening and this was the only way we knew. Thanks for your help!
We are trying to find out what went wrong with this PC to prevent it from happening in others. What can we do to understand what went wrong? Is there a log we can review?
You never really told us what the original problem was, other than "One user had a problem..."
You are right! For the moment that was the only important thing, to recover data. We made a phased deployment:
1. Install the EEAGENT and the EEPC (Wait 2 days)
2. Encrypt the drive with no preboot (wait 2 days) and load domain users
3. Enable preboot.
When we enabled preboot in this particular PC and restarted the machine was hung up in a black screen. Couldn't boot at all. After waiting we changed the SATA Operation to ATA instead of AHCI and the McAfee preboot loaded but the Windows Operating system didn't. It was a Dell Optiplex 790. The only different thing we have noticed between this PC and others with same characteristics is the AHCI and a USB token called SafeNet Sentinel (It's sort of a physical license key to work with a smart card printer). How can we be sure what was it?
My gut feeling would be to look at the BIOS version - there were a few problems with Dell AHCI support a while ago which resulted in BIOS fixes.