I am a data recovery specialist who is a contractor for our client. I've been working with McAfee Safeboot 5.2 and EEPC 6.2 for some years now. We've recently migrated to 7.1, and are gradually pushing all machines on old versions to 7.1 (which means there are currently three encryption agents from the same product line active in the environment, which can make supporting my client much more difficult). Many of these forced migrations fail, corrupting the pre-boot file system written by the product (displays the 92H error as a result). We've determined that the product listed in the error message (i.e. "Safeboot has been Corrupted") doesn't actually tell us anything useful; just that Safeboot has been on a given drive at some point (As per the Safeboot v5 and EEPC v6 Administrator guides, Safeboot system files aren't deleted when the machine migrates to a new product).
I have a specific case currently that I see pop up from time to time; I am working with an old image on a machine; however, the product and version information I have available in ePO is only related to the current image, which is deployed and in contact with ePO via the encryption agent at this time. I have the .XML file that is related to the corrupt encryption on the drive in my hands, but as far as I can tell, I have no means of verifying which version of EEPC is actually on this drive. Are there any indicators in the .XML file that I can use to identify which version of the product the encryption is related to? Alternatively, is there any way that I can verify within ePO which version an old .XML file is related to?
Also, no worries about destroying the data by tinkering with the encryption; I've been doing this long enough that I take every necessary precaution to safeguard the source media. It just isn't cost effective for the client for me to spend a few weeks forcibly decrypting three plus raw copies of a given source before we even know if data is recoverable, so any means you guys may know to zero in on a suspect would be really helpful.
Thank you very much,