Endpoint Encryption

 View Only
  • 1.  To get my Laptop to Boot again

    Posted Mar 21, 2021 07:28 PM

    The company I work at gave me a laptop over a year ago with Symantec encryption for the system drive.  Windows 10. 

    It was fine yesterday.  I closed everything and shut it down.  Nothing out of the ordinary. 

    Today it doesn't boot.  It stops at a blue screen with large buttons. 



    I plugged in two monitors and a keyboard immediately after powering it on.  Did that screw up the MBR?  I don't even know which Symantec product it is.  Internal support want me to just swap it out but I want all my files.  I have 2 month or more of important files on it since the last backup.  The backup machine lost its power supply 2 months ago.  

    I guess first question, does it matter which Symantec product it is?  

    I was going to download the ISO from here

    Drive Encryption Diagnosis and Recovery - Symantec Drive Encryption & PGP Whole Disk Encryption

    Broadcom remove preview
    Drive Encryption Diagnosis and Recovery - Symantec Drive Encryption & PGP Whole Disk Encryption
    Resolution Section 1 describes some symptoms that users with encrypted disk problems may encounter. Section 2 provides procedures for using the PGPWDE command line interface. Section 3 details use of the Recovery Disk. Note: If a system hard disk has been "fully" decrypted, and will not boot, make sure to slave the disk and backup all your data, or use bit-by-bit copy of the disk.
    View this on Broadcom >



    and boot to it and decrypt the drive.  Or what do you suggest?  Do I need to figure out what product it is first?

    Thank you for your assistance. 



  • 2.  RE: To get my Laptop to Boot again

    Broadcom Employee
    Posted Mar 22, 2021 09:37 AM
    From that screenshot it's hard to tell what software you would be running since it's just a standard Windows "I can't boot" screen.  If you choose "Continue" I assume it doesn't boot?  If you have a way of finding out what software it is running it would be easier to advise on a course of action.  If this computer was from your company they would probably have the method for recovering the disks.  If the software is PGP (Symantec Encryption Desktop [SED]) your link would be the correct place to get the recovery disk.  

    If the software is Symantec Endpoint Encryption (SEE) it will be a little harder to recover as Symantec doesn't publish an ISO for recovery, it's built from the installed SEE files.  The recovery disk for SEE is a Windows PE environment, directions on creating the disk are located here: https://knowledge.broadcom.com/external/article/161041/windows-pe-recovery-tools-for-endpoint-e.html.  

    If you can't determine what software the computer is running I would suggest getting the ISO from step 3 in your link, then performing the first 2 commands from the recovery environment (the --status and --list-user commands).  Neither of these commands write to the disk so it shouldn't break anything.  If the commands return without error then the disk is encrypted with SED and you could attempt the --decrypt command.  If it errors out it's probably encrypted with SEE and you would need to source a SEE recovery disk.  

    I would recommend imaging the disk before performing any operations so you have a backup you can rely on.

    Josh