I am working on a case that has a PGP Virtual Volume in the root of the drive. Wondering if anyone has ever experimented with copying out the whole volume, then deleting it. At this point going back to examine the unallocated space that used to be occupied the volume? Will this work, or will PGP still have a signature on the files that will not allow them to be recovered without a passphrase? Running PRTK and will be shipped next week for a DNA in DC to crack the passphrase (we hope). Any thoughts, previous failures or successes with a PGP volume would be great to hear about.
I hope you know you can go to the pgp web site and obtain a copy of the software. I think it is good for thirty days. I played with the software once but I was encrypting the whole drive and not just the files. I believe you can configure drive, disk, partition or directory and files encryption. Either way I would be calling the PGP folks. I'm not saying they are going to be anymore help but they just might.
Thanks for the suggestion, I did however already try. It recognizes that the volume exists and is mountable, however it requires the 258KB Passphrase in order to mount it. I tried the brute force but no success.