1 2 Previous Next 13 Replies Latest reply on Sep 29, 2011 2:09 AM by marcusbond

    Endpoint Encryption Drive Recovery

      Hi, so I guess I am looking for help in accessing the encrypted portion of a hard drive that no longer boots due to error E060003 (Unknown) when I enter my credentials. If my credentials are entered wrong it tells me as much so I know this error is not due to my password being wrong, the same occurs when I swipe my finger. The product is HP ProtectTools Drive Encryption, and I have no support team in my organisation as I am the director of a small company so effectively I am support as well as pretty much most things..  this issue relates to my HP EliteBook 8560p.


      I have hunted high and low on the internet and have found various articles pointing to Safeboot which McAfee took over. HP initially said this was a McAfee support thing but I beg to differ.


      So if anyone could help me out here I would be most grateful.. initial readings seem to indicate I need a bootable disk with the safeboot or WinTech software and my HP drive encryption key (I have my key) so what I would ideally like to know is a) is this information correct? and b) How do I create a bootable disk with the relevant tools?


      I do appreciate that in essence this isn't directly a SafeBoot / McAfee issue, but since the modification to the McAfee product that HP carried out only appears to be that it now has HP branding and offers a fingerprint swipe option I imagine that the 'real' work is carried out by the underlying McAfee technology?


      Since HP Support thus far has been, erm, yeah can't write that but not very good I'm hoping someone here may be kind enough to assist in some regard?




        • 1. Re: Endpoint Encryption Drive Recovery

          unfortunately you're not using "SafeBoot" - as you say, your using HP's product "Drive Encryption for HP ProtectTools". I'm not sure anyone here is going to be able to help you, as it's not a product we tend to discuss (Since it's a HP product, not a McAfee product).


          The confusion might be because you told HP support you were using "SafeBoot", which you're not - tell them you're using Drive Encryption for HP ProtectTools and they can probably find some info in their knowledge system.

          • 2. Re: Endpoint Encryption Drive Recovery

            Hi, and thanks for the reply.. although it is pretty much the reply I thought this thread might get unfortunately.


            You're right, it is Drive Encryption for HP ProtectTools, a customised derivative of McAfee software. I didn't ever mention SafeBoot to HP it was them that informed me my problem was McAfee related which I contested at the time. After a call to your support I was referred back to HP with instructions that if they referred it back to you guys then McAfee want to know as this apparently happens often. HP should take the product with your enterprise support behind it, I know it, you know it, HP want to save a few dollars.


            Anyway, I digress, HP are in fact useless on this (3 guys telling me to boot into safemode.. if I could do that I wouldn't have a problem since the OS and data are on the same encrypted partition, but you try telling them that!) but I know that you guys have the expertise to potentially resolve my issue although I guess it gets political as to who should help. What I am looking for ideally is someone who can and will help.. I reckon that also you probably know how to help (you seem to be the SafeBoot / McAfee encryption don on here) but perhaps your hands are somewhat tied.


            I really don't care if the data gets trashed trying something unofficial.. I have a clone of the drive that exhibits the same boot characterisitics and I'm confident is an exact relpica (created using a SATA drive duplicator) but would prefer to not sit idle when I believe there is potentially a solution. In fact I'd go as far as to say I'd happily send the drive somewhere for it to be recovered.


            Is there something I can do?A forum post I could stumble across or an accidentally misplaced copy of some bootable disk iso etc? Not that one would advocate that sort of thing..


            p.s. Are you familiar with the error code E060003? I vaguely remember coming across it on a KB article here - something about encryption failed which seems odd as it should be trying to decrypt on a boot up..

            • 3. Re: Endpoint Encryption Drive Recovery

              Well, HP should be helping you use SafeTech, but as you say, since you didnt pay for this software, and you didnt pay for any support on it, their helpdesk is a little "thin" on the topic.


              You might be able to get some help from these guys - http://www.dpms2.com/tools as they do a consumer product which is the FULL McAfee version, rather than as you say, a HP specific adaption.


              If you're using it to protect something important, it might be a good idea to get some professional assistance though, or even look into 2e2's offering. After all, you get what you pay for, and you paid nothing and are getting nothing (bad joke I know...)


              So, see if you can download and make a SafeTech boot floppy. then you need a daily access code (not sure where you can get that from, but there might be one floating around on the web or someone here might be kind enough to give you one), then you can use the .dat file in SafeTech to either remove EEPC (values from disk - VERY IMPORTANT!) or try to eBoot it (though I am unsure if the HP version supports the Windows part of the eBoot process.


              As for sending it somewhere, a few years ago I would have said "no problem, ship it over", but as anyone who has ever googled me will know, after some psyco sends you his drive in a manilla envelope and then gets pissy and starts a hate campaign when you tell him it rattled after it arrived, it kind of takes the joy out of such things...

              1 of 1 people found this helpful
              • 4. Re: Endpoint Encryption Drive Recovery

                Yeah I kind of go with the having not paid for the software you don't get well supported thing but my argument to HP (not you guys obviously) is that part of the deal when paying circa $1500 for a business notebook with software bundled that would otherwise cost if a cheaper one were purchased is that it is to be expected people will use the software and it gets factored into the purchasing decision so it must be expected that customers will require support.


                I did try the dpms tools mentioned but thanks for the link, unfortunately one of them doesn't allow the option to authenticate using a (HP) dat file key and the other crashes with a blue screen as it is loading.. maybe it doesn't like 64 bit machines or something.. I may ping them an email and ask if there is an alternative version purchasable or otherwise.. but if a kind person with the relevant tools happens upon this thread, please do mail me.


                As for the shipping over thing, that's understandable where you are coming from.. in my case however (aside from the not being a psycho thing I think) there is a reliable clone and I could ship the original well wrapped etc. on a my risk basis (the evidence of that agreement is here for all to see ), there would no doubt be a 'drink' available for you.. Mail me if you're interested but I don't blame you for wanting to pursue more enlightening things outside of work!




                • 5. Re: Endpoint Encryption Drive Recovery

                  I know the safetech tool from 5.2.9 allows auth from your HP file - you just need to get an access code for it. Just press cancel when it asks you for the 4 digit code to activate and you'll find all the options (though they will be blocked).

                  1 of 1 people found this helpful
                  • 6. Re: Endpoint Encryption Drive Recovery

                    When running the dprms2/tools downloaded version (checked in the about option under Help) the only menu options under the SafeBoot menu are to Authenticate from SBFS or to Authenticate from Database.. there is no HP specific option..


                    Is there a reason for this?

                    • 7. Re: Endpoint Encryption Drive Recovery

                      Actually, ignore that last post I think.


                      The pure SafeTech program does not give the HP option, however the WinTech / BartPE program does when I launch SafeTech from within that. Unfortunately I cannot run that on my new machine as I get a Windows blue screen a few seconds into the boot up process.


                      Running it on an older laptop this disk boots fine - the older machine is a geriatric Vaio 1.7G Pentium M single core, 32 bit with 1M ram, the newer (and unbootable via winTech) is a 2.7G i7 quad core 64bit with 8M ram.


                      Do you think it is possible as I suspect that the version of Windows XP being booted by the CD is a 32 bit version and this is where it falls over? Or is it possible that it is the amount of RAM? Unfortunately, due to the old machine being er old, it will not support a sata HDD so I cannot even simply place the encrypted drive into the old machine. Whether or not it will accept the drive via a USB enclosure I'm not sure.. that's my next step to try.


                      If that WinTech download would boot on the newer machine I think it would do the trick.. just needs to be able to support 64bit.

                      • 8. Re: Endpoint Encryption Drive Recovery

                        I think there are two problems.


                        1. The SafeTech version is not 5.2.9 - it's an earlier one.

                        2. The reason your machine BSOD with WinTech is because you don't have the right SATA drivers in the image. Switch the drive mode into ATA mode in the BIOS and it should work fine. It does not matter about 32/64bit, as you're booting the OS on the CD, not on the drive, and all the processors are backwards compatible with each other.


                        so, switch the BIOS over and your WinPE cd should boot fine.

                        1 of 1 people found this helpful
                        • 9. Re: Endpoint Encryption Drive Recovery

                          Hi, Just wanted to update this post as I had to park the decryption and get on with some work.


                          Thanks for all the advice, it seems however that the dat file I have with the key is in fact invalid. I have also since received two tools from HP, one called disktech which allows you to navigate the drive and copy the files off somewhere but will not decrypt it and the other I believe is SAfe Boot. Unfortunately, the disk tech program beleives my dat file encryption key to be invalid so having gotten this far it seems that my data is toast. Not quite sure how this happened but I have a sneaky feeling that the original encryption did not complete, the computer hibernated and then it started over again on the next reboot (I remember the progress going back to zero).. perhaps it used a new key and didn't prompt me for it as I had already taken the original.


                          One more thing I will try is the Safe Boot provided to decrypt the drive but I suspect this will be futile. Very annoying as obviously I've been careful to keep the key but the key being the wrong one is not something I could have predicted.


                          Anyway, thanks again for your input I wouldn't have gotten so far without it,


                          1 2 Previous Next