Ask questions. Help others.
The HP Community is here for you.
Post new question
Note on archived topics.
This topic has been archived. Information and links in this thread may no longer be available or relevant.
If you have a question create a new topic by clicking here, or click on "Post new question" above and select the appropriate board.
Posts: 14
Member Since: ‎12-12-2013
Message 1 of 22 (5,491 Views)
Accepted Solution

Another one bites the dust using HP ProtectTools

Hi There !


Seached the forums and realized now that my problem is not unique.

Our company policy was, until now, to have use HP-PT and have our HDD's encrypted.

For 2 years it started up fine and gave me no issue until my windows did not start as expected.

(The reason for windows not starting is a mix of me shifting from domain to local coupled with windows bug regarding some services)


In short: All passwords works and Windows 7 64 starts but kicks me out some way into the log in sequence.


Since I cannot start windows on teh encrypted HDD I cannot decrypt the drive  ....

Since the drive is encrypted it cannot be read from outside

Since the HP PtotectTools , started from an external win 7 HDD neither can see that the drive is encrypted 


Since all of this I am totally stuck.

It reall sucks that although we have all passwords accessable , saved them on USB sticks and  have them in mind, cannot reach the data.


I just read about some safeBoot tool that is not HP supported that might work and I will read more about this during some short days of holiday now between christmas and 2014-01-01


Still I there no HP tool that can decrypt the drive when we have all keys necessary??



0 Kudos
Accepted Solution

Re: Another one bites the dust using HP ProtectTools

MY Colleague found the help while using google search


Steps to Retrieve Data Encrypted with 2011 Drive Encryption for ProtectTools (vers. 6.x)


If the computer system does not boot, and displays a message similar to “McAfee Endpoint Encryption. Fatal Error: [0xEE020002]” or “pePC has been corrupted – ERROR 92h” on a hard drive encrypted with 2011 Drive Encryption for ProtectTools, there is a tool can be used to attempt to retrieve data from the hard drive.


Legal Notice:

DiskTech 2011 tool is provided “As Is” by Hewlett Packard Company and McAfee, Inc. Neither Hewlett Packard nor McAfee provide any warranties either explicit or implied that any encrypted files can be retrieved using DiskTech 2011 or any other tool.


Prior to encrypting any data, the user is advised to utilize backup utilities and perform frequent backups of their data to secure media.



You must have access to the backup encryption key (.dat file typically saved to a USB) and have the DiskTech2011.iso ( burned to a CD.


  • Before attempting to boot from the DiskTech 2011 CD, you will need to go into the notebook BIOS and temporarily switch the drive controller to IDE mode (F10>System Configuration>Device Configurations>SATA Device Mode). You will be asked to confirm this change to the Drive Controller, click the Confirm button to do so. A blue screen error (BSOD) will occur during boot if the drive controlled is set to any value other than IDE.


  1. Boot from the CD.  Make sure the USB key containing your recovery key and any other external USB storage devices are attached to a USB 2.0 port (not USB SS port) before powering on.
  2. After booting, select whether or not to start network support (probably no for most users).
  3. Click "Go" at bottom left.
  4. Select Programs>McAfee EETech.
  5. Click "HP".
  6. Navigate to the recovery key on your USB key.  Select "Open".  (If the encrypted drive is not mountable, it is here where you will usually receive an error)
  7. The drive should now be mounted.  You can leave the Authentication window open.
  8. Click "Go".
  9. Select Programs>A43 File Management Utility.
  10. You should now be able to access the files on your drive and move them to an external device.


  • When finished, don't forget to go back into the BIOS and change the controller back to AHCI mode.


The files on the hard drive are still encrypted when this retrieval process is completed, and you will not be able to boot from this hard drive unless it is rebuilt. You may choose to store the hard drive in a secure location for future access to the files remaining on it. The files on the hard drive will not be accessible except through the DiskTech 2011 tool.


You may choose to rebuild the operating system on the computer using OEM disks, or entering the HP Recovery Manager by pressing the F11 key during the boot process (if the recovery partition remains on the machine).


  • If the hard drive is formatted (by HP Recovery Manager or using the Quick Format feature on the OEM setup disks), all files on the hard drive will be wiped, and will no longer be accessible through any method.



If the data cannot be retrieved using the DiskTech 2011 tool, you may send your system to Hewlett Packard. HP may be able to retrieve the data through more intense data retrieval methods. However, HP cannot guarantee that any data can be retrieved from the hard drive. You must contact HP Support for instructions to ship your system.





View solution in context
Posts: 142
Member Since: ‎10-30-2013
Message 2 of 22 (5,482 Views)

Re: Another one bites the dust using HP ProtectTools

hi, if the  hdd is encrypted and you have the keys to decrypt it, first you will have to decrypt the drive first in order to read the drive somewhere else.

Posts: 14
Member Since: ‎12-12-2013
Message 3 of 22 (5,468 Views)

Re: Another one bites the dust using HP ProtectTools

The problem is that there is not such a tool.....
Posts: 142
Member Since: ‎10-30-2013
Message 4 of 22 (5,466 Views)

Re: Another one bites the dust using HP ProtectTools

   ok, if you dont have that tool, you should talk to your administrator-IT, other than that there is no way to decrypt that drive.

Posts: 14
Member Since: ‎12-12-2013
Message 5 of 22 (5,458 Views)

Re: Another one bites the dust using HP ProtectTools

Can't understand your answer at all...Talk to the IT departement...

Don't you think they are involved???

They are doing their best but without any answer from HP.


Even though all of my code is checked in on our servers there are many different

scripts etc that I have developed the last two years. They are very valuable for me, and for

the company since they shorten the development time in general.  


We are trying to find an answer all of us, without any luck.


Is McAfee endpoint protection encryption compatible with HP encryption ??



Grad Student
Posts: 324
Member Since: ‎04-04-2012
Message 6 of 22 (5,447 Views)

Re: Another one bites the dust using HP ProtectTools

I'm not into encrypting my HDD, especially using proprietary windows only tools in combination with secureboot, as there is just too much involved that can go wrong and a recovery process just doesn't seem to be clearly defined anywhere...


Anyway, I did a quick Google and came across this decryption solution provided within this hp forum post which also includes an attached doc that could also be helpful? Then there is these McAfee knowledge base pages here & here which may also provide some useful info...


What seems paramount is to do a bitwise copy of the problem encrypted HDD so you have another backup HDD in case the decryption process fails leaving your data in an undefined state...


Mind you, how encryption programs like bitlocker and hp-protect interact with self encrypting hdds (SED) is unknown to me, so one must know what encryption they actually utilize...


But really, HP need to ensure there exists a documented mechanism to help users of "hp protect" recover their data on another system should they have the needed keys, otherwise such encryption based on needing windows to boot is of little to no use (unless hp can guaranteed that windows will always boot which we all know can never be guaranteed!!!).


Hope you sort your issue, and if you do, please post the solution so others may benefit.


PS: Also found this post on spiceworks which may outline hp ptotect tool works:


Priscilla@HP Nov 13, 2012 at 8:42 AM

HP is a Spiceworks Partner.

Below is a follow-up response from the product team:

"I’m quite disappointed to hear about the customer experience regarding SSDs/SEDs....

When ProtectTools is used to activate the encryption (both hardware and software), the interface is the same for the user. If the system has a compatible SED drive, there will be a checkbox to use the hardware encryption. After activation, the customer will need to insert a USB disk to store the backup decryption key. This backup key can be used to unlock the encryption on the drive. It will be necessary for both the hardware and software encryption methods. The system will need to reboot, and the user will now be required to login at the McAfee Preboot Authentication dialog, and again at the Windows login (unless [the user] is using the One-Step Login).

Whether [the user] chooses to use hardware or software encryption, [the user] will see no difference in performance after this.

If [the user] chooses software encryption, the HDD access light will flash as it encrypts the drive in a background process, and [the user] can watch the drive encryption progress by going back to the Drive Encryption tab of Security Manager.

Drive encryption is a very important tool to protect your data, but it is only one piece of the puzzle. It prevents others from gaining access to sensitive or personal information, but it does not cover you if your drive fails.....So, I *highly* recommend the customers take regular backups of their data to a secure location, whether using encryption or not. This allows you to recover your data if the drive fails, as well as if it is lost or stolen, and you can get back up and running with minimal business impact."


Does this implies that a SED can be decrypted on another PC running hp protect tools if the drive is hardware encrypted and you have the keys? Who knows!!!

Master's Graduate
Posts: 1,423
Member Since: ‎10-03-2009
Message 7 of 22 (5,439 Views)

Re: Another one bites the dust using HP ProtectTools

>how encryption programs like bitlocker and hp-protect interact with self encrypting HDDs is unknown to me


I know how Enterprise SSC work but not sure if PCs are in a separate class like Opal.

The TCG has a bunch of documentation:

Grad Student
Posts: 324
Member Since: ‎04-04-2012
Message 8 of 22 (5,423 Views)

Re: Another one bites the dust using HP ProtectTools

Dennis, thanks for the links but the referenced sales blurbs do not really say much about the OP's issue nor does it elaborate on the issues i am concerned with. It's a starting point so i guess i have lots more reading to do :smileyhappy:


So for me, for the moment, i avoid secure boot and drive encryption until there is robust and documented recovery methods that gives me the control and does not make me dependant on some other party to access MY data on MY hardware should the OS kak itself and fail to authenticate/boot...


And as the OP mentioned, nothing seems to be documented by HP on how one goes about decrypting their data should the OS fail to boot. And i'm also concerned with what happens when the authenticated boot process fails, or there is some issue with the decryption key storage location (whether stored in flash within the TPM or SED itself)...


There is just too many unknowns for many people which is why i have difficulty in understanding why one needs data encryption, especially when data theft via OS security breaches seems to be the bigger issue, lost laptops being the exeption. All for the sake of not wanting to put a hammer through a HDD when it is retired!!!



Master's Graduate
Posts: 1,423
Member Since: ‎10-03-2009
Message 9 of 22 (5,417 Views)

Re: Another one bites the dust using HP ProtectTools

>but the referenced sales blurbs do not really say much about the OP's issue


There are other references on that site.  But they are very low level.

Posts: 142
Member Since: ‎10-30-2013
Message 10 of 22 (5,368 Views)

Re: Another one bites the dust using HP ProtectTools

Hi, if you want you can try this, most of the companies  use Symantec encryption.

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation