Eset encrypted drive: Error authenticating or mounting encrypted virtual drive (Error code: 0xC00F000C)

[BowForMe 0]

I'm getting the following error when I'm trying to open my eset encrypted drive:

• Error authenticating or mounting encrypted virtual drive (Error code: 0xC00F000C)

 

 I had an Eset free trial for 30 days and after about 2 weeks later I decided to stop using eset so i decided to uninstall eset. However to my stupidness for some reason i tried to uninstall eset manually by removing all (conceivable) files in C:\Program Files\ , Appdata\ , etc.. Instead of just uninstalling it using the setup SMH.

Shortly thereafter, I realised I was not able to open my encrypted drive. Then I reinstalled Eset and tried to open my encrypted drive however, it gave me an error with the title "Error authenticating or mounting encrypted virtual drive". Eventhough my license was certainly valid, i was getting an error and could not open my encrypted drive.

Since then my license has expired and i still cannot access my drive and the exact error page I'm getting now (which is shown in the screenshot above, it's the screenshot of the error i'm getting now) after that my license has been expired presumably differs from the error page i was getting when my license was still valid.

I've come here to seek your help and may you use thy wisdom in ways to bless me with a solution.

Thank you in advance for your time.

 

[Marcos 5,189]

Is the dlpsrv service set to start automatically and running?

[BowForMe 0]

Thank you for your reply.

The dlpsrv service isn't even listed in the Windows Services Control Manager, Sir.

There is no dlpsrv or dlpsrv.exe process listed running in the task manager neither, Sir.

I could only locate the service and so it's atleast installed: C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe

 

Edited May 22, 2023 by BowForMe

[Marcos 5,189]

You wrote that "I reinstalled Eset". Did you install ESET Smart Security Premium? Did you activate Secure Data afterwards?

[BowForMe 0]

Yes, I've always only installed ESET Smart Secrity Premium.

I had activated Secure Data after I reinstalled Eset the first time. And it was still giving an error.

However, It's noteworthy to say that I've uninstalled and installed ESET a couple of times. Today I also reinstalled ESET but my license has been expired. At this point, I'm just required to enter a license key. Which prevents me from activating Secure Data or any other service. So, no, my Secure Data is not actived right now.

 

Thank you for your time.

 

Edited May 22, 2023 by BowForMe

[SmartUser 204547 0]

I am also facing the same issue. I have valid license and all the settings activated but still could not open the encrypted drive.

[Marcos 5,189]

8 minutes ago, SmartUser 204547 said:

I am also facing the same issue. I have valid license and all the settings activated but still could not open the encrypted drive.

Please raise a support ticket for help with further troubleshooting of the issue.

[SmartUser 204547 0]

how to raise support ticket regarding this issue?

 

[itman 1,728]

6 hours ago, Marcos said:

Please raise a support ticket for help with further troubleshooting of the issue.

The problem with this is many Eset in-country distributors will not provide tech support for Eset trial licenses.

[Marcos 5,189]

5 minutes ago, itman said:

The problem with this is many Eset in-country distributors will not provide tech support for Eset trial licenses.

Maybe but SmartUser 204547 wrote: "I have valid license"

As for the issue reported by BowForMe with a trial license, I'd like to check ESI logs prior to asking Secure Data developers about next steps. A trial license can be activated after uninstalling and reinstalling ESSP.

[Marcos 5,189]

5 hours ago, SmartUser 204547 said:

how to raise support ticket regarding this issue?

Please go through the wizard https://go.eset.com/contact-support/ until you reach the support contact form.

[itman 1,728]

5 minutes ago, Marcos said:

Maybe but SmartUser 204547 wrote: "I have valid license"

His posted screen shot: https://forum.eset.com/topic/36474-eset-encrypted-drive-error-authenticating-or-mounting-encrypted-virtual-drive-error-code-0xc00f000c/?do=findComment&comment=167178 shows otherwise.

[Marcos 5,189]

1 hour ago, itman said:

His posted screen shot: https://forum.eset.com/topic/36474-eset-encrypted-drive-error-authenticating-or-mounting-encrypted-virtual-drive-error-code-0xc00f000c/?do=findComment&comment=167178 shows otherwise.

His license is valid:

Contacting support was suggested in his case since the error was referring to a key (not the license key) so Secure Data developers will have to tell under what circumstances the error can occur.

[JPritchard 11]

Hello BowForMe,

In your opening post, you said:

19 hours ago, BowForMe said:

However to my stupidness for some reason i tried to uninstall eset manually by removing all (conceivable) files in C:\Program Files\ , Appdata\ , etc

ESSP Secure Data creates an encryption 'keystore' file called 'premiumkey.dat' in C:\Users\USERNAME\AppData\Local\DESlock+\

If you delete this directory and the files within, then the encryption key is no longer available and your encrypted USB cannot be decrypted or accessed. Re-installing ESSP and enabling Secure Data will generate a new keystore file, which will NOT work for anything encrypted with a different key.

If we're lucky, and you still have the directories and files you deleted in the Recycle Bin, then you should be able to restore them and access your USB stick! If not, perhaps you have a Windows backup that you can restore where the DESlock+ directory and files are intact and can be restored to regain access to your USB.

Failing this, the data on the USB is inaccessible and you will need to format the device for future use.

Kind regards

Jay Pritchard

Encryption Technical Support Engineer III / Team Lead

[BowForMe 0]

Well, all the mentioned files are deleted. Then I can't do anything. It's OK.

Thank you for your time and help!

Also, I will buy and start using an ESET subcription again in the future. Since, in the meanwhile, i figured it's actually one of the best, if not the best anti virus out there. With a noteworthy good support 

[JPritchard 11]

I appreciate the update, take care!

[FED 0]

On 5/23/2023 at 5:38 PM, JPritchard said:

If you delete this directory and the files within, then the encryption key is no longer available and your encrypted USB cannot be decrypted or accessed. Re-installing ESSP and enabling Secure Data will generate a new keystore file, which will NOT work for anything encrypted with a different key.

Hello JPritchard, 

Could you kindly provide us with additional information about this concept?
If I uninstall ESSP, is it possible to lose definitely the access to the encrypted file (due to the lost and/or regeneration of keystore file)??

Based on what I've read on this page (https://support.eset.com/en/kb6266-eset-secure-data-faq), it should be guaranteed to preserve access to the file even after having uninstalled ESSP (or after its complete re-installation).. is it right or no?

 

I have a few more questions to ask you:

What is the scope of keystore file (.dat) located in the DESlock+ folder (C:\Users\USERNAME\AppData\Local\DESlock+)?
How they have to be managed/archived? 
Is it advisable to have a "secure backup" of this file?
The same file is used/required also for USB drive or only by Volume drive?
--
(NOTE: Actually I discovered 2 distinct .dat files within this folder.. respectively "premium.dat" and "premkey.dat": which is the correct one in your opinion?)  

 

Thanks a lot for your precious explanations (that I think could be useful to report also on the support page provided)

kind regards

 

(https://support.eset.com/en/kb6266-eset-secure-data-faq)

"What happens to my encrypted data if I have to uninstall my ESET product or there is a problem with the product?
Your encrypted files are stored separately from ESET program files. Uninstallation or errors in your ESET program will not affect your files. If you have to uninstall ESET Smart Security Premium, you can access your encrypted data after reinstallation by double-clicking the file and typing in your password."

 

 

[itman 1,728]

2 hours ago, FED said:

(https://support.eset.com/en/kb6266-eset-secure-data-faq)

"What happens to my encrypted data if I have to uninstall my ESET product or there is a problem with the product?
Your encrypted files are stored separately from ESET program files. Uninstallation or errors in your ESET program will not affect your files. If you have to uninstall ESET Smart Security Premium, you can access your encrypted data after reinstallation by double-clicking the file and typing in your password."

As explained in a previous posting in this thread, the above Eset KB article quoted text is only applicable as long as the following exists;

On 5/23/2023 at 11:38 AM, JPritchard said:

ESSP Secure Data creates an encryption 'keystore' file called 'premiumkey.dat' in C:\Users\USERNAME\AppData\Local\DESlock+\I

If the following occurs;

On 5/23/2023 at 11:38 AM, JPritchard said:

If you delete this directory and the files within, then the encryption key is no longer available and your encrypted USB cannot be decrypted or accessed. Re-installing ESSP and enabling Secure Data will generate a new keystore file, which will NOT work for anything encrypted with a different key.

you will not be able to access your previously encrypted data.

"Common computer sense" here would be to back up the C:\Users\USERNAME\AppData\Local\DESlock+\ directory to external media. In an event where the OS resident HDD crashed. Windows had to be completely reinstalled, etc., the directory could be restored afterwards.

Edited June 6, 2023 by itman

[itman 1,728]

Reflecting on my above posting, I have redacted the common sense comment. What didn't "sit right with me" was the fact that Eset did not provide and prompt for creation of keys backup to external media once the encryption feature was activated in Eset Smart Security. This is standard operating procedure for third party encryption software.

For those not aware, Eset acquired DESLock a few years back and the encryption processing used in ESSP is in fact based on their software. I was able to find some old DESLock documentation that notes;

Quote

Backing up Encryption Keys

Backing up encryption keys is important. If the only copy of a key is lost then there is no way to access data encrypted with that key.The Backup process creates a complete copy of the Key-File, together with all the Encryption Keys in it.

Every time the DESlock+ Key-File is changed, keys are added, deleted or the password is altered, the Key-File backup routine automatically starts. In this way you will always have a backup of the current state of your Key-File which should always be stored away from your main hard drive for security and recovery purposes.

When DESlock+ is first activated, you will be prompted to backup your Key-File. It is advisable to backup your Key-File to an external storage device such as a USB Flash drive/ hard drive or to a network drive. It would also be prudent to backup your Key-File to more than one external device or network drive in case one should fail.

 

http://www.tssolutions.co.uk/downloads/DeskLock User Manual.pdf

I would say Eset needs to reinstate this external backup processing for all the reasons I stated previously. As far as Eset trial license versions, Eset installer should just auto decrypt any drive previously encrypted when the trial version is uninstalled or expires.

Edited June 6, 2023 by itman

[FED 0]

Hi,

I appreciate your explanations. I can confirm that the situation is now clearer, even if I believe a more robust approach would be preferable given that most individuals seem to be unfamiliar with this feature. 

Why not keep these keys directly inside the eed file structure, for instance? ..or having them automatically kept in the ESET HOME portal (so that you’re able to retrieve them in case of necessity)...similarly to how MS Windows manages BitLocker keys.

Finally, I still have some residual questions. Could you please provide us a a straightforward explanation about them?

(1) Is it true that DESlock+ folders are preserved when ESSP is uninstalled (without being reinstalled)?

(2) If a re-installation is necessary, the old key file will be overwritten at first, but it may be restored without risk if it was previously saved (re-saving it in the same location and with the same name). Is it correct?

(3) If a re-installation is necessary, is it necessary to have a copy of the newly created key file (those that would be overwrittenm, as in previous question)?

(4) In DESlock+ folder, there could be more than one dat key file (premkey.dat)? Does the key file associated to the single device or to the single eed file? Having more than one eed file will require to manage (and store) 2 distinct key files?

(5) What distinguishes Premium.dat from Premkey.dat? Both of them are kept in the DESlock+ folder. Which one do we effectively need to keep secure?

Thank you for your help

Best wishes

 

 

 

 

 

 

 

 

 

[itman 1,728]

10 minutes ago, FED said:

(1) Is it true that DESlock+ folders are preserved when ESSP is uninstalled (without being reinstalled)?

(2) If a re-installation is necessary, the old key file will be overwritten at first, but it may be restored without risk if it was previously saved (re-saving it in the same location and with the same name). Is it correct?

(3) If a re-installation is necessary, is it necessary to have a copy of the newly created key file (those that would be overwrittenm, as in previous question)?

These questions are answered in the Eset knowledge base article previously posted: https://support.eset.com/en/kb6266-eset-secure-data-faq?ref=esf

Eset support personnel would need to answer question 4) and 5).

14 minutes ago, FED said:

Why not keep these keys directly inside the eed file structure, for instance? ..or having them automatically kept in the ESET HOME portal (so that you’re able to retrieve them in case of necessity)...similarly to how MS Windows manages BitLocker keys.

I was thinking along the same line. However, my recommendation would be to keep a backup of the keys on the Eset licensing server associated with the specific license. Retrieve of the key would be the same procedure as existing license hey retrieval supplemented with 2FA verification. I still recommend that local key backup capability exist.

[Nightowl 206]

Try to run a scan from somekind recovery software on the folder that had the key , there is a probability you can obtain it back , check EaseUS Data Recovery or something similar , I can't remember other names

It could bring back the key file you removed since Windows doesn't remove securely enough so files I bet can be recovered.

[FED 0]

Hi itman, thank you again for your feedback and explanations.

Let's see if an ESET support specialist can provide more details for us to manage the scenario correctly, intending to avoid any possible data loss.

Unfortunately within the KB page there is no enough details.. for example they have made no reference to DESlock+ folder, premkey.dat file, re-installing procedure warning, etc.   

In my opinion, the scenario that has been proposed is likely to cause big troubles for a significant number of people (due to absence of this level of knowledge)

Based on what I have understood up until now, I think I will definitely not use ESSP Secure Data technology.. because of the high level of risk of have my key (or keys?) lost.. and related data. The current solution appears inadequate (or at least error-prone for most of the users), and I believe a more robust approach is required.

Kind regards

[itman 1,728]

4 hours ago, FED said:

Based on what I have understood up until now, I think I will definitely not use ESSP Secure Data technology.. because of the high level of risk of have my key (or keys?) lost.. and related data. The current solution appears inadequate (or at least error-prone for most of the users), and I believe a more robust approach is required.

More research yields the following.

Eset does offer a commercial product called Eset Endpoint Encryption (EEE) which includes full DESLock functionality: https://www.eset.com/ng/business/endpoint-security/encryption/. For example, encryption key backup is included: https://help.eset.com/eee_qsg/en-US/fde_recovery_overview.html?back_up_key_file.html along with the ability to perform key file recovery: https://help.eset.com/eee_qsg/en-US/encryption.html?fde_recovery_overview.html in multiple scenarios such as Windows boot failure.

So what is the major differences between the encryption features offered in Eset Smart Security premium and EEE? "In a nutshell" all that Smart Security premium offers is the ability to create a protected virtual drive to store encrypted files within. EEE on the other hand provides for full encryption capability of the Windows boot drive plus additional storage media..

Edited June 7, 2023 by itman

[JPritchard 11]

Hello,

On 6/6/2023 at 12:33 PM, FED said:

If I uninstall ESSP, is it possible to lose definitely the access to the encrypted file (due to the lost and/or regeneration of keystore file)??

Only if you delete the 'premiumkey.dat' file in C:\Users\USERNAME\AppData\Local\DESlock+\

If you disable Secure Data or uninstall ESSP, then this file is left behind intentionally so you don't lose your encryption key in the event that you re-install Secure Data.

Regardless, there's a lot being discussed in this thread and I feel it would be best that these questions are answered through the correct support channels so we can address each query accurately.

Please submit a support case for your queries and we'll assist you from there.

Thanks!

Kind regards

Jay Pritchard

Encryption Technical Support Engineer III / Team Lead