tkrombach 0 Posted June 28, 2023 Share Posted June 28, 2023 We have an issue with a HP laptop that started encryption with FDE. It did a restart now it does not boot, error message is reason code 2, meta data signature is not correct. We created a recovery file from the Protect Cloud Console and created a USB stick with the encryption recovery tool. When I try to boot from this key the laptop shows an error message: Your PC/Device needs to be repaired The digital signature for this file couldn't be verified File: \windows\system32\boot\winload.efi Error code: 0xc0000428 I have tried creating another stick and restarting several times. Is there anything else I can do to create a bootable USB drive? Else, is there another way to decrypt this volume? Link to comment Share on other sites More sharing options...
ESET Staff AAndrejko 9 Posted June 28, 2023 ESET Staff Share Posted June 28, 2023 Hi @tkrombach Can you try to create the recovery media again via the Encryption Recovery Tool, however this time select EFI 32 & 64 Bit. I would recommend you wipe the USB beforehand, just to make sure it's not trying to boot the Windows recovery media recovery tool still. I haven't seen that particular error when booting the recovery tool but with the Windows RE recovery tool USB, we basically take files from the system where the USB is being created to create the media, so if the above doesn't work I'd suggest trying to create the USB on another system and try again. Kind regards, Ashley tkrombach 1 Link to comment Share on other sites More sharing options...
ESET Staff AAndrejko 9 Posted June 28, 2023 ESET Staff Share Posted June 28, 2023 I would also like to add, if you successfully decrypt the device, an immediate backup (If one has not been taken already, or if the data is crucial) should be taken. The error you are presented with is the software saying that the data used to boot the system is not complete or as expected. This may be due to another encryption vendor being enabled, or a change in disk layout or even a hardware issue, amongst other things. If you would like to go ahead and encrypt the device again and still encounter the issue, I would suggest you submit a support ticket https://www.eset.com/int/support/contact/ . We will be able to better assist you there as we would require additional logs. Link to comment Share on other sites More sharing options...
tkrombach 0 Posted June 30, 2023 Author Share Posted June 30, 2023 So we have not been able to make the USB stick work on this laptop. We tried creating it on several different machines and each time we get the digital signature error. We'll try to open a ticket to see if ESET can help us recover this disk, since it contains important data. Link to comment Share on other sites More sharing options...
ESET Staff Kstainton 31 Posted June 30, 2023 ESET Staff Share Posted June 30, 2023 (edited) Hi @tkrombach, Good idea, I would be interested to see what error you get when attempting to boot it, however, I am curious, did you disable Secure Boot when attempting to boot via the EFI USB, the WIN RE USB does not require this but the EFI USB will require Secure Boot to be disabled in order to boot from it? As it sounds like its skipping the USB and attempting to boot normally and an error. Thank you. Edited June 30, 2023 by Kstainton Link to comment Share on other sites More sharing options...
tkrombach 0 Posted June 30, 2023 Author Share Posted June 30, 2023 I just opened a ticket and added the boot screen error picture in the ticket. When I boot normally I get the Metadata signature error. When I try to boot from USB it takes some time but then I get a bluescreen with an error that file signature could not be validated. I tried disabling Secure Boot but then I just get the HP logo on the screen and boot does not proceed (I waited for 1h and there is no activity on the USB stick). I'll see how the ticket will proceed. Link to comment Share on other sites More sharing options...
ESET Staff AAndrejko 9 Posted June 30, 2023 ESET Staff Share Posted June 30, 2023 Thanks for submitting a ticket to support. One last thing, as the support teams will most likely need the logs from the recovery tool. Does the system support Legacy booting? Booting a recovery tool USB in WinRE mode whilst booting in Legacy mode may yield a different result when trying to boot the tool. Link to comment Share on other sites More sharing options...
tkrombach 0 Posted June 30, 2023 Author Share Posted June 30, 2023 It is a HP Probook laptop. It supports legacy booting. I tried activating it but did not get another result. Link to comment Share on other sites More sharing options...
itman 1,659 Posted June 30, 2023 Share Posted June 30, 2023 5 hours ago, tkrombach said: It is a HP Probook laptop. It supports legacy booting. I tried activating it but did not get another result. One possible issue could be boot disk priority BIOS setting or equivalent setting. When the legacy boot option was enabled in the BIOS and the system started to boot thereafter, could you still access F12 or applicable key to select which drive to boot from? If not, then you could be booting from the first drive specified in boot disk priority BIOS setting. If this is set to the drive where Windows is installed, you are not booting from the USB drive. You will have to change boot disk priority BIOS setting to USB/external drive as the first selection. Link to comment Share on other sites More sharing options...
Recommended Posts