0

Hi all (Sorry if this isn't the right forum to post on),

I have a slightly frustrating issue involving a small collection of HP laptops and McAfee Encryption. We can encrypt the laptops absolutely fine, and they run performance wise just as well. However, after a few days the laptops will just refuse to boot, and you have to decrypt the laptops to be able to get them to boot.

I spoke to McAfee about this and they informed me that there is a "Known" compatibility with HP laptops and Drive Encryption but informed me that this version of laptop was not on the list of those.

After a few hours of digging we decided that the TPM was most likely the cause of this issue. We removed the drivers completely off the PC, whilst also disabling the device so Windows Update couldn't put them back on. We tested this to make sure the TPM drivers wouldn't be put back on the PC and those tests were successful.

A couple of weeks had passed the drivers had not put themselves back onto the PC's and they were working fine. However they've now stopped booting again, and the only way to get back onto the PC is to decrypt it. The list below is some of the things I have tried so resolve the issue:

  • Removed encryption and re-encrypted the devices: This leads to the computer booting fine first time round, but will then stop booting once you turn off/restart the PC.

  • If the PC has Drive Encryption on but has not encrypted the hard drive, it still has the same issue in not booting as you would get with an encrypted one.

  • I've disabled the TPM in the BIOS and this has had no effect in fixing the issue.

  • Using HP Drive Encryption seems to work, however the lack of a central management system is not our preferred choice (Although this might have to suffice if McAfee doesn't work)

Could something be changing or have changed before the boot stage which the TPM isn't happy with and therefore causes the issue?

I get that this is most likely an incompatibility issue, but I'm still looking for people who have had similar issues, or may have a better knowledge of how Drive Encryption works.

Wigleys_Extra
  • 23
  • 1
  • 5
  • What's wrong with BitLocker? – Michael Hampton Jul 14 '15 at 15:16
  • Nothing is wrong with BitLocker. But our laptops only have 1 partition, we don't have the second one for BitLocker. Equally the helpdesk and 3rd line haven't tried Bitlocker so they would be hesitant to even want to try it unless I could 100% prove that McAfee couldn't work on these laptops. – Wigleys_Extra Jul 14 '15 at 15:57

1 Answers1

1

We have had the same issue.

We upgraded the BIOS to 1.08, turned off Fast Boot and set Boot Mode is set to "UEFI Hybrid (with CSM)".

This is working with normal HP SSD, when using larger 1TB SSD we encrypt before we let the user partition etc.

Most of our issues were with Win 8.1

Peter
  • 11
  • 1
  • Hi Peter, sorry for the VERY late reply (Java was being blocked at my work due to a proxy issue so I couldn't access any of the websites functionality). When you were using Win 8.1, did you use x64 or x86? – Wigleys_Extra Nov 25 '15 at 09:40