ESET Online Help

Search English
Select the topic

Troubleshooting

EFDE Error/Alert

Explanation

Policy states a TPM must be used to encrypt your computer, but no suitable TPM is present. A TPM 2.0 is required.

TPM is specified as mandatory for encryption by the EFDE configuration policy. If the workstation does not support TPM 2.0, apply the EFDE configuration policy without the TPM encryption support set as mandatory. If the TPM 2.0 is supported on the workstation, but the error persists to display, investigate the product logs for more information.

Policy states Opal must be used to encrypt your computer, but one or more disks do not support the Opal 2 protocol.

Opal is specified as mandatory for encryption by the EFDE configuration policy. If the workstation does not support Opal, apply the EFDE configuration policy without the Opal encryption support set as mandatory. If Opal is supported on the workstation, but the error still displays, investigate the product logs for more information.

Your license expires in a few days, and your computer will lose protection. When this happens, the pre-boot password will be removed, and your computer will start without requiring any authentication. Renew your license to stay protected or activate ESET Security Product if you already have a renewal key or a new license.

In this state, the EFDE pre-boot login is not required, but the data on the workstation is still encrypted. You can renew your existing license or decrypt the workstation with a decryption policy.

The license has expired or is invalid, which has disabled pre-boot authentication.

Without a valid license, encryption on the workstation persists, but the EFDE pre-boot login is no longer required before the windows login screen. Activate the product with a valid EFDE license or decrypt the workstation and uninstall the EFDE Client application.

Your computer is not encrypted, and data at rest is not protected.

General alert indicating that the EFDE Client application is running, but the data on the workstation is not encrypted. To solve the error, enable and configure EFDE.

Encryption on your computer failed to start due to an error. Check system logs for more information.

The encryption process failed to start. You can find more details for troubleshooting in the application logs.

Your computer is ready to begin encryption, but it is currently waiting for a configured pre-boot password.

This error indicates that user interaction on the workstation is required. It is highly recommended to set the pre-boot password before the next restart to proceed in the encryption process.

A computer restart is required to initiate Safe Start to check hardware and firmware compatibility and perform initialization.

After the product is successfully installed, this error message will indicate that the next required step is to reboot the workstation to initiate the EFDE SafeStart mode. The first time, it will check if the workstation is compatible with EFDE and can be encrypted.

Your computer restarted, and Safe Start succeeded, but encryption did not start correctly before the system restarted again. Therefore encryption will not start. Check system logs for more information.

After the Safe Start process confirmed that the hardware and firmware of the workstation are suitable for encryption, but the workstation was restarted before the EFDE pre-boot login password was set, the encryption process will be terminated. It is also indicated in the workstation logs as: "Safe Start was previously successful, but the result is now stale and Safe Start must be re-run."

You can initiate the Safe Start evaluation process by three methods:

In ESET PROTECT, click the computer´s Details > Alerts > click the Encryption failed to start and select Retry failed encryption.

In ESET PROTECT, click Policies and change policy´s Settings:

1.Select Enable Encryption to remove the current policy.

2.Disable Enable Encryption to add a new policy.

3.Wait for processing at the EFDE client to reset the Safe Start state.

4.Select Enable Encryption to re-add the original policy.

Uninstall and reinstall the EFDE client app.

The product has been installed or upgraded, and you must restart your computer before the software functions.

This error is displayed right after the product was freshly installed, reinstalled or upgraded, and the reboot of the workstation is required before the product can resume its function. The error should disappear after the workstation is rebooted.

Presentation mode is enabled

Enabling Presentation mode via the EFDE configuration policy is a potential security risk. If Presentation mode is enabled and a user goes to a web page or an application that might be problematic or unsafe, it may be blocked. However, the user will not see any explanation or warning because user interaction is disabled.


note

You can find EFDE Client application logs on the workstation at this location:

Windows

C:\ProgramData\ESET\ESET Full Disk Encryption\AIS\Logs\Status.html

C:\ProgramData\ESET\ESET Full Disk Encryption\AIS\Logs\efde_ais_<date>.txt

C:\ProgramData\ESET\ESET Full Disk Encryption\Core\esetCPLogger.txt

macOS

/library/application support/eset/ESET Full Disk Encryption/ais/logs/efde_ais_<date>.log

/library/application support/eset/ESET Full Disk Encryption/ais/logs/status.html

To generate logs for the support team, you need ESET Encryption Diagnostics tool.