EEPC has been corrupted (Cisco's Advanced Malware Protection for Endpoints)

Technical Articles ID: KB87917
Last Modified: 2023-04-20 10:38:58 Etc/GMT

Environment

Drive Encryption (DE) 7.x

Cisco SourceFire Advanced Malware Protection (AMP) for Endpoints v4.2-5.0.5

Problem

The PreBoot File System is being removed because the SafeBoot File System files (Safeboot.fs and Safeboot.rsv) have been deleted.

The event occurs on clients that have upgraded the Cisco AMP for Endpoints product and initiated a system restart.

After the system restarts, you see the following error during the system startup:

EEPC has been corrupted

Solution

A joint investigation with Cisco has identified an issue with the Cisco SourceFire AMP for Endpoints v4.2-5.0.5 installer. The installer sometimes deletes files that are unrelated to the AMP product during an upgrade. The only version affected is v4.2-5.0.5 for customers using the AMP public cloud version.

Contact Cisco for assistance.

Workaround

Perform a DE Emergency Boot.

For details, see KB71868 - How to perform an emergency boot with the Drive Encryption DETech Standalone boot disk.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

EEPC has been corrupted (Cisco's Advanced Malware Protection for Endpoints)

Environment

Problem

Solution

Workaround

Affected Products

Languages:

Title

Title

Knowledge Center

EEPC has been corrupted (Cisco's Advanced Malware Protection for Endpoints)

Environment

Problem

Solution

Workaround

Affected Products

Languages:

Choose your region

Title

Title