On Oct 11, 7:41 pm, Sven Boden <list...@pandora.be> wrote:
> I'll answer my own mail... the solution is to decrypt the harddisk and
> uninstall PointSec. You need a PointSec recovery boot cd for this. If
> your pointsec is installed on a corporate level your helpdesk should
> be able to help you. It involves interrupting the boot, resuming from
> the cd, calling the pointsec helpdesk for a key and letting it
> decrypt.
>
> After that you can do some changes on your PC to make PointSec belief
> your PC is unencryptable ;-) ... furthermore I can recommend safeboot
> as PointSec alternative.
>
> And I have a feeling that the Microsoft updates of last days seem to
> increase the amount of BSOD's again on PointSec installed PC's
>
> Regards,
> Sven
>
> On Oct 10, 3:10 pm, Sven Boden <list...@pandora.be> wrote:
>
>
>
> > The problem is PointSec, their software panics from time to time
> > causing BSOD and making it easier to reinstall usually than to try to
> > decrypt the harddisk.
> > It doesn't happen on all computers on which you install PointSec, but
> > once you get it your toast. It seems that as soon as you have a
> > windows problem on which you would normally use the recovery
> > console&chkdsk/r e.g. a registry problem or so, you're in problems
> > with PointSec (as it won't allow you on the harddisk).
>
> > Did anyone already find a good way to deal with these BSOD's (they
> > even occur on the very last version of PointSec) or a good way to
> > uninstall/decrypt PointSec from your PC.
>
> > Regards,
> > Sven- Hide quoted text -
>
> - Show quoted text -
I have just seen this problem specifically after KB943460 is applied,
ftdisk being the last failure straight after this patch applied on a
machine that happens to be running an older Pointsec PC 6.1.3 b1122
build and McAfee.
Pointsec PC has no back door for removal, in this scenario you should
create a recovery disk using the unique recovery file for the
particular machine to decrypt the machine - this will require 2
authorised accounts allowed to create the recovery media, and an
account authorised to run the recovery disk when you boot from it (see
chapters 14 and 15 of the Pointsec Admin Guide regarding different
recovery methods). Once the machine is back up, go to add remove
programs and remove Pointsec to tidy up (you won't be prompted after
removal using the recovery disk) and reboot. Next, remove KB943460 in
add/remove programs, and reinstall Pointsec from your corporate
Installation.
I've escalated this KB943460 issue with the product support team, it
affects Universal Resource Identifiers and shell32 shellexecute which
is a considerable change. See
http://support.microsoft.com/kb/943460
This might be resolvable according to whitelisting capabilities in the
registry after the patch is applied as can be seen in the article
above,
The KB943460 patch has been having some odd affects on other products
as well if you look around. The machine in question I saw this on was
an IBM T60 also running MCAfee as well, but had been for some time
with Pointsec 6.1.3 for over a year, quite happily before the patch.
Fact is, this bsod was seen immediately after applying KB943460 and
this is very evident in the logs.
Furthermore, version 6.2 with KB943460 has been seen to be running
fine on my own machine that I'm tapping away on right now without any
whitelisting changes - so I can't concur Sven's comments regarding the
newer versions of Pointsec either. Also, I personally don't run
MCAfee, I use a "new" Checkpoint product that nobody knows about yet
that does AV as well.
It might be a problem with another product that lives in the Kernel
such as McAfee that is exacerbated after applying KB943460, nobody has
tried removing McAfee, installing Pointsec and KB943460 to concur yet
apart from what I have on my machine. I'll post any further info/
resolutions from the support team once they get their teeth into it.