Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
guilherrme
Participant

Uninstall Check Point Endpoint R86.70

Hello everyone, i'm trying to uninstall CP but it says that its not possible to uninstall FDE while encryption is active.

There's no connection to any server or console anymore.

I'm trying to find a way to disable FDE manually, maybe changing some registry key or something similar, and most importantly trying to do that without crashing the system.

In the attachments is a recent FDE log that i got using cpinfo. Can someone shed some light on what can i do to disable it so i can uninstall CP successfully?

0 Kudos
11 Replies
the_rock
Legend
Legend

Maybe better contact TAC to solve this. I would be super careful with changing registry keys.

Best,

Andy

the_rock
Legend
Legend

Hey @guilherrme 

Did you get this sortged out?

Best,

Andy

guilherrme
Participant

Hey @the_rock 

Not yet unfortunately, we can't contact TAC anymore because the contract ended recently.

No console, no server. I'm trying to figure it out on my own to help the team.

The problem happens only with this version 86.70, i just need to know how the FDE works so i can try to disable it manually and uninstall.

 

Thanks for answering man.

0 Kudos
the_rock
Legend
Legend

Let me see what I can find as far as FDE. Maybe someone else will know.

Andy

(1)
guilherrme
Participant

thanks @the_rock i apreciate that

0 Kudos
the_rock
Legend
Legend

(1)
the_rock
Legend
Legend

Did that help?

Andy

0 Kudos
guilherrme
Participant

Thanks, i saw that article before...it didnt help me..i've seen a lot of articles like that, many of them involve doing something on console or management server which in our case we dont have access, its just the machines with the problem, if we dont figure out how to do it we're gonna have to format the machines and we're trying to avoid that because there are so many machines with that version.

And there's another problem which is harmony extension keeping the users from downloading files.

What i would like to do is to use sysinternals to access some specific registry keys with the authotity nt\system account and change some values to disable encryption but i dont know what is the correct registry key or file.

One of our colleagues tried to uninstall checkpoint using a third party uninstaller and crashed the system (good thing it wasnt an end user machine haha), so i'm being very careful about it.

 

Interesting thing is that initially i thought the problem was the service fde_srv.exe that was always running. So i booted windows on safe mode but even though none of the cp services was running i got the same error.

 So i think the problem is this "encryption active" that the error message says. I'm trying to figure out what that means.

0 Kudos
the_rock
Legend
Legend

Honestly, your best bet is to maybe see if your local SE person can open a case to get TAC help that way...just an idea.

Best,

Andy

guilherrme
Participant

yeah, i'll see what i can do

 

thanks

0 Kudos
DKK
Explorer

Hi,

I had the same problem. You need to wait for the encryption to finish at 100% and after that you can uninstall the CP.

Good luck!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events