I'm getting a lot of push back when it comes to fixing any problems on drives encrypted with full disk encryption. Most of the time my answer is that it is the nature of FDE. Yesterday we had a PC with a virus and McAfee EE 5.1.7 installed.
L2 Support was not able to get anywhere with the virus and wanted to know what to do. In the end (and in this specific case) I was able to remove the virus manually.
But where the push back is coming is I'm now required to figure out a way to take that hard drive and hook it up to another system so they can run antivirus/malware...
I figure this is possible by booting to a PE disc that has the wintech tools and antivirus programs, but is there any way to get another PC to recognize the key needed for another drive?
you need to run it from the proper environment, install all the drivers etc.
the easiest way I guess is to run it from an inactive client - ie install a proper EEPC client on the machine so the drivers get put in place, but DONT let it communicate back to the server or activate (rename sdmcfg.ini will do that for you).
if the client activates, then you won't be able to mount a drive from another machine.
Thanks... I'm sorry - this is the first time I've messed around with the installation files (other than creating a file set). Would these steps work?
1. Install the package but before the reboot, rename sdmcfg.ini 2. Reboot 3. Run .exe from PE disc 4. Once WinTech is properly authorized and authenticated, mount SBFS as volume 5. Run a scan (or whatever is needed) against that mounted volume
I didn't have to map the drive either... Windows recognized it right away but couldn't read it... Once WinTech was Authorized and Authenticated, the drive became readable and remained that way even when WinTech was closed.