Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 10
Report Inappropriate Content
Message 1 of 6

manually check encryption status

How can I manually check the Endpoint Encryption status (via regkey for example) and in case of how can I mannually de-activate EE Clients (EE Version

I got 2 clients from which I can't remove the EEPC (the EE product settings policy has been set to disable (unmarked the "Enable Policy" setting & Encryption set to "none" for more then 2 months)

The eposerver reports no EE details for both clients ("No details are available")

and local logfiles on both clients report EEPC is still active???

McAfee Endpoint Encryption for PC is currently active. Please de-activate before uninstalling.

=== Logging stopped: 2/27/2014  12:19:52 ===



5 Replies
Level 9
Report Inappropriate Content
Message 2 of 6

Re: manually check encryption status

You can check the status of EE PC on your system using this registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\McAfeeEndPoint Encryption\MfeEpePc\Status

I suggest you look at the "Activated" value which can be set to "Yes" or "No" (to what I've seen)

You can also check the system status by clicking on the McAfee icon in the system tray -> "Quick Settings" -> "Show Endpoint Encryption Status", but this is not programmatically (like a registry value).

Might seem obvious, but happened to me a lot in the past - Make sure your system reports to the same ePO you think it is, if you have more than one.
What's the last communication date ePO shows for these systems ?

Level 10
Report Inappropriate Content
Message 3 of 6

Re: manually check encryption status

The suggested key does  not exist but I found another similar one
HKEY_LOCAL_MACHINE\SOFTWARE\McAfee EndPoint Encryption\MfeEpePC\Status

the value of "Activated" is "Yes"

3-03-2014 12-59-57.png

The systems still report to the (one and only) correct eposerver (last ASCI was 5 minutes ago) I even tried forced re-installing the epoagent

How can get proper control again of EE on these clients?
Can I edit one of the regkeys to start the decryption and get rid of EE?

Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 6

Re: manually check encryption status

first thing to check is the EEPC log file to see if there are any error states reported.

No, you can't control EEPC by manipulating the registry.

The key you found is the same one the original poster mentioned, just he is using a 64bit OS, you're using a 32bit.

Message was edited by: SafeBoot on 3/3/14 9:52:59 AM EST
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 6

Re: manually check encryption status

If you are using a script, you can try this command also: (for 32bit systems, simply omit \wow6432node\ part)

reg query "hklm\software\wow6432node\mcafee endpoint encryption\mfeepepc\status" /v cryptstate

output looks something like:  cryptstate    REG_SZ    Volume=C:,State=Decrypted;

Level 10
Report Inappropriate Content
Message 6 of 6

Re: manually check encryption status

I have used this command in the past:

C:\Program Files\McAfee\Endpoint Encryption Agent>MfeEpeHost.exe -status all

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community