cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
LWorman
LWorman
Level 7
Report Inappropriate Content
Message 1 of 2
‎05-10-2018 09:26 AM

Endpoint Security 10.5.4 determine virus definition date

We are moving from VirusScan Enterprise to Endpoint Security.

One of the scripts we run checks our systems to see if they are running the latest Virus Definition Dat file. It did this by checking the date listed in the registry key found here
HKLM\Software\McAfee\AVEngine\AVDatDate
or
HKLM\Software\WOW6432Node\McAfee\AVEngine\AVDatDate

If that date was more than 5 days old the script would let warn us that we would need to go check why that system was not updating.

Is there something similar with EndPoint Security 10.5.4?

NOTE: This script does a lot of checks of various other things, and combines them all into one report, I'm trying to save us the hassel of having to log into our ePO server just to check this one issue.

0 Kudos
Reply
1 Reply
twenden
Reliable Contributor twenden
Reliable Contributor
Report Inappropriate Content
Message 2 of 2
‎05-10-2018 01:24 PM

Re: Endpoint Security 10.5.4 determine virus definition date

We don't use scripts but checking the registry key on a Windows 10 system running ENS Threat Prevention 10.5.4 I have found the registry key that mentions the AMCore version. With ENS the DATs have been replaced with AMCore. The today's AMCore version is 3340.

The registry key on my system is as follows:

HKLM\Software\McAfee\Endpoint\AV\AVCM

The key name under that is called CMajor. 

 

 

0 Kudos
Reply
More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.