Received this mail: https://kc.mcafee.com/corporate/index?page=content&id=KB76004
Checked that a lot of machines in company now have a red marked circle on Mcafee VirusScan icon.
Pushing DAT 6809 to all the machines and wake up agents does not do much. Even if they receive this latest 6809 the OAS is still disabled.
If I manually enabled OAS, it does not want to switch from disabled to enabled.
In the hyperlink https://kc.mcafee.com/corporate/index?page=content&id=KB76004, they are only mentioning if you haven't deployed thoose 6807,6808 DAT's, then go for 6809.
BUT THERE IS NO EXPLANATION WHAT YOU SHOULD DO IF YOU ALREADY HAVE THOSE DAT'S DEPLOYED!!!!!!!
I have found out also this link: http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS101446
But uninstalling and installing Mcafee for 90% in company is a big ***%$!
We are working on a SuperDAT package that will address the issue without requiring an uninstall/reinstall - as soon as I have any more information I'll update this thread.
Joe, thanks for the quick reply.
But currently the situation is, that 90% of computers are "unprotected" while OAS is not running. What if in this minutes one user browses strange webpages, and get's a virus.
Then I'm fu*** as a Antivirus technican support.
Thanks for letting us know.....
I've run a query and filtered Engine = 0.0000
Found only 3 machines and indeed the registry settings were out of sync and On-Scanner disabled.
I have 46 out of 152 computers, having this issue. Soo teoretically if one of thoose users have a "bad-luck", gets a virus, and spreads out to rest of the 45computers, what then?
Quick solution would be more then appreticiated.
Believe me, we appreciate the seriousness of the situation, and the development teams are working to get a solution ready as fast as possible - as soon as I have any more news I'll let you know.
Ok... Instead of waiting I took other reaction.
I took 1 problematic pc, manually uninstalled VSE, and manually installed VSE, that solved the problem, OAS started to work.
My next step currently is:
-push product removement thru EPO to clients.
-1st will remove VSE
-after that task is finished, another task will be pushed, to deploy vse again.
hopping everything will work fine
This is certainly a valid approach, and should work fine - if you have machines that you urgently need, this is likely to be the fastest method until the superdat tool is available.