Showing results for 
Search instead for 
Did you mean: 

VirusScan Upgrade Procedures - What is the best practice

I am in the process of upgrading about 4000 clients from VSE 7.1 to 8.5. I designed a package using the Installation Designer which silently installed the package to desktops and servers and have deployed the package using epolicy orchestrator 3.6 The package does not include email scanning and has hotfix 4 applied to it. I can't upgrade to 3.61 or 4 until all desktops and servers are on 8.5 as apparently VSE 7.1 is no longer supported from 3.61

I have deployed VSE8.5 with hotfix 4 to about 1000 desktops running XP SP2 and about 20 servers running 2000 and 2003 and have encountered a number of problems which i want to resolve before deploying to the remaining devices. A number of the servers have blue screened. 4 of them blue screen every time users attempt to save any file to it to the extent that they will probably have to be rebuilt as i suspect the deployment might have caused corruption of some files. Of the desktops several Outlook XP users have reported the error "The add-in C:\Program Files\Network Associates\VirusScan\scanemal.dll could not be installed or loaded"

A search on google indicated that This problem is due to the design of Microsoft Outlook and can be corrected by disabling the "Exchange Scan" function within Outlook.

My questions are: How can i prevent the outlook error message popping up. Manually disabling the Exchange Scan function on 4000+ devices in just not practical, i would have assumed that as the function had been disabled within epolicy, clients should have picked up that policy. My question and more important question is has anyone encountered the blue screening issue and how can i prevent the corruption on servers.

Is it best when upgrading from 7.1 to 8.5 to remove 7.1 first and them install 8.5 or upgrade 7.1 to 8.5. I'd appreciate any thoughts.
3 Replies

RE: VirusScan Upgrade Procedures - What is the best practice

I think you'd be heading the right direction with removing 7.1 first. I don't have them anymore, but a cleaning of the registry keys is a good idea as well, since some of the older applications weren't as thorough in removing those. It shouldnt be to difficult to create a small script that will run the 7.1 uninstaller, then clean the registries, then you can either push a new install or run your mid package. Keep in mind that a mid package install means you lose all your settings specific to that system until the next asci.

RE: VirusScan Upgrade Procedures - What is the best practice

I always do a direct upgrade of VSE without removing any older version before. The reason is that this will minimize the time no VS is on the client and also, in case the VSE85 install will fail, it will rollback to the VSE7.1 installation. If you remove VSE7.1 explicitly before you are left with no AV protection. My experiences are very good with the direct upgrade mehtod through ePO (VSE7.1 to "Ignore", and VSE8.5 to "install"). You can always use the "Deinstall" option for VSE7.1 in case of troubleshooting.

For your outlook problem. Througout the migration just execute a script which deletes the EXTEND.DAT files at every logon. This will resolve the error automatically.

RE: VirusScan Upgrade Procedures - What is the best practice

Thanks, i'm trying to upgrade using the installation designer and in several instances i've noticed that after removing VSE 7.1 epolicy orchestrator has then installed 8.5 so that about 2% of PC ended up unprotected. In 2 instances PCs appeared to have both 7.1 and 8.5 (which i guess is the lesser of two evils!).

I guess i'll trial and upgrade without removing 7.1 on a number of Virtual PCs, however my concern is that the outlook error will then remain unresolved. I guess that will show itself in a trial. I'll get back with trial results.