You should delete machine object using EEM, prior to new client installation. What object ID is reported on client machine and which in database?
It's possible that it's been moved to an 'Uninstall' group in order to remove the software. If so, then re-installing the software will not actually install - this is correct behaviour. If you want it to re-encrypt and enable pre-boot authentication, then it needs to be moved back into a group which allows it to re-encrypt.
Basically to fix the issue, you'll have to delete the old machine object. Once you do that, the client will synch and a new object will be created.
We have seen this a few times. Sometimes, it will create a new object with the 000x appended, and sometimes it won't create a new object at all. Never gotten a good explanation from McAfee on the difference. There isn't really a reason to keep the old machine object around. If you do want to keep it recoverable, just don't check "permanently delete"
the difference is if you created the install set for a group, or for a machine (check scm.ini).
if it's the latter, the machine will ONLY ever use that object name, if it's in use, the machine won't make another one.
If the object is available though (ie was legally removed, or you used clearkey), the new install will take it over - note then though if the status is set to "disable" or "remove", the new machine will do exactly that, so you'll end up in a loop.
As mentioned, either delete the old machine key or use this command from the sbadmcl.exe tool