Are you sure it is not On-Access scans that are timing out? Unpacking and loading the new DAT is a processor-intensive task. I have seen timeouts on On-Access scans that occur while the DAT is being updated and loaded, including very small mcafee-related files. I even have the newest Agent 4.5 and VSE 8.7 patches, which reduced these incidents but did not completely eliminate them. We do have older hardware - mostly 3 GHz P4 w/ HT enabled. Not sure why you would only see this on Win 7, unless your Win 7 systems are also running some other software that the non-Win 7 systems don't.
The XP and the win7 have the exact same programs on them. And yes, I am positive that no On-Access scans are happening. The thing is that when it kills the machines we cannot even go into Task Manager to view what is killing it, but if we have it open then we see McShield going at about 50% CPU usage. The On Demand scan only happens in the morning and no scan should be happening late in the day unless the user logs in late and then it does their normal on-demand scan if it has been more than a certain period of time since last scan. The DAT update is killing it but why is it doing a scan?
The scan of C:\Some file has taken too long to complete and is being canceled. Scan engine version used is 5400.1158 DAT version 5960.0000.
When the machine comes to a halt. but no scan is happening.
That is the message we get in the Windows event log when an On-Access scan times out. If you look in ePO's threat event log for that system at the matching time and date (remember ePO displays in UTC, not local time zone), and click on the event, does the Analyzer Detection Method say OAS?
Sorry, I guess I'm getting away from the most important part of your question, which is why the DAT update is having such a significant impact on your Win 7 systems. I guess I can't help you there.
Do you have the setting 'scan processes on enable' configured? If so, every time McAfee starts up, including immediately after a DAT update, your system is going to run a resource-intensive scan of everything in memory. This could result in slowdowns and timeouts.
According to McAfee's own recommendations, do not scan running processes.
KB67634 "Process scanning is resource intensive and can negatively affect system performance. McAfee recommends that you disable the option to scan Processes on enable unless you require the maximum protection configuration for Access Protection in your environment. " (https://kc.mcafee.com/corporate/index?page=content&id=KB67634&actp=search&search id=1273676278938)