You can check the status of EE PC on your system using this registry key
I suggest you look at the "Activated" value which can be set to "Yes" or "No" (to what I've seen)
You can also check the system status by clicking on the McAfee icon in the system tray -> "Quick Settings" -> "Show Endpoint Encryption Status", but this is not programmatically (like a registry value).
Might seem obvious, but happened to me a lot in the past - Make sure your system reports to the same ePO you think it is, if you have more than one.
What's the last communication date ePO shows for these systems ?
The suggested key does not exist but I found another similar one
HKEY_LOCAL_MACHINE\SOFTWARE\McAfee EndPoint Encryption\MfeEpePC\Status
the value of "Activated" is "Yes"
The systems still report to the (one and only) correct eposerver (last ASCI was 5 minutes ago) I even tried forced re-installing the epoagent
How can get proper control again of EE on these clients?
Can I edit one of the regkeys to start the decryption and get rid of EE?
first thing to check is the EEPC log file to see if there are any error states reported.
No, you can't control EEPC by manipulating the registry.
The key you found is the same one the original poster mentioned, just he is using a 64bit OS, you're using a 32bit.
If you are using a script, you can try this command also: (for 32bit systems, simply omit \wow6432node\ part)
reg query "hklm\software\wow6432node\mcafee endpoint encryption\mfeepepc\status" /v cryptstate
output looks something like: cryptstate REG_SZ Volume=C:,State=Decrypted;
I have used this command in the past:
C:\Program Files\McAfee\Endpoint Encryption Agent>MfeEpeHost.exe -status all