Apr 15 2024 10:14 AM
Hello,
We are currently deploying Microsoft Defender for Endpoint Plan 2 to a client who had Trellix Security formely Mcafee and we are experiencing issues with the uninstallation of the Mcafee agent so that Defender is turned to Active Mode. Has anyone experienced the same and what solution do you recommend?
Apr 15 2024 12:32 PM
Apr 15 2024 04:26 PM - edited Apr 15 2024 05:37 PM
Hey!
I would make sure there’s no GPO that was pushed out to turn Defender off when McAfee was used. Run a “gpresult /r” and see what you find.
Or check via gpedit.msc. Go to
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus. Double-click on “Turn off Microsoft Defender Antivirus.
I also recommend reading Defender AV compatibility with non-Microsoft AV here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivi...
It was a while ago when I ran into this same issue, similar setup but can you give us a list of what you’ve tried and checked? Maybe we can narrow it down.
Let us know what you find there.
Best,
Dylan
Apr 16 2024 03:33 AM
Apr 16 2024 03:35 AM
Apr 16 2024 05:58 AM
Aug 16 2024 02:40 AM - edited Aug 16 2024 02:43 AM
Uninstall the Agent First:
Although it's typically recommended to uninstall the agent last, you should start by attempting to uninstall the Trellix/McAfee agent first.
Go to Control Panel > Programs and Features and find the Trellis agent.
Right-click and select Uninstall.
Follow the prompts to complete the uninstallation process.
Reboot the System:
After uninstalling the agent, reboot the system. This step ensures that any remaining components tied to the agent are properly cleared.
Uninstall Other Trellis Software:
Once the system has rebooted, proceed to uninstall any other Trellis Endpoint Protection software components from Programs and Features.
Uninstall each component one by one, followed by another reboot if necessary.
This approach allows you to tackle the uninstallation in a more aggressive manner, potentially avoiding complications that might arise from residual files or dependencies tied to the Trellix agent.
Sep 18 2024 08:59 AM