1. Introduction
The McAfee® Endpoint Product Removal (McAfeeEndpointProductRemoval.exe) tool allows you to remove the following McAfee
products from endpoints in your environment:
• DAT Reputation (DAT Rep)
• Data Exchange layer (DXL)
• Data Loss Prevention (DLP)
• Endpoint Intelligence Agent (EIA)
• Endpoint Security (ENS)
• Endpoint Security Storage Protection (ENS SP)
• ePO-MER
• Host Intrusion Prevention (HIPS)
• McAfee Active Response (MAR)
• McAfee Agent (MA)
• McAfee Application and Change Control (MACC)
• McAfee Client Proxy (MCP)
• McAfee Drive Encryption (MDE)
• McAfee File and Removable Media Protection
(FRP)
• McAfee Management of Native Encryption (MNE)
• McAfee Product Improvement Program (not
explicit: removed as part of McAfee Agent removal)
• McAfee Stinger
• MOVE multiplatform deployment
• MVISION Endpoint
• MVISION Endpoint Detection and Response
(EDR)
• Policy Auditor (PA)
• Site Advisor Enterprise (SAE)
• Threat Intelligence Exchange Module for VSE
(TIEm)
• VirusScan Enterprise (VSE)
For multi-platform McAfee products, note that this tool is for Windows versions only. The tool can be deployed via ePO or 3
rd
party deployment tools or can be executed as a standalone application.
1.1 Warnings and liability
This software:
• Should be tested in a pilot environment before you attempt to deploy it to your users.
• Expires and ceases to function after a specified date. To find the expiration date, click the icon in the top left corner of the
tool, launch the About menu and the expiry date will be visible here.
• The tool expires so that customers are forced to update the EPR tool once a quarter to ensure the customer is running
with the latest EPR Tool service level that picks up new bug fixes or new functionality that the customer should be using.
• Endpoint Upgrade Automation will not execute on an endpoint on which the EPR tool has been executed until that
endpoint has been rebooted
• It is not recommended to remove McAfee Agent if there will be any other products remaining on the endpoint after it is
removed (applies to both products supported and not supported by the EPR tool)
• If running from the command line, it is recommended to use the command line parameters for each individual product to
be removed, instead of using the –ALL parameter.
• EPR may determine that McAfee Drive Encryption (MDE), McAfee Native Encryption (MNE) cannot be safely removed. In
this scenario, MA will also not be removed, as this could affect the operation of MDE or MNE.
• MDE will not be removed if it is active
• MNE will not be removed if Network Unlock is enabled