Installation (SetupEP) command-line options

Use these options with the standalone installation utility (SetupEP) to install the product from a command line.

Open a Command Prompt window, then run the SetupEP command using the appropriate command-line options.

Options are not case-sensitive.


setupEP.exe INSTALLDIR="D:\My Programs" /l"D:\My Log Files"

Installs the product files to a folder on drive D under My Programs and saves the installation log files to a folder under My Log Files.

Basic options

setupEP.exe ADDLOCAL="fw,tp,wc" [INSTALLDIR="install_path"][/qn][/qb][/qb!][/l*v"install_log_path"]

All options

setupEP.exe ADDLOCAL="fw,tp,wc" [/CAVA="<number of scanning threads>"] [INSTALLDIR="install_path"][/qn][/qb][/qb!][/l"install_log_path"][/l*v"install_log_path"] [/CAVA="number_of_scanning_threads"] [/import <file_name>] [/module <TP|FW|WC|ESP>] [/nopreservesettings] [/override"program_name"] [/policyname <name>] [/quarantinefolder="directory path"] [/unlock <password>]/CAVA="<number of scanning threads>"

Option Definition

Selects the product modules to install:

  • tpThreat Prevention
  • fwFirewall
  • wcWeb Control
  • fw,tp,wc — Install all three modules.

The shared Endpoint Security Platform (Common module) is also installed automatically when any product module is installed.



Installs Threat Prevention, Web Control, and Common.


ADDLOCAL="tp,fw,wc" CAVA="number_of_scanning_threads"

Installs Endpoint Security with support for the Common AntiVirus Agent (CAVA). Used with ADDLOCAL. Requires Threat Prevention.

Disables the blocking cache in the On-Access Scanner (OAS), increases the number of OAS scanning threads to 200, and enables network scanning, to ensure the OAS scans all files from CAVA. Optionally, you can specify a different number of scanning threads. See KB88973 for more information.

Note: When upgrading from a previous version of Endpoint Security with CAVA, you must use the CAVA command-line option. Otherwise, the installation removes CAVA from the upgraded system.

Specifies where to install the product files on the system.

The installation wizard creates an Endpoint folder at the specified location and installs the product to this folder.


INSTALLDIR="D:\Installed Programs"

Installs the product modules under D:\Installed Programs\Mcafee\Endpoint Security.

By default, product files are installed in the folder C:\Program Files\McAfee\Endpoint Security.

/log"install_log_path" or /l"install_log_path"


  • Specifies where to save the installation log files for tracking installation events.

    The installation wizard creates an Endpoint folder at the specified location and saves the log files to this folder.


    /l"D:\Log Files"

    Installs the product log files under D:\Log Files.

    By default, log files are saved in the Windows System TEMP folder C:\windows\Temp\McAfeeLogs.

  • *v — Specifies verbose (more descriptive) logging entries.

/qn or /quiet

/qb! or /passive


Specifies how the users can interact with the installation wizard:

  • qn — Hide all installation notifications (silent mode). Users have no interaction.
  • qb! — Show only a progress bar without a Cancel button. Users cannot cancel the installation while it is in progress (passive mode).
  • qb — Show only a progress bar with a Cancel button. Users can cancel the installation while it is in progress, if needed.
/import <file_name> Imports settings from the specified file.


/import mysettings

Imports settings from the file called mysettings.

/module <TP|FW|WC|ESP> Applies imported settings to the specified product modules.
  • TPThreat Prevention
  • FWFirewall
  • WCWeb Control
  • ESP — Resources shared by product modules.


/import mysettings /module TP FW

Imports settings from the file called mysettings to Threat Prevention and Firewall.

/nocontentupdate Does not automatically update product content files on the system as part of the installation process.

Content files include the latest AMCore, Exploit Prevention, and Adaptive Threat Protection content files required for Endpoint Security.

Caution: Update content files to ensure that the system is fully protected. If you don't update them during installation, schedule an update as soon as possible.
/nopreservesettings Does not save your product settings when upgrading to Endpoint Security.

By default, settings are preserved.

/override"program_name" Overrides and removes the specified conflicting products during installation.
/policyname <name>

Assigns the specified settings to systems where the product is installed.
/quarantinefolder="directory path" Specifies the location of the Quarantine folder where detected threats are placed. The folder path is limited to 190 characters.



Creates a Quarantine folder at D:\reports\Quarantine.

By default, the Quarantine folder is located in the folder <SYSTEM_DRIVE>\Quarantine.

/unlock <password>

Sets the password for unlocking the client UI.