-
Notifications
You must be signed in to change notification settings - Fork 5
eset_cleanup.ps1
Performs a complete cleanup of ESET antivirus software from Windows systems.
Performs a complete cleanup of ESET antivirus software from Windows systems. This script removes services, processes, files, registry entries, and scheduled tasks left behind after ESET uninstallation. Useful when standard uninstall fails or leaves remnants that interfere with new AV deployment.
Performs a complete cleanup of ESET antivirus software from Windows systems. This script removes services, processes, files, registry entries, and scheduled tasks left behind after ESET uninstallation. Useful when standard uninstall fails or leaves remnants that interfere with new AV deployment.
- Windows PowerShell 5.1 or PowerShell 7+
- Administrator privileges (required)
- No modules required
No inputs required. All cleanup targets are predefined based on standard ESET installation paths and patterns.
- Service removal: All services matching ESET pattern
- Process termination: egui.exe and ekrn.exe (main ESET processes)
- Folder removal: Program Files, ProgramData, AppData (user and local)
- Registry cleanup: HKLM and HKCU software keys
- Task removal: All scheduled tasks matching ESET pattern
- Windows Services - Detect and remove ESET services
- Running Processes - Kill active ESET processes
- File System - Remove ESET installation directories
- Registry - Remove ESET configuration keys
- Task Scheduler - Remove ESET scheduled tasks
- Validates Administrator privileges (required for cleanup)
- Stops and removes all ESET services
- Terminates active ESET processes
- Removes ESET installation folders
- Removes ESET registry keys
- Removes ESET scheduled tasks
- Reports comprehensive cleanup status
- No secrets logged or displayed
- Requires elevation (will fail if not admin)
- Forcefully terminates processes (may lose unsaved ESET settings)
- Registry modifications are permanent
- Backup important data before running
- 0 - Success (ESET cleanup completed)
- 1 - Failure (error during cleanup or insufficient privileges)
[ SETUP ]
--------------------------------------------------------------
Script started : 2025-11-02 09:15:42
Administrator : Yes
[ SERVICE CLEANUP ]
--------------------------------------------------------------
Scanning for ESET services...
Services found : 3
Stopping ekrn...
Deleting ekrn...
Stopping ESET Service...
Deleting ESET Service...
Services removed : 3
[ PROCESS CLEANUP ]
--------------------------------------------------------------
Scanning for ESET processes...
Processes found : 2
Terminating egui.exe...
Terminating ekrn.exe...
Processes terminated : 2
[ FOLDER CLEANUP ]
--------------------------------------------------------------
Removing ESET directories...
Removed : C:\Program Files\ESET
Removed : C:\ProgramData\ESET
Skipped : C:\Users\Admin\AppData\Roaming\ESET (not found)
Folders removed : 2 of 4
[ REGISTRY CLEANUP ]
--------------------------------------------------------------
Removing ESET registry keys...
Removed : HKLM:\SOFTWARE\ESET
Removed : HKLM:\SOFTWARE\Wow6432Node\ESET
Skipped : HKCU:\SOFTWARE\ESET (not found)
Registry keys removed : 2 of 3
[ SCHEDULED TASK CLEANUP ]
--------------------------------------------------------------
Removing ESET scheduled tasks...
Tasks found : 1
Deleted : ESET NOD32 Update
Tasks removed : 1
[ FINAL STATUS ]
--------------------------------------------------------------
Services removed : 3
Processes terminated : 2
Folders removed : 2
Registry keys removed : 2
Scheduled tasks removed : 1
Cleanup status : Complete
[ SCRIPT COMPLETED ]
--------------------------------------------------------------
Script completed successfully
Exit code : 0
- v1.0.0 (2025-11-02) - Initial migration from SuperOps
- View Script Source
- Scripts - Back to script index