How to Remove ESET Endpoint Security Without Management Portal Access
Removing ESET without management portal access can be painful when you inherit a client from another IT provider and the old ESET portal, uninstall password, or management access is no longer available. This commonly happens during MSP transitions, where a previous provider leaves behind ESET Endpoint Security and the ESET Management Agent, but the new IT provider has no access to the original management console. The good news is that ESET provides an official uninstaller tool for this scenario. The catch is that it must be run in Safe Mode, which means remote access and network preparation need to be handled carefully before you start. If your business is going through an IT provider changeover, proper managed IT services and structured IT support are important so old security tools are removed cleanly and replaced with the correct protection.Quick Summary
- Issue: ESET Endpoint Security is installed, but there is no management portal access or uninstall password
- Scenario: A client has been inherited from a previous MSP or IT provider
- Fix: Use ESET’s official uninstaller tool in Safe Mode
- Important: Remove ESET Endpoint Security first, then remove the ESET Management Agent
- Warning: Prepare remote access and networking before rebooting into Safe Mode
Direct Answer
If you need to remove ESET Endpoint Security but do not have access to the original management portal or uninstall password, use ESET’s official Uninstaller tool in Safe Mode with Networking. Remove ESET Endpoint Security first, then remove the ESET Management Agent. This is the most reliable method for removing ESET without portal access.
Why the Standard Uninstall Fails
ESET Endpoint Security includes tamper protection and uninstall password controls designed to prevent unauthorised removal. As a result, even local administrators may be unable to uninstall ESET through Programs and Features without the correct password.
This is why many MSPs and IT providers encounter issues when inheriting a customer from another provider. The software remains installed, but access to the original management portal is no longer available.
Before You Start
ESET Endpoint Security uses password-protected uninstall controls to prevent unauthorised removal. Even if you have local administrator rights, the standard uninstaller may still prompt for an uninstall password you do not have. The official ESET Uninstaller can remove ESET products without the uninstall password, but it must be run in Safe Mode. It will not complete the same way in normal Windows mode.Removal Order Matters
Remove the products in this order:- ESET Endpoint Security — remove this first
- ESET Management Agent — remove this second
What You Need
- Remote access to the target machine, such as an RMM agent, TeamViewer, AnyDesk, or similar
- An Ethernet cable connected directly to the machine
- Local administrator rights
- The official ESET Uninstaller tool
- Time to complete the process safely without interrupting the user
Step 1: Back Up Network Adapter Settings
The ESET Uninstaller can reset network adapter configuration. Before doing anything else, back up the current NIC settings. Run this in an elevated Command Prompt:netsh -c interface dump > C:\NetworkSettings_Backup.txtC:\NetworkSettings_Backup.txtnetsh -f C:\NetworkSettings_Backup.txtStep 2: Keep Remote Access Alive Through Safe Mode
By default, Windows Safe Mode only loads a minimal set of services. Most remote access tools do not automatically start unless they are explicitly registered for Safe Mode with Networking. If you skip this step during a remote removal, you may lose access to the machine after rebooting. If you have physical access or the customer can assist onsite, this step may not be required. However, for remote-only work, it is critical.Find the Remote Access Service Name
Run this in PowerShell:Get-Service | Select-Object Name, DisplayName | Sort-Object DisplayName- NinjaOne / NinjaRMM:
NinjaRMMAgent - TeamViewer:
TeamViewer - AnyDesk:
AnyDesk - ConnectWise Control / ScreenConnect:
ScreenConnect Client (...) - Datto RMM:
CagService
Register the Remote Access Service for Safe Mode
ReplaceYOUR_SERVICE_NAME with the actual service name:
reg add "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\YOUR_SERVICE_NAME" /ve /t REG_SZ /d "Service" /fStep 3: Boot into Safe Mode with Networking
Before continuing, make sure Ethernet is connected. Run this in an elevated Command Prompt:bcdedit /set "{default}" safeboot network
shutdown /r /t 60 /c "Rebooting into Safe Mode for ESET removal."Step 4: Download the ESET Uninstaller Tool
Once the device is in Safe Mode with Networking, download the official ESET Uninstaller. Run this in elevated PowerShell:New-Item -ItemType Directory -Force -Path C:\Temp
Invoke-WebRequest `
-Uri "https://download.eset.com/com/eset/tools/installers/eset_apps_remover/latest/uninstaller.exe" `
-OutFile "C:\Temp\ESETUninstaller.exe"Step 5: Remove ESET Endpoint Security First
Run the ESET Uninstaller with the/force flag:
cd C:\Temp
ESETUninstaller.exe /force~ESETUninstaller.logStep 6: Remove the ESET Management Agent Second
After Endpoint Security has been removed, run the uninstaller again to remove the ESET Management Agent:cd C:\Temp
ESETUninstaller.exe /forceESETUninstaller.exeStep 7: Restore Normal Boot
This step is critical. The Safe Mode boot flag will remain active until you remove it. If you skip this, the machine will keep rebooting into Safe Mode. Run this while still connected in Safe Mode:bcdedit /deletevalue "{default}" safebootnetsh -f C:\NetworkSettings_Backup.txtshutdown /r /t 60 /c "Rebooting to Normal Mode. ESET removal complete."Step 8: Verify and Deploy Replacement Endpoint Security
After the machine returns to normal mode, verify that:- ESET Endpoint Security is removed
- ESET Management Agent is removed
- Network connectivity is working
- Remote access is still functional
- The replacement endpoint security platform is ready to deploy
Important Caveats
BitLocker
If BitLocker is enabled, changing boot configuration may trigger a BitLocker recovery prompt on reboot. Suspend BitLocker before setting Safe Mode:manage-bde -protectors -disable C:manage-bde -protectors -enable C: