ESET CMD
This is a feature that enables advanced ecmd commands. You can export and import settings using the command line (ecmd.exe). Until now, it was possible to export and import settings using GUI only. ESET Endpoint Antivirus configuration can be exported to an .xml file.
When you have enabled ESET CMD, there are two authorization methods available:
- None—no authorization. We do not recommend you this method because it allows importation of any unsigned configuration, which is a potential risk.
- Advanced setup password—a password is required to import a configuration from an .xml file, this file must be signed (see signing .xml configuration file further down). The password specified in Access Setup must be provided before a new configuration can be imported. If you do not have access setup enabled, your password does not match or the .xml configuration file is not signed, the configuration will not be imported.
When ESET CMD is enabled, you can use the command line to import or export ESET Endpoint Antivirus configurations. You can do it manually or create a script for the purpose of automation.
To use advanced ecmd commands, you need to run them with administrator privileges, or open Windows Command Prompt (cmd) using Run as administrator. Otherwise, you will get Error executing command message. Also, when exporting configuration, destination folder must exist. The export command still works when the ESET CMD setting is switched off. |
Advanced ecmd commands can only be run locally. Pausing ecmd commands can only be ran via client task Run command using ESET PROTECT. |
Export settings command: |
Signing an .xml configuration file:
- Download the XmlSignTool executable.
- Open a Windows Command Prompt (cmd) using Run as administrator.
- Navigate to the save location of xmlsigntool.exe
- Execute a command to sign the .xml configuration file, usage: xmlsigntool /version 1|2 <xml_file_path>
The value of the /version parameter depends on your version of ESET Endpoint Antivirus. Use /version 2 for version 7 and later. |
- Enter and Re-enter your Advanced Setup Password when prompted by the XmlSignTool. Your .xml configuration file is now signed and can be used to import another instance of ESET Endpoint Antivirus with ESET CMD using the password authorization method.
Sign exported configuration file command: |
If your Access Setup password changes and you want to import a configuration that was signed earlier with an old password, you need to sign the .xml configuration file again using your current password. This enables you to use an older configuration file without exporting it to another machine running ESET Endpoint Antivirus before the import. |
Enabling ESET CMD without an authorization is not recommended, since this will allow the import of any unsigned configuration. Set the password in Advanced setup > User interface > Access setup to prevent from unauthorized modification by users. |
List of ecmd commands
Individual security features can be enabled and temporarily disabled with the ESET PROTECT Client Task Run command. The commands do not override policy settings and any paused settings will revert back to its original state after the command has executed or after a device reboot. To utilize this feature, specify the command line to run in the field of the same name.
Review the list of commands for each security feature below:
Security Feature |
Temporary Pause command |
Enable Command |
---|---|---|
Real-time file system protection |
ecmd /setfeature onaccess pause |
ecmd /setfeature onaccess enable |
Document protection |
ecmd /setfeature document pause |
ecmd /setfeature document enable |
Device control |
ecmd /setfeature devcontrol pause |
ecmd /setfeature devcontrol enable |
Presentation mode |
ecmd /setfeature presentation pause |
ecmd /setfeature presentation enable |
Anti-Stealth technology |
ecmd /setfeature antistealth pause |
ecmd /setfeature antistealth enable |
Personal firewall |
ecmd /setfeature firewall pause |
ecmd /setfeature firewall enable |
Network attack protection (IDS) |
ecmd /setfeature ids pause |
ecmd /setfeature ids enable |
Botnet protection |
ecmd /setfeature botnet pause |
ecmd /setfeature botnet enable |
Web Control |
ecmd /setfeature webcontrol pause |
ecmd /setfeature webcontrol enable |
Web access protection |
ecmd /setfeature webaccess pause |
ecmd /setfeature webaccess enable |
Email client protection |
ecmd /setfeature email pause |
ecmd /setfeature email enable |
Antispam protection |
ecmd /setfeature antispam pause |
ecmd /setfeature antispam enable |
Anti-Phishing protection |
ecmd /setfeature antiphishing pause |
ecmd /setfeature antiphishing enable |