ESET Online Help

Search English
Select the topic

ESET CMD

This is a feature that enables advanced ecmd commands. It allows you to export and import settings using the command line (ecmd.exe). Until now, it was possible to export and import settings using GUI only. ESET Endpoint Antivirus configuration can be exported to an .xml file.

When you have enabled ESET CMD, there are two authorization methods available:

  • None – no authorization. We do not recommend you this method because it allows importation of any unsigned configuration, which is a potential risk.
  • Advanced setup password – a password is required to import a configuration from an .xml file, this file must be signed (see signing .xml configuration file further down). The password specified in Access Setup must be provided before a new configuration can be imported. If you do not have access setup enabled, your password does not match or the .xml configuration file is not signed, the configuration will not be imported.

Once ESET CMD is enabled, you can use the command line to import or export ESET Endpoint Antivirus configurations. You can do it manually or create a script for the purpose of automation.


important

To use advanced ecmd commands, you need to run them with administrator privileges, or open Windows Command Prompt (cmd) using Run as administrator. Otherwise, you will get Error executing command message. Also, when exporting configuration, destination folder must exist. The export command still works when the ESET CMD setting is switched off.


note

Advanced ecmd commands can only be run locally. Pausing ecmd commands can only be ran via client task Run command using ESET PROTECT.


example

Export settings command:
ecmd /getcfg c:\config\settings.xml

 
Import settings command:
ecmd /setcfg c:\config\settings.xml

Signing an .xml configuration file:

  1. Download the XmlSignTool executable.
  2. Open a Windows Command Prompt (cmd) using Run as administrator.
  3. Navigate to the save location of xmlsigntool.exe
  4. Execute a command to sign the .xml configuration file, usage: xmlsigntool /version 1|2 <xml_file_path>

important

The value of the /version parameter depends on your version of ESET Endpoint Antivirus. Use /version 2 for version 7 and newer.

  1. Enter and Re-enter your Advanced Setup Password when prompted by the XmlSignTool. Your .xml configuration file is now signed and can be used to import another instance of ESET Endpoint Antivirus with ESET CMD using the password authorization method.

example

Sign exported configuration file command:
xmlsigntool /version 2 c:\config\settings.xml

ecmd_xmlsigntool


note

If your Access Setup password changes and you want to import a configuration that was signed earlier with an old password, you need to sign the .xml configuration file again using your current password. This allows you to use an older configuration file without exporting it to another machine running ESET Endpoint Antivirus before the import.

 


warning

Enabling ESET CMD without an authorization is not recommended, since this will allow the import of any unsigned configuration. Set the password in Advanced setup > User interface > Access setup to prevent from unauthorized modification by users.

 

List of ecmd commands

Individual security features can be enabled and temporarily disabled with the ESET PROTECT Client Task Run command. The commands do not override policy settings and any paused settings will revert back to its original state after the command has executed or after a device reboot. To utilize this feature, specify the command line to run in the field of the same name.

Review the list of commands for each security feature below:

Security Feature

Temporary Pause command

Enable Command

Real-time file system protection

ecmd /setfeature onaccess pause

ecmd /setfeature onaccess enable

Document protection

ecmd /setfeature document pause

ecmd /setfeature document enable

Device control

ecmd /setfeature devcontrol pause

ecmd /setfeature devcontrol enable

Presentation mode

ecmd /setfeature presentation pause

ecmd /setfeature presentation enable

Anti-Stealth technology

ecmd /setfeature antistealth pause

ecmd /setfeature antistealth enable

Personal firewall

ecmd /setfeature firewall pause

ecmd /setfeature firewall enable

Network attack protection (IDS)

ecmd /setfeature ids pause

ecmd /setfeature ids enable

Botnet protection

ecmd /setfeature botnet pause

ecmd /setfeature botnet enable

Web Control

ecmd /setfeature webcontrol pause

ecmd /setfeature webcontrol enable

Web access protection

ecmd /setfeature webaccess pause

ecmd /setfeature webaccess enable

Email client protection

ecmd /setfeature email pause

ecmd /setfeature email enable

Antispam protection

ecmd /setfeature antispam pause

ecmd /setfeature antispam enable

Anti-Phishing protection

ecmd /setfeature antiphishing pause

ecmd /setfeature antiphishing enable