[KB6382] Use ESET Command Line (ecmd.exe) to import/export security product configurations in ESET endpoint products (6.5 and later)


ESET business product in Limited Support status

This article applies to an ESET product version that is currently in Limited Support status and is scheduled to reach End of Life status soon.

For a complete list of supported products and support level definitions, review the ESET End of Life Policy for business products.

Upgrade ESET business products.


Use ESET Command Line (ecmd.exe) to import and export security product configurations and to change the status of individual security features. This can be helpful if you only need to pause certain security features for a short time and do not want to edit exisiting policies or create a new one just for this purpose. The advantage of this solution is that it is applied in real-time, unlike policies that may not be applied until after a device reboots.


Import/export ESET security product configuration with ecmd

ESET Command Line (ecmd) can be found in: c:\Program Files\ESET\

You can use these commands by running ecmd on a client workstation, or sending them from ESET Remote Administrator.

  • To export a configuration from your security product use command: 

ecmd /getcfg c:\config\settings.xml

  • To import a configuration into your security product use command: 

ecmd /setcfg c:\config\settings.xml


Enable ecmd advanced commands

To import a configuration, ecmd advanced commands must be enabled in your ESET security product and administrator privileges are required. For more information, review the ESET Endpoint Security Online Help guide.

  1. Open the main program window of your Windows ESET product.
  2. Press the F5 key to open Advanced Setup.
  3. Click Tools → ESET CMD and click the slider bar next to Enable advanced ecmd commands to enable it, and then click OK.

Figure 1-1


List of ecmd commands 

Individual security features can be enabled and temporarily disabled with the ERA Client Task Run command. The commands do not override policy settings and any paused settings will revert back to its original state after the command has executed or after a device reboot. To utilize this feature, specify the command line to run in the field of the same name.

Review the list of commands for each security feature below:

Security Feature Temporary Pause command Enable Command
Real-time file system protection ecmd /setfeature onaccess pause ecmd /setfeature onaccess enable
Document protection ecmd /setfeature document pause ecmd /setfeature document enable
Device control ecmd /setfeature devcontrol pause ecmd /setfeature devcontrol enable
Presentation mode ecmd /setfeature presentation pause ecmd /setfeature presentation enable
Anti-Stealth technology ecmd /setfeature antistealth pause ecmd /setfeature antistealth enable
Personal firewall ecmd /setfeature firewall pause ecmd /setfeature firewall enable
Network attack protection (IDS) ecmd /setfeature ids pause ecmd /setfeature ids enable
Botnet protection ecmd /setfeature botnet pause ecmd /setfeature botnet enable
Web Control ecmd /setfeature webcontrol pause ecmd /setfeature webcontrol enable
Web access protection ecmd /setfeature webaccess pause ecmd /setfeature webaccess enable
Email client protection ecmd /setfeature email pause ecmd /setfeature email enable
Antispam protection ecmd /setfeature antispam pause ecmd /setfeature antispam enable
Anti-Phishing protection ecmd /setfeature antiphishing pause ecmd /setfeature antiphishing enable