Alen 0 Posted November 6, 2020 Share Posted November 6, 2020 (edited) Hello, Recently I have scanned our Windows 10 company computers via ecls.exe command line as a silent script using version 7.3.2041.0 and parameters: Command line: /boots /memory /auto /log-file=C:\X\ESET_Scan-29-10-2020.txt Inside a log of a certain computer: Scan completed at: Fri Oct 30 01:31:10 2020 Scan time: 25160 sec (6:59:20) Total: files - 1507685, objects 13890882 Detected: files - 20, objects 437 Cleaned: files - 0, objects 0 Numerous files have been detected but not one of them cleaned. One of the detections: name="D:\genericfolderName_malikadv.tar.gz » GZIP » backup-8.6.2019_12-23-42_malikadv.tar » TAR » backup-8.6.2019_12-23-42_malikadv/homedir/public_html/wp-admin/includes/ajax-upgrader-skin.php", result="PHP/WebShell.NHP trojan", action="unable to clean", info="" When only this single archive was scanned manually (right click->Scan with ESET Endpoint Antivirus), ESET cleans and deletes the file at once. Is this normal behaviour of ESET on-demand scanner? ESET was deployed with Always Remedy Detection (cleaning mode). Thank you for assistance in advance, Best regards, Alen Edited November 6, 2020 by Alen Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted November 6, 2020 Administrators Share Posted November 6, 2020 Please run ecls.exe with the following parameter set to standard (using strinct, rigorous or delete would delete whole archives that contain a detected file): /clean-mode=MODE use cleaning MODE for infected objects. Available options: none (default), standard, strict, rigorous, delete Link to comment Share on other sites More sharing options...
Alen 0 Posted November 8, 2020 Author Share Posted November 8, 2020 Hi Marcos, Thank you for suggestion. I will try this command line switch. Best regards, Alen Link to comment Share on other sites More sharing options...
Recommended Posts