Jump to content

ecls.exe scan not cleaning Trojans


Recommended Posts


Recently I have scanned our Windows 10 company computers via ecls.exe command line as a silent script using version 7.3.2041.0 and parameters:

Command line: /boots /memory /auto /log-file=C:\X\ESET_Scan-29-10-2020.txt 

Inside a log of a certain computer:

Scan completed at: Fri Oct 30 01:31:10 2020
Scan time:         25160 sec (6:59:20)
Total:             files - 1507685, objects 13890882
Detected:          files - 20, objects 437
Cleaned:           files - 0, objects 0

Numerous files have been detected but not one of them cleaned. 

One of the detections:

name="D:\genericfolderName_malikadv.tar.gz » GZIP » backup-8.6.2019_12-23-42_malikadv.tar » TAR » backup-8.6.2019_12-23-42_malikadv/homedir/public_html/wp-admin/includes/ajax-upgrader-skin.php", result="PHP/WebShell.NHP trojan", action="unable to clean", info=""

When only this single archive was scanned manually (right click->Scan with ESET Endpoint Antivirus), ESET cleans and deletes the file at once.

Is this normal behaviour of ESET on-demand scanner? ESET was deployed with Always Remedy Detection (cleaning mode).

Thank you for assistance in advance,


Best regards,



Edited by Alen
Link to comment
Share on other sites

  • Administrators

Please run ecls.exe with the following parameter set to standard (using strinct, rigorous or delete would delete whole archives that contain a detected file):

/clean-mode=MODE         use cleaning MODE for infected objects.
                                  Available options: none (default), standard, strict, rigorous, delete

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...