User guide
111
/sfx
scan self-extracting archives (default)
/no-sfx
do not scan self-extracting archives
/rtp
scan runtime packers (default)
/no-rtp
do not scan runtime packers
/unsafe
scan for potentially unsafe applications
/no-unsafe
do not scan for potentially unsafe applications (default)
/unwanted
scan for potentially unwanted applications
/no-unwanted
do not scan for potentially unwanted applications (default)
/suspicious
scan for suspicious applications (default)
/no-suspicious
do not scan for suspicious applications
/pattern
use signatures (default)
/no-pattern
do not use signatures
/heur
enable heuristics (default)
/no-heur
disable heuristics
/adv-heur
enable Advanced heuristics (default)
/no-adv-heur
disable Advanced heuristics
/ext=EXTENSIONS
scan only EXTENSIONS delimited by colon
/ext-exclude=EXTENSIONS
exclude EXTENSIONS delimited by colon from scanning
/clean-mode=MODE
use cleaning MODE for infected objects
The following options are available:
none – No automatic cleaning will occur.
standard (default) – ecls.exe will attempt to automatically clean or delete infected files.
strict – ecls.exe will attempt to automatically clean or delete infected files without user
intervention (you will not be prompted before files are deleted).
rigorous – ecls.exe will delete files without attempting to clean regardless of what the file is.
delete – ecls.exe will delete files without attempting to clean, but will refrain from deleting
sensitive files such as Windows system files.
/quarantine
copy infected files (if cleaned) to Quarantine
(supplements the action carried out while cleaning)
/no-quarantine
do not copy infected files to Quarantine
General options
/help
show help and quit
/version
show version information and quit
/preserve-time
preserve last access timestamp
Exit codes
0
no threat found
1
threat found and cleaned
10
some files could not be scanned (may be threats)
50
threat found
100
error
NOTE: Exit codes greater than 100 mean that the file was not scanned and thus can be infected.