ecls.exe v4 : "/action=" option removed ?

I'm currently test driving a bunch of download managers.
I'm setting up the command line switches/parameters/options like this :

But the "/action=prompt" option seems to crash the CLS. The CMD-window flashes by in split second. When I remove "/action=prompt", I can see the scanner doing its job. But not the result because the window closes immediately after the scan is completed

So I compared v3 and v4 switches and parameters, and "/action" scanner option was removed in v4.
ESET Command Line Scanner Parameters (ecls.exe) (3.0)
ESET Command Line Scanner Parameters (ecls.exe) (4.0)

1) Why was "/action=" removed ?
2) Is there an alternative for "/action=" ?
3) Is there a way to leave the CMD-window open, after the scan, so that I can see the end result ?

At the top of the CMD-window, the first line is "WARNING! The scanner was run in the account of a limited user!"
I tried with the Administrator account, but that obviously failed because there is no password :

4) Is there a way (without a small utility program to elevate the user) ?

 

Am I the only human being using the command line scanner ?

I'm also prepared to listen to (possibly incognito) aliens hanging around here.
You may encounter me speaking in Dutch, English, or German. Any other language will be a conversation killer.

 

Use the /cleanmode= switch instead. For more details, refer to the help displayed after running ecls --help.

 

Before I opened this thread :

I had already looked at the output of ecls with

I had also already looked online at the ecls parameters for v3 and v4.

I'm writing some scripts for v4, and wanted to use v3's "/action=prompt" parameter as I did before.

The "/clean-mode=MODE" of v4, which you suggested, has no prompt action. It looks like prompting has been completely removed from ecls.exe v4.

But let's call it a day, and leave things as they are. I can't use parameters which aren't there to begin with.

Thanks either way.

NOD32 v3 :

/action=ACTION
performs the specified actions when an infected object is detected. Available actions are none, clean and prompt

/clean-mode=MODE
Wasn't there yet.

NOD32 v4 :

/action=ACTION
looks like it's gone.

/clean-mode=MODE
use cleaning MODE for infected objects. Available options: none, standard (default), strict, rigorous, delete

 

Insufficient information in the help file!!!
What mean "supplements action" in quarantine switch? Or what differences exist between none, standard, strict, rigorous and delete modes?
And if files are quarantined, how restore them?

 

The quarantine is a supplement action, it is only possible to quarantine a file if it was previously cleaned.

In standard mode, the whole archive would be deleted, where all the files it contains are infected files. In strict cleaning mode, the archive would be deleted if it contains at least one infected file, regardless of the status of the other files in the archive.

Rigourous means that infected will be always deleted, even if it's an actual file infected with a virus. So basically using this option may cause system instability if infected crucial system files are deleted.

Here's how to restore a quarantined file:

http://kb.eset.com/esetkb/index?page=content&id=SOLN2143

Hope this helps.

 

Good answer tony
so, are you saying the ECLS's quarantine folder is located by default in "all users\%AppData%\eset\eset nod32 antivirus\charon" folder?