Emsisoft Commandline Scanner 5.1.0.4

Emsisoft Commandline Scanner is a part of the Emsisoft Anti-Malware package, but it can also be downloaded as self-contained package on the download page.

Emsisoft Commandline Scanner is also a part of Emsisoft Anti-Malware or Emsisoft Emergency Kit.


NOTE: The Commandline Scanner is free for private use.  For commercial use, license can be purchased here for less than 5$ (DISCOUNT).

Start
Open the Windows prompt (Start - Run - cmd.exe) and browse the folder that contains a2cmd.exe. Start the Commandline Scanner as follows - a2cmd.exe

Available parameters - Scan parameters (can be combined):
/f=[path], /files=[path]
Scans a disk, a folder or a single file for malware infections. Folder paths with spaces have to be put in quotation marks.
Example: a2cmd /f="c:\windows\"
/m, /memory
Scans all active programs.
/t, /traces
Scans the registry an the file/folder structures on a hard disk for spyware traces.
/c, /cookies
Scans all cookies for TrackingCookies. Supported browsers: MS Internet Explorer, Mozilla Firefox
/quick
Abbreviation for running a quick system check. Scans all active programs, spyware traces (registry, files) and TrackingCookies.
/smart
Abbreviation for running a scan of the most important system parts. Scans as well the windows an program files folders additionally to the quick scan.
/deep
Abbreviation for running a complete system scan. Scans all files on all hard disks thoroughly.

Scan options parameters (for precise adjustment of the scan parameters):
/h, /heuristic
Uses heuristic methods for identifying new malware during the scan.
/r, /riskware
Also reports riskware, that is benign software which is often installed by malware as helpful tools.
/a, /archive
Scans also within archive files such as ZIP, RAR, CAB, and self-extracting archives.
/n, /ntfs
Scans also hidden data flows in NTFS disks.
/l=[path], /log=[path]
Saves a scan log to the specified file. The text-based log is saved in Unicode format.
Example: a2cmd /deep /log="c:\scans\scan.log"
/la=[path], /logansi=[path]
Same as the /l bzw /log parameter, but the log is saved in ANSI Format (for Windows 9x systems).
/x=[list], /ext=[list]
Scans only files with the specified extensions.
Example: a2cmd /f="c:\windows\" /x="exe, com, scr, bat"
/xe=[list], /extexclude=[list]
Scans all files except those with the specified extensions.
Example: a2cmd /deep /xe="avi, bmp, mp3"
/wl=[path], /whitelist=[path]
Uses the specified whitelist file for excluding certain files, folders or malware names in the scan. Whitelist files must be text files where each line is one of the items to be excluded.
Example: a2cmd /f="c:\" /wl="c:\whitelist.txt"
/d, /delete
Deletes all detected malware objects at once during the scan. Also deletes reference to the found file, e.g. autorun entries in the registry.
/dq, /deletequick
Deletes all detected malware objects at once during the scan. Only the found file itself is deleted. Quicker than /d or /delete.
/q=[folder], /quarantine=[folder]
Put detected malware in quarantine at once during the scan. The quarantine folder can be specified. Detected objects are saved and encrypted there so that they cannot do any more harm.

Parameters for the treatment of malware (can be used alone):
/ql, /quarantinelist
Lists all objects that are under quarantine. The consecutive number at the beginning of each line can be used for deleting or restoring (zero-based index).
/qr=[n], /quarantinerestore=[n]
Restores an object under quarantine with the specified index number. If no number is specified, all objects are restored.
Example: a2cmd /qr=0
/qd=[n], /quarantinedelete=[n]
Deletes an object under quarantine with the specified index number.

General parameters:
/s, /service
Always has to be used in combination with a scan parameter. Defines if the Anti-Malware service is to be used for scanning.
Background: When running many short scans loading the scan engine new at each start of a2cmd is inefficient. Using the /s or /service parameter makes the Anti-Malware service load the engine and keep it loaded for later scans. If the service is not yet started or installed it gets installed and started when the service parameter is run for the first time.
/u, /update
Must be used alone. Runs an online update of all program components and signatures. If a2cmd is used as a part of Emsisoft Anti-Malware, only the update function of Emsisoft Anti-Malware should be used.
/?, /help
Must be used alone. Shows an overview of all available parameters.

Result codes:
0 - No infections were found
1 - Infections were found

What's New in This Release: [ read full changelog ]

· Added file handle and buffer scan support.