a-squared Commandline Scanner

For system administrators, security experts, and experienced commandline users. Check your system for malware infection with the a-squared Commandline Scanner. It includes all functions of the Anti-Malware scanner and both the top scan engines (a-squared Anti-Malware and Ikarus Antivirus).

The a-squared Commandline Scanner is a part of a-squared Anti-Malware and a-squared Free products, but it can also be downloaded as self-contained package on the download page.

Start

Open the Windows prompt (Start - Run - cmd.exe) and browse the folder that contains a2cmd.exe.

Example:
cd "c:\program files\a-squared Anti-Malware\"

Start the a-squared Commandline Scanner as follows:
a2cmd.exe

An overview of all available starting parameters is listed.

Available parameters

Scan parameters (can be combined):

• /f=[path], /files=[path]
  Scans a disk, a folder or a single file for malware infections. Folder paths with spaces have to be put in quotation marks.
  Example: a2cmd /f="c:\windows\"
• /m, /memory
  Scans all active programs.
• /t, /traces
  Scans the registry an the file/folder structures on a hard disk for spyware traces.
• /c, /cookies
  Scans all cookies for TrackingCookies. Supported browsers: MS Internet Explorer, Mozilla Firefox
• /quick
  Abbreviation for running a quick system check. Scans all active programs, spyware traces (registry, files) and TrackingCookies.
• /smart
  Abbreviation for running a scan of the most important system parts. Scans as well the windows an program files folders additionally to the quick scan.
• /deep
  Abbreviation for running a complete system scan. Scans all files on all hard disks thoroughly.

Scan options parameters (for precise adjustment of the scan parameters):

• /h, /heuristic
  Uses heuristic methods for identifying new malware during the scan.
• /r, /riskware
  Also reports riskware, that is benign software which is often installed by malware as helpful tools.
• /a, /archive
  Scans also within archive files such as ZIP, RAR, CAB, and self-extracting archives.
• /n, /ntfs
  Scans also hidden data flows in NTFS disks.
• /l=[path], /log=[path]
  Saves a scan log to the specified file. The text-based log is saved in Unicode format.
  Example: a2cmd /deep /log="c:\scans\scan.log"
• /la=[path], /logansi=[path]
  Same as the /l bzw /log parameter, but the log is saved in ANSI Format (for Windows 9x systems).
• /x=[list], /ext=[list]
  Scans only files with the specified extensions.
  Example: a2cmd /f="c:\windows\" /x="exe, com, scr, bat"
• /xe=[list], /extexclude=[list]
  Scans all files except those with the specified extensions.
  Example: a2cmd /deep /xe="avi, bmp, mp3"
• /wl=[path], /whitelist=[path]
  Uses the specified whitelist file for excluding certain files, folders or malware names in the scan. Whitelist files must be text files where each line is one of the items to be excluded.
  Example: a2cmd /f="c:\" /wl="c:\whitelist.txt"
• /d, /delete
  Deletes all detected malware objects at once during the scan. Also deletes reference to the found file, e.g. autorun entries in the registry.
• /dq, /deletequick
  Deletes all detected malware objects at once during the scan. Only the found file itself is deleted. Quicker than /d or /delete.
• /q=[folder], /quarantine=[folder]
  Put detected malware in quarantine at once during the scan. The quarantine folder can be specified. Detected objects are saved and encrypted there so that they cannot do any more harm.

Parameters for the treatment of malware (can be used alone):

• /ql, /quarantinelist
  Lists all objects that are under quarantine. The consecutive number at the beginning of each line can be used for deleting or restoring (zero-based index).
• /qr=[n], /quarantinerestore=[n]
  Restores an object under quarantine with the specified index number. If no number is specified, all objects are restored.
  Example: a2cmd /qr=0
• /qd=[n], /quarantinedelete=[n]
  Deletes an object under quarantine with the specified index number.