Emsisoft Commandline Scanner

Command-line malware scanner that can detects and remove viruses, trojans, worms, bots, spyware, adware and tracking cookies, relying on the same powerful engine of.

  • Emsisoft Commandline Scanner
  • Version:
  • License :Trial
  • OS:Windows All
  • Publisher:Emsisoft GmbH

Emsisoft Commandline Scanner for Windows 32 bit Download Now

Emsisoft Commandline Scanner for Windows 64 bit Download Now

Emsisoft Commandline Scanner Description

Emsisoft Commandline Scanner is a part of the Emsisoft Anti-Malware package, but it can also be downloaded as self-contained package on the download page.

Emsisoft Commandline Scanner is also a part of Emsisoft Anti-Malware or Emsisoft Emergency Kit.


Open the Windows prompt (Start – Run – cmd.exe) and browse the folder that contains a2cmd.exe. Start the Commandline Scanner as follows – a2cmd.exe

Available parameters – Scan parameters (can be combined):

/f=[path], /files=[path]

Scans a disk, a folder or a single file for malware infections. Folder paths with spaces have to be put in quotation marks.

Example: a2cmd /f=”c:\windows\”

/m, /memory

Scans all active programs.

/t, /traces

Scans the registry an the file/folder structures on a hard disk for spyware traces.

/c, /cookies

Scans all cookies for TrackingCookies. Supported browsers: MS Internet Explorer, Mozilla Firefox


Abbreviation for running a quick system check. Scans all active programs, spyware traces (registry, files) and TrackingCookies.


Abbreviation for running a scan of the most important system parts. Scans as well the windows an program files folders additionally to the quick scan.


Abbreviation for running a complete system scan. Scans all files on all hard disks thoroughly.

Scan options parameters (for precise adjustment of the scan parameters):

/h, /heuristic

Uses heuristic methods for identifying new malware during the scan.

/r, /riskware

Also reports riskware, that is benign software which is often installed by malware as helpful tools.

/a, /archive

Scans also within archive files such as ZIP, RAR, CAB, and self-extracting archives.

/n, /ntfs

Scans also hidden data flows in NTFS disks.

/l=[path], /log=[path]

Saves a scan log to the specified file. The text-based log is saved in Unicode format.

Example: a2cmd /deep /log=”c:\scans\scan.log”

/la=[path], /logansi=[path]

Same as the /l bzw /log parameter, but the log is saved in ANSI Format (for Windows 9x systems).

/x=[list], /ext=[list]

Scans only files with the specified extensions.

Example: a2cmd /f=”c:\windows\” /x=”exe, com, scr, bat”

/xe=[list], /extexclude=[list]

Scans all files except those with the specified extensions.

Example: a2cmd /deep /xe=”avi, bmp, mp3″

/wl=[path], /whitelist=[path]

Uses the specified whitelist file for excluding certain files, folders or malware names in the scan. Whitelist files must be text files where each line is one of the items to be excluded.

Example: a2cmd /f=”c:\” /wl=”c:\whitelist.txt”

/d, /delete

Deletes all detected malware objects at once during the scan. Also deletes reference to the found file, e.g. autorun entries in the registry.

/dq, /deletequick

Deletes all detected malware objects at once during the scan. Only the found file itself is deleted. Quicker than /d or /delete.

/q=[folder], /quarantine=[folder]

Put detected malware in quarantine at once during the scan. The quarantine folder can be specified. Detected objects are saved and encrypted there so that they cannot do any more harm.

Parameters for the treatment of malware (can be used alone):

/ql, /quarantinelist

Lists all objects that are under quarantine. The consecutive number at the beginning of each line can be used for deleting or restoring (zero-based index).

/qr=[n], /quarantinerestore=[n]

Restores an object under quarantine with the specified index number. If no number is specified, all objects are restored.

Example: a2cmd /qr=0

/qd=[n], /quarantinedelete=[n]

Deletes an object under quarantine with the specified index number.

General parameters:

/s, /service

Always has to be used in combination with a scan parameter. Defines if the Anti-Malware service is to be used for scanning.

Background: When running many short scans loading the scan engine new at each start of a2cmd is inefficient. Using the /s or /service parameter makes the Anti-Malware service load the engine and keep it loaded for later scans. If the service is not yet started or installed it gets installed and started when the service parameter is run for the first time.

/u, /update

Must be used alone. Runs an online update of all program components and signatures. If a2cmd is used as a part of Emsisoft Anti-Malware, only the update function of Emsisoft Anti-Malware should be used.

/?, /help

Must be used alone. Shows an overview of all available parameters.

Result codes:

0 – No infections were found

1 – Infections were found

Limitations in the unregistered version

  • 30-day trial

Leave a Reply

Your email address will not be published. Required fields are marked *