mavenusa

EEK a2cmd different scan behaviour

Recommended Posts

I run a2cmd with the following two scans:

1) a2cmd.exe /rk /m /t /pup /a /ntfs /log=c:\scans\scan.log 

2) a2cmd.exe /log=c:\scans\scan.log 

Both scans do not find any malware.  I ran malwarebytes and it found 2 malware hits on this path

C:\Users\xxxxxxxxxx\Documents\90611CF802D9CAA9AEE9742D8683F1B3508D58641B35E07074D8A24CB7327783

 

I did not delete or quarantine the malware. I then run a2cmd with the following flags:

a2cmd.exe /f=C:\Users\xxxxxxxxxx\Documents /log=c:\scans\scan.log

The great news is that a2cmd found (5) pieces of malware including the (2) malware hits found by malwarebytes.  The questions are:

 

1) why doesn't  a2cmd find the malware with my first two scans

2) is a regular a2cmd scan by default bypassing C:\users  profiles path

3) what options do I need to specify without hardcoding the C:\Users profile path in the command line parms so that a2cmd will by default scan the C:\Users path and ALL other directory paths when I run a a2cmd scan?

4) what other directory paths besides C:\Users is a2cmd bypassing by default or not scanning and why?

 

 

Thank you in advance.

 

 

Share this post


Link to post
Share on other sites

You need to specify either a type of scan (a2cmd.exe /malware or a2cmd.exe /deep) or specify a path to be scanned (such as C:\). With the commands you used, A2CMD won't scan the majority of the files on the drive.

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.