Swandog46's Public Anti-Malware Tools

• Overview
• What's New
• Documentation
• Script Tutorial
  • Script Overview
  • Command Reference
  • An In-Depth Example
• Download

The Avenger

Command Reference

How do I use it?

After the "Files to replace with dummy:" line is read in a script, all successive lines will be interpreted as full paths of files for The Avenger to replace with dummies.

When do I use it?

When there are malicious files that you want to remove, but that you do not want to delete outright. Usually this is because the operating system is loading the malware at boot, and outright deletion will cause a crash or an error in the boot process.

Alternatively, if you know how the malware is loading, you can go after the loading point instead (usually in the registry) and then afterwards delete the malware file outright with "Files to delete:".

Anything else I should know?

Yes, the same caveats as for "Files to delete:".

Any special notes on syntax?

• The "Files to replace with dummy:" command will interpret environmental variables (%systemdrive%, %windir%, etc.) correctly.

Example Usage

Command Reference

1. Comment:
2. Files to delete:
3. Files to replace with dummy:
4. Files to move:
5. Folders to delete:
6. Registry keys to delete:
7. Registry keys to replace with dummy:
8. Registry values to delete:
9. Registry values to replace with dummy:
10. Programs to launch on reboot:
11. Drivers to delete:
12. Drivers to disable: