Add WinXP and Vista to start kill function

Now a lot of malignant virus need to use special kill tool for killing, but some virus will automatically prohibit kill tool to run. For these stubborn viruses, we often have to use other systems (such as DOS or PE) to the killing. In fact, the Killing tool is a batch file that deletes virus files, and it's not difficult to understand and write. This article takes everybody to understand deeply and writes specially kills the tool, when the system starts can go directly to the antivirus menu, specially kills the virus.
One, for Windows XP system users

For this type of system users, we can use Vfloppy and other virtual floppy software for Windows XP to add a DOS antivirus system, and then with the help of DOS automatic batch file (Autoexec.bat) can easily remove the virus. This is an example of automatic removal of the machine dog virus.

The first step: to the Internet to find machine dog virus information, according to the characteristics of the virus to produce batch files or directly download the user made a good batch of documents. For example, a robot dog virus can be killed to http://hi.baidu.com/%D0%C2%C9%FA%BA%DA%BF%CD/blog/item/4274eef44b0645ea7709d7ec.html to obtain a special kill batch file.

The second step: Start Notepad, enter the following code, save as Kill.bat, placed in the D-Packing directory (REM statement is a note, no input).
Rem removes hidden, read-only, and system properties of virus files

Attrib-h-r-s C:\WINDOWS\IGM.exe

REM Deletes the specified virus file

Del C:\WINDOWS\IGM.exe

REM establishes a directory with the same name as the virus file at the source to prevent recurrence of the virus

MD C:\WINDOWS\IGM.exe

&NBSP
Note: For the sake of convenience, just delete one of the virus files in the batch C:\WINDOWS\IGM.exe as an example, the command to delete other virus files is added in the following format.
 
Step three: Download vfloppy, download after decompression run Vfloppy.exe, image file Select Extract directory under the "bookdisk.img" file, display text as "DOS automatic antivirus", other take the default settings, and finally click "Apply", The program prompts the boot image file to succeed, do not choose to reboot and exit Vfloppy at this time.
 
Step Fourth: Now modify the batch file in Bootdisk.img to enable antivirus. Download WinImage to Http://winimage.com/winima70g.exe. After you run winimage, click file → open, open C:\boot\bootdisk.img, and then select AUTOEXEC in the file list. BAT ", right-click it and select" Expand "to release Autoexec.bat to D:\.
 
Step Fifth: Open D:\autoexec.bat with Notepad to find "echo the diagnostic tools were successfully loaded to drive%ramd%." This line, and then in "Echo." Add the following line: Call D:\kill.bat
 
Prompt: The function of the above command is to invoke the prepared batch file Kill.bat automatically remove the virus after the DOS is fully booted.
&NBSP
Sixth: Run WinImage again to open C:\boot\bootdisk.img, click image → Add, add the modified Autoexec.bat file as prompted, and when the program prompts to overwrite, click Yes, Then save the bootdisk.img and exit the program. By modifying the Autoexec.bat, the purpose of automatically invoking a specially killed batch file to delete a virus after booting to DOS is realized. If you encounter other viruses next time, just modify the code in D:\kill.bat to realize the new kill function.
Second, Windows Vista system users
 
Because Windows Vista uses NTFS partitions and is inaccessible under DOS, we cannot use the above method to implement automatic antivirus. However, we can also use Windows PE2.0 (hereinafter referred to as PE) to achieve automatic killPoison.
 
First step: Create a Kill batch file and save it as D:\kill.bat, because the command line under WINDOWS supports more parameters, our code changes are as follows:
Attrib-h-r-s C:\WINDOWS\IGM.exe

REM No need to confirm delete virus files directly

DEL/F/Q/S C:\WINDOWS\IGM.exe

MD C:\WINDOWS\IGM.exe

Automatic restart after REM finish

Shutdown-r

Step two: Download PE. Extract an ISO file, and then use WinRAR to extract all the files to D:\PE.

The third step: Download Wimtool, the download to the Wimtool decompression, as an administrator running the "Wimtool Run library. exe", and then run as an administrator Wimtool, click "Browse", select the Wim file to untie d:\ Pe\sources\boot.wim, select the destination folder you want to untie d:\PE1 (d to be an NTFS partition). Shang all options under the volume number, click Mount Image.
Fourth step: The system will automatically mount the Boot.wim file, use Notepad to open the "D:\pe\windows\system32\peshell.ini" file, the [AutoRun] field at the end of the add the following code, The code means that the kill.bat automatically deletes the poisoned file after the PE shell is loaded and automatically runs.
1=d:\kill.bat

&NBSP
Fifth: When you are done, return to the Wimtool window, click Unload image, and when the program prompts you to save the change image, click Yes to save the changed Boot.wim file.
 
Step sixth: Download EASYBCD. After running EASYBCD, switch to "Add/remove Entries", Switch to "WinPE" under "Add a Entry", enter D:\pe\sources\boot.wim in the path path, click "Add Entry", Then follow the prompts to insert the Vista installation disc to copy the file.
 
Seventh step: After the above operation, if you want to antivirus later, reboot after the Boot multiple boot menu select "NST winPE Image" can be. When the antivirus is complete, it automatically restarts.
 
Tip: For Windows XP single system users, if the system partition is formatted with NTFS. We can also install PE to the NTFS partition to kill the virus. Download all the PE files to C:\, ditto use Wimtool edit C:\souces\boot.wim. Then open the C disk, change the XP startup file Ntldr to WinXP, and change the C:\bootmgr (the file released from PE) to NTLDR. Finally, open "C:\Boot.ini" to add "c:\winxp=" "Windows XP" (excluding double quotes) after the text. After this reboot, select "Windows Setup [EMS Enabled]" to enter the PE automatic antivirus