How to create the win PE plug-in

Next, let's take a look at the construction of the. inf file in the plug-in.
This is an example of WinRAR. inf:
========================================================== ====================================
; WinRAR. inf
; PE builder V3 plug-in INF file for WinRAR v3.30
; Created by cybervyk
Http://www.nu2.nu/pebuilder/
[Version]
Signature = "& #36; Windows NT & #36 ;"
[Pebuilder]
Name = "WinRAR"
Enable = 1
Help = "winrar.htm"
[Winntdirectories]
A = programs/WinRAR, 2
B = programs/WinRAR/formats, 2
[Sourcedisksfiles]
Rarext. dll = A, 1
Rarnew. dat = A, 1
Rarreg. Key = A, 1
WinRAR. CNT = A, 1
Winrar.exe = A, 1
Zipnew. dat = A, 1
Default. SFX = A, 1
Dos. SFX = A, 1
Wincon. SFX = A, 1
Zip. SFX = A, 1
Rarfiles. lst = A, 1
Formats/ace. FMT = B, 1
Formats/ARJ. FMT = B, 1
Formats/bz2.fmt = B, 1
Formats/CAB. FMT = B, 1
Formats/GZ. FMT = B, 1
Formats/ISO. FMT = B, 1
Formats/lzh. FMT = B, 1
Formats/tar. FMT = B, 1
Formats/unacev2.dll = B, 1
Formats/UUE. FMT = B, 1
[Software. addreg]
0x1, "classes/. Ace", "WinRAR"
0x1, "classes/. ARJ", "WinRAR"
0x1, "classes/. BZ", "WinRAR"
0x1, "classes/. bz2", "WinRAR"
0x1, "classes/. Cab", "WinRAR"
0x1, "classes/. GZ", "WinRAR"
0x1, "classes/. ISO", "WinRAR"
0x1, "classes/. Jar", "WinRAR"
0x1, "classes/. LHA", "WinRAR"
0x1, "classes/. lzh", "WinRAR"
0x1, "classes/. rar", "WinRAR"
0x1, "classes/. rar/shellnew", "FILENAME", "% systemdrive %/programs/WinRAR/rarnew. dat"
0x1, "classes/. Rev", "WinRAR. Rev"
0x1, "classes/. tar", "WinRAR"
0x1, "classes/. TBZ", "WinRAR"
0x1, "classes/. tbz2", "WinRAR"
0x1, "classes/. tgz", "WinRAR"
0x1, "classes/. uu", "WinRAR"
0x1, "classes/. UUE", "WinRAR"
0x1, "classes/. XXE", "WinRAR"
0x1, "classes/. Zip", "WinRAR"
0x1, "classes/. Zip/shellnew", "FILENAME", "% systemdrive %/programs/WinRAR/zipnew. dat"
0x1, "classes/WinRAR", "WinRAR Archive"
0x1, "classes/WinRAR/defaulticon", "% systemdrive %/programs/WinRAR/winrar.exe, 0"
0x1, "classes/WinRAR/Shell/Open/command", "% systemdrive %/programs/WinRAR/winrar.exe % 1"
0x1, "classes/WinRAR. Rev", "RAR recovery volume"
0x1, "classes/WinRAR. Rev/defaulticon", "% systemdrive %/programs/WinRAR/winrar.exe, 1"
0x1, "classes/WinRAR. Rev/Shell/Open/command", "% systemdrive %/programs/WinRAR/winrar.exe % 1"
0x1, "classes/WinRAR. Zip/defaulticon", "% systemdrive %/programs/WinRAR/winrar.exe, 0"
0x1, "classes/WinRAR. Zip/Shell/Open/command", "% systemdrive %/programs/WinRAR/winrar.exe" "% 1
[Default. addreg]
0x0, "software/WinRAR/General/toolbar/layout"
0x1, "software/WinRAR/paths", "tempfolder", "% Temp %"
========================================================== ======================================
The description of INF is as follows:
[Version]
Signature = "& #36; Windows NT & #36 ;"
These two lines of information must be added to the new file, otherwise the INF file will not be available. [Version], you can add comments as needed (the row's first plus points ), save the added content. INF file, this plug-in obviously cannot do anything, we need to add other parts below.
[Pebuilder]
The inf file of each plug-in must contain this part, which has three parameters. "Name" is the plug-in name, that is, the name displayed in PE builder. "Enable" is the default initial status of the plug-in. 0 indicates that the plug-in is not activated in PE builder, and 1 indicates that the plug-in is activated by default in PE builder ." "Help" is the help file of this plug-in, which can be omitted.
Each line starting with a semicolon ";" is a comment or content that can be ignored and will not be executed.
[Winntdirectories] This part uses the fixed statement format: directoryid = dirname [, attribute]
Directoryid is the ID of the directory to be created, which can be represented by letters A to Z.
Dirname is the name of the directory to be created. If the directory name contains spaces, double quotation marks must be used before and after the directory name.
Attribute can generally use these values (1, 2, 3 ),
1-Indicates creating a directory under i386/, regardless of whether the directory is empty;
2-indicates that a directory is created under the root directory of the CD, but this directory is not created if it is empty;
3-create a directory under the root directory of the CD, regardless of whether the directory is empty;
If the preceding three values are not used, the default value is 0, indicating that a directory is created under i386/, but is not created if the directory is empty.
For example:
[Winntdirectories]
A = repair
Indicates creating a non-empty directory Repair Under i386;
B = com, 1
Indicates that a directory COM is always created under i386;
C = "programs/My Documents ents", 2
Indicates that a non-empty directory programs/My Documents ents is created under the root directory of the CD;
D = programs/WinRAR, 3
Indicates that a directory programs/WinRAR is always created under the root directory of the CD.
[Sourcedisksfiles] is used to copy files,
Format: filename = directoryid [, filenamerenamed] [, attribute]
Filename indicates the name of the file to be copied;
Directoryid indicates the ID of the target directory;
Filenamerenamed indicates the name of the target file, which can be omitted if it is the same as the source file;
Attribute can use these values (1, 2, 4). The default value is 0,
1 -- indicates that plugincheck () is used to check whether the file exists.
4 -- indicates that the file does not exist.
As for 2, you don't need to worry about it.
[Sourcedisksfolders] is used to copy the entire folder in the format of sourcepath = directoryid.
Sourcepath indicates the path of the source folder;
Directoryid indicates the ID of the target directory.
========================================================== ==========================================================
Introduction:
[Winntdirectories]
A = programs/WinRAR, 2
[Sourcedisksfiles]
Rar.exe = 2
Copy rar.exe to the i386/system32 directory;
Unrar.exe =
Copy unrar.exe to the programs/WinRAR directory;
C:/WinRAR/winrar.exe =
Copy C:/WinRAR/winrar.exe to the programs/WinRAR directory;
[Sourcedisksfolders]
C:/WinRAR =
Copy all files and folders under C:/WinRAR to the programs/WinRAR directory.
========================================================== ==========================================================
For example, copy the outlook plug-in file
[Sourcedisksfolders]
Files/system32 = 2, 1
Files/help = 2, 1
Files/Outlook Express = A, 1
Files/common files/system = B, 1
Files/common files/Microsoft shared/stationery = C, 1
Files/common files/services = D, 1

[Sourcedisksfiles]
Files/autorun_oe.cmd = 2, 1
Files/system. wab = E, 1
========================================================== ==========================================================
List common system directory IDs here
[Winntdirectories]
1 = "/"
2 = system32
3 = system32/config
4 = system32/Drivers
5 = System
7 = system32/RAS
9 = system32/spool
10 = system32/spool/Drivers
11 = system32/spool/Drivers/w32x86/3
12 = system32/spool/prtprocs
13 = system32/spool/prtprocs/w32x86
14 = system32/wins
15 = system32/DHCP
16 = repair
17 = system32/Drivers/etc
18 = system32/spool/Drivers/w32x86
19 = system32/Drivers/disdn
20 = inf
21 = Help
22 = Fonts
23 = config
24 = msagent/Intl
25 = cursors
26 = Media
27 = Java
28 = Java/classes
29 = Java/trustlib
30 = system32/shellext
31 = web
32 = system32/setup
33 = web/Printers
34 = system32/spool/Drivers/color
35 = system32/WBEM
36 = system32/WBEM/Repository
37 = addins
38 = "Connection Wizard"
39 = "Driver Cache/i386"
40 = Security
41 = Security/templates
42 = system32/NPP
43 = system32/IAS
44 = system32/dllcache
45 = temp
46 = web/Printers/Images
47 = system32/Export
48 = system32/WBEM/MOF/Good
49 = system32/WBEM/MOF/bad
50 = twain_32
51 = msapps/msinfo
52 = msagent
53 = msagent/chars
54 = Security/logs
55 = system32/icsxml
57 = system32/Mui
58 = % mui_primary_lang_id_dir %
59 = system32/Mui/dispspec
60 = apppatch
61 = debug
62 = debug/usermode
63 = system32/oobe
67 = help/tours
68 = resources/themes/Luna
69 = resources/themes/Luna/Shell/normalcolor
70 = system32/oobe/html/ispsgnup
71 = system32/oobe/html/mouse
72 = system32/oobe/html/oemcust
73 = system32/oobe/html/oemhw
74 = system32/oobe/html/oemreg
75 = system32/oobe/Images
76 = system32/oobe/setup
77 = system32/oobe/sample
78 = resources/themes/Luna/Shell/metallic
79 = resources/themes/Luna/Shell/Homestead
91 = help/tours/mmtour
92 = help/tours/htmltour
93 = provisioning/Schemas
100 = system32/1025
101 = system32/1028
102 = system32/1031
103 = system32/1033
104 = system32/1037
105 = system32/1041
106 = system32/1042
107 = system32/1054
108 = system32/2052
109 = system32/3076
110 = system32/WBEM/XML
111 = system32/usmt
112 = system32/inetsrv
123 = Mui
124 = winsxs
125 = winsxs/manifests
126 = winsxs/installtemp
127 = ime
129 = resources/themes
130 = ime
132 = IME/imejp
133 = system32/IME/pintlgnt
134 = system32/IME/cintlgnt
135 = system32/IME/tintlgnt
136 = IME/chtime/applets
137 = IME/imejp98
138 = IME/imejp/applets
139 = pchealth/helpctr/Binaries
180 = system32/3com_dmi
181 = peernet
239 = system32/WBEM/logs
240 = EHOME
========================================================== ==========================================================
[Default. addreg]-corresponding to hkcr/. Default
[Software. addreg]-corresponding to HKLM/System
[Setup. addreg]-corresponding to HKLM/software
The three items are used to add the corresponding Registry content in the format of regtype, regkey, regvalue, and regdata.
The value of regtype and its meaning are as follows:
0x0 --- reg_none
0x1 --- REG_SZ
0x2 --- reg_expand_sz
0x3 --- REG_BINARY
0x4 --- REG_DWORD
0x7 --- reg_multi_sz
========================================================== ==========================================================
For example:
[Software. addreg]
0x1, "Microsoft/Windows NT/CurrentVersion/fonts", "tahoma (TrueType)", "tahoma. TTF"
0x2, "Control Panel/desktop", "Wallpaper", "% SystemRoot %/system32/nu2.bmp"
0x3, "controlset001/control/timezoneinformation", "daylightstart ",/

0x4, "controlset001/control/graphicsdrivers/DCI", "timeout", 0x7
0x7, "controlset001/services/vgasave/device0", "installeddisplaydrivers", "VGA", "framebuf", "vga256", "vga64k"
========================================================== ==========================================================
Here is the key value for adding the relevant registry. This is the most complex step. If it is a green software, we can simplify this process. We need to monitor the Registry during software installation, and extract the key values in the corresponding registry after installation. In this process, we can use Install watch pro and convreg to INF to help us complete this work. Install watch pro can monitor the Registry during the installation process and then extract the registry, at the same time, use convreg to INF to convert the reg file to the INF file recognized by PE, which can greatly reduce our workload.
[Software. delreg] and [Default. delreg]
These two items are related to the deletion of the registry key value. The format is regkey [. regvalue].
[Addline] [. Build]
This item is used to add content to the INF file of the specified Windows system. Format: filename, section, stringtoadd
For example:
[Addline.2600]
"Netmscli. inf", "msclient. delreg", "HKLM, software/Microsoft/rpc/securityservice, 9"
[Delline] [. Build]
This item is used to delete content in the INF file of the specified Windows system. The format is filename, section, stringtodel.
For example:
[Delline.3790]
"Netmscli. inf", "msclient. browser. addreg", "hkr, parameters, maintainserverlist ,"
[Setvalue] [. Build]
This item changes the content of the INF file in the specified Windows system.
Format: filename, section, key, Value
For example:
[Setvalue.2600]
"Netmscli. inf", "alerter_service_inst", "starttype", "3"
If filename, section, and key are used, the corresponding key is deleted;
If filename and section are used, the entire section is deleted.