Pandatv and Weijin batch processing tools ..............

Recently, many of my friends have been miserable by this pandatv. Although 360 and rising star both launched the exclusive killing tool, the effect is still unsatisfactory. Today, I want to teach you a way to completely eliminate this bad panda and give you a green system.CodeHighly scalable. You can edit the Code as follows:

Program code @ echo off
Title: The latest tool used to clear the logo_1 (pandatv) Virus Variant
@ ECHO: The latest Viking Virus Variant Removal Tool
@ Echo -------------------------------------------------------
@ Echo by: http://www.9java.com
@ Echo viklig virus, exclusive tool. Copy this code and save it as a batch processing file with the. Bat suffix and double-click it.
@ Echo --------------------------------------------------------
Pause

If exist % WinDir % \ rundl132.exe echo --- the report shows that there is vig virus.
If exist % WinDir % \ logo_1.exe echo --- the report shows that there is vig virus.
// Kill the Viking Process
Tskill logo_1
Tskill rundl132
Tskill ZT
Tskill wow
Tskill logo1 _
Tskill ravmon
Tskill eghost
Tskill mailmon
Tskill kavpfw
Tskill iparmor
Tskill ravmond
Taskkill/f/IM 0sy.exe
Taskkill/f/IM 1sy.exe
Taskkill/f/IM 2sy.exe
Taskkill/f/IM 3sy.exe
Taskkill/f/IM 4sy.exe
Taskkill/f/IM 5sy.exe
Taskkill/f/IM 6sy.exe
Taskkill/f/IM 7sy.exe
Taskkill/f/IM 8sy.exe
Taskkill/f/IM 9sy.exe

// Delete a Trojan
Del D: \ _ desktop. ini/f/S/Q/
Del c: \ Program Files \ _ desktop. ini
Del % WinDir % \ micknew. dll
Del % WinDir % \ mh_file \ mh_dll.dll
Del % WinDir % \ _ desktop. ini
Del % WinDir % \ todayztking. dll
Attrib-H-r-s c: \ go.exe
Del c: \ go.exe
Del c: \ setup.exe
Attrib-H-S-r c: \ autorun. inf
Del c: \ autorun. inf
Attrib-H-r-s D: \ go.exe
Del D: \ go.exe
Del D: \ setup.exe
Attrib-H-S-r d: \ autorun. inf
Del D: \ autorun. inf
Del E: \ setup.exe
Attrib-H-r-s e: \ go.exe
Del E: \ go.exe
Attrib-H-S-r e: \ autorun. inf
Del E: \ autorun. inf
Attrib-H-r-s f: \ autorun. inf
Del F: \ go.exe
Del F: \ setup.exe
Attrib-H-S-r f: \ autorun. inf
Del F: \ autorun. inf
Attrib-H-r-s G: \ go.exe
Del G: \ go.exe
Del G: \ setup.exe
Attrib-H-S-r g: \ autorun. inf
Del G: \ autorun. inf
Del H: \ go.exe
Del H: \ setup.exe
Attrib-H-S-r g: \ autorun. inf
Del H: \ autorun. inf
Del I: \ go.exe
Attrib-H-S-r g: \ autorun. inf
Del I: \ autorun. inf
Del I: \ setup.exe
Del J: \ go.exe
Attrib-H-S-r g: \ autorun. inf
Del J: \ autorun. inf
Del J: \ setup.exe
Del % WinDir % \ System \ logocmd.exe
Del % WinDir % \ rundl132.exe
Del % WinDir % \ vdll. dll
Del % WinDir % \ DLL. dll
Del % WinDir % \ 0sy.exe
Del % WinDir % \ 1sy.exe
Del % WinDir % \ 2sy.exe
Del % WinDir % \ 3sy.exe
Del % WinDir % \ 5sy.exe
Del % WinDir % \ 1.com
@ Echo ^_^ report boss, Viking has been all killed, have time to come to my blog to see Oh, the address is http://www.cnblogs.com/Fooo/

@ ECHO: It's really tiring. Then, we will try again to make your system immune. If you don't need it, exit directly.
Pause
// Immune System
Echo> % WinDir % \ logocmd.exe
Echo> % WinDir % \ rundl132.exe
Echo> % WinDir % \ 0sy.exe
Echo> % WinDir % \ vdll. dll
Echo> % WinDir % \ 1sy.exe
Echo> % WinDir % \ 2sy.exe
Echo> % WinDir % \ rundll32.exe
Echo> % WinDir % \ 3sy.exe
Echo> % WinDir % \ 5sy.exe
Echo> % WinDir % \ 1.com
Echo> % WinDir % \ exerouter.exe
Echo> % WinDir % \ exp10rer.com
Echo> % WinDir % \ finders.com
Echo> % WinDir % \ shell. sys
Echo> % WinDir % \ kill.exe
Echo> % WinDir % \ SWS. dll
Echo> % WinDir % \ sws32.dll
Echo> % WinDir % \ Uninstall \ rundl132.exe
Echo> % WinDir % \ svchost.exe
Echo> % WinDir % \ winlogon.exe
Echo> % WinDir % \ rundll32.exe
Echo> C: \ "Program Files" \ svchost.exe
Echo> C: \ "Program Files" \ "Internet Explorer" \ svchost.exe
Echo> % WinDir % \ Download \ svchost.exe
Echo> % WINDIR % \ system32 \ wldll. dll

Attrib % WinDir % \ logow..exe + S + R + H
Attrib % WinDir % \ rundl132.exe + S + R + H
Attrib % WinDir % \ 0sy.exe + S + R + H
Attrib % WinDir % \ vdll. dll + S + R + H
Attrib % WinDir % \ 1sy.exe + S + R + H
Attrib % WinDir % \ 2sy.exe + S + R + H
Attrib % WinDir % \ rundll32.exe + S + R + H
Attrib % WinDir % \ 3sy.exe + S + R + H
Attrib % WinDir % \ 5sy.exe + S + R + H
Attrib % WinDir % \ 1.com + S + R + H
Attrib % WinDir % \ exerouter.exe + S + R + H
Attrib % WinDir % \ exp10rer.com + S + R + H
Attrib % WinDir % \ finders.com + S + R + H
Attrib % WinDir % \ shell. sys + S + R + H
Attrib % WinDir % \ kill.exe + S + R + H
Attrib % WinDir % \ SWS. dll + S + R + H
Attrib % WinDir % \ sws32.dll + S + R + H
Attrib % WinDir % \ Uninstall \ rundl132.exe + S + R + H
Attrib % WinDir % \ svchost.exe + S + R + H
Attrib % WinDir % \ winlogon.exe + S + R + H
Attrib % WinDir % \ rundll32.exe + S + R + H
Attrib c: \ "Program Files" \ svchost.exe + S + R + H
Attrib c: \ "Program Files" \ "Internet Explorer" \ svchost.exe + S + R + H
Attrib % WinDir % \ Download \ svchost.exe + S + R + H
Attrib % WINDIR % \ system32 \ wldll. dll + S + R + H
NET Share C $/del
NET Share d $/del
NET Share e $/del
NET Share F $/del
NET Share ADMIN $/del
NET Share IPC $/del
CLS
@ Echo -------------------------------------
@ Echo Viking has all been killed and pulled by me. Ha, amazing!
@ Echo the system has been successfully immune!
@ Echo thank you for your use. Please restart your computer!
@ Echo -------------------------------------

Pause
Disable Viking virus from running patch. Reg
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer]
"Disallowrun" = DWORD: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ disallowrun]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ disallowrun]
"** Delvals." = ""
"1" = "0sy.exe"
"2" = "1.com"
"3" = "1sy.exe"
"4" = "2sy.exe"
"5" = "3sy.exe"
"6" = "5sy.exe"
"7" = "DLL. dll"
"8" = "logocmd.exe"
"9" = "rundl132.exe"
"10" = "vdll. dll"

Ask the poisoned friend to save the above Code in the text document, and then double-click the batch file with the suffix changed to. bat.