Notepad Batch program to Restart the Computer
For this, the virus needs to be executed only once and from then on, it will carry out rest of the operation on its own. I have programmed this virus using the C language. If you are familiar with the C language then it is too easy to understand the logic behind the coding. The code is not posted here in this article, but you can download it from the link below.
Compiling the source code into an executable module:
- Download the Source Code Here.
- UnRar the file and you should see the source code: Sysres.C
Testing and removing the virus from your PC:
You can compile and test this virus on your own PC without any fear. To test, just double-click the sysres.exefile and restart the system manually. From now on, every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again.
It will not do any harm apart from automatically restarting your system. After testing it, you can remove the virus by following the below mentioned steps:
1. Reboot your computer in the safe mode.
2. Go to:
%systemroot%\Windows\System
(%systemroot% can be C,D,E or F)
%systemroot%\Windows\System
(%systemroot% can be C,D,E or F)
3. You will find a file by name exe, delete it.
4. Type regedit in run. You will go to the registry editor. Here navigate to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run
There, on the right site you will see an entry by name “sres“. Delete this entry. That’s it. You have now removed this virus successfully.
Logic Behind the working of this virus program:
If I do not explain the logic(Algorithm) behind the working of the virus program, I think this post would become an incomplete one. So I’ll explain the logic in a simplified manner without getting much into the technical aspects of the program. If you have further doubts, you can pass your comments.
LOGIC:
HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run
There, on the right site you will see an entry by name “sres“. Delete this entry. That’s it. You have now removed this virus successfully.
Logic Behind the working of this virus program:
If I do not explain the logic(Algorithm) behind the working of the virus program, I think this post would become an incomplete one. So I’ll explain the logic in a simplified manner without getting much into the technical aspects of the program. If you have further doubts, you can pass your comments.
LOGIC:
First the virus will find the Root partition (Partition on which Windows is installed).
Next, it will determine whether or not the virus file (sysres.exe) is already copied into %systemroot%\Windows\System.
If not it will just place a copy of itself into%systemroot%\Windows\System and makes a registry entry to put this virus file into the Windows startup.
Or else if the virus is already found in the%systemroot%\Windows\Systemdirectory (folder), then it just gives a command to restart the computer.
This process is repeated every time the PC is restarted.
NOTE: The system will not be restarted as soon as you double click the Sysres.exe file.The restarting process will occur from the next boot of the system.
Or else if the virus is already found in the%systemroot%\Windows\Systemdirectory (folder), then it just gives a command to restart the computer.
This process is repeated every time the PC is restarted.
NOTE: The system will not be restarted as soon as you double click the Sysres.exe file.The restarting process will occur from the next boot of the system.
0 comments:
Post a Comment