How to Over-ride a Shutdown Virus


Introduction: How to Over-ride a Shutdown Virus

About: go to my facebook for requests/program requests.

You may have read my last instructable, on how to make a shutdown virus, but this
instructable will show you how to OVER-RIDE that shutdown virus =]


Step 1: Making or Activating the Over-Ride

To make a over-ride shortcut (that sits on your desktop until it is needed) follow these steps.

If you want to make it look cool (because all your friends are around and you want to look like a hacker), go to step 3.

-Go to your desktop.

-right click.

-select "New".

-select "Shortcut".

A box should come up as shown below.

Step 2: Writing the Over-Ride Code

In the text box (shown), type:

shutdown -a

Now click "Next".
Name it Shutdown Over-Rider.

Now click Finish!
Now you have your Shutdown Over-Rider!!!

To Make it look cool (You dont have to):

Right-Click the shortcut and click "Properties".
Now click "Change Icon" and choose your icon.

Personally I like the yellow Key symbol   =]

Congratulations! =]
Please look at my other instructables =]

Step 3: CMD.exe

So, you've chosen to impress your friends or family.
This Works best if you do it fast, so it looks like you know what your doing.
Rather than having a piece of paper telling you everything you have to do.

Right click your desktop and click "New" then "Shortcut".

In the box (shown below) type cmd.exe and click "Next" and "Ok".
Double click the new shortcut provided and a black box should come up (also shown below).

In the black box type shutdown -a and press enter.

This automatically Over-Rides the shutdown.
Congratulations! You over-rided a shutdown =]

Please look at my other instructables =]



    • Water Contest

      Water Contest
    • Creative Misuse Contest

      Creative Misuse Contest
    • Clocks Contest

      Clocks Contest

    23 Discussions

    How could I make admin quickly if cmd is blocked. the only way I know to do is start the computer and shut it down before it starts. then restart it and do system repair. when it asks if you want to use a program to fix the problem pick no. after a bit more scanning it gives a report. open the report then click file and go to open. then make your way to the system32 file. find the sethc (stick key). exe and rename it to sethc-bak and then find the cmd.exe and make a copy of it named sethc. then restart the computer and once you get to the login screen hit shift 5 times. it opens up cmd (which is the only way I know on my school computers) then you put in the command to make a new admin account. my question is. is there an easier way to open cmd even if it's blocked

    Awesome thinking! I know of a variant using the narrator executable also found in system32, basically the same logic/idea. Although if the network administrators are illiterate you could use a boot-kit to login to the administrator account; though this procedure would be easily blocked.

    At the technology institute I attended (after I'd written these tutorials) I could access a network administrator account that was hidden to users. Although the accounts we logged into had administrator rights over the computer, we did not have network administration rights. We also had a freeze-state process that reverted the computer back to its original state at every start-up. Although when looking around the system I found a un-used administrator account within the "net user" command of terminal (command prompt/cmd). The account didn't show up at start-up until you revealed it with "net user administrator /visible:yes". Once the reveal command had been input; you could simply switch user and login to the administrator account which had just been activated. This allowed me to disable remote interference from the real network administrators and also allowed me to send remote commands to the computers on the network (which included everyone). This could include remote shutdown commands, remote desktop and anything else you could think of. Although I'm not sure how many institutes would use the same configuration, its still worth taking the logic from.

    Sorry about the spiel; but if you'd like to know anything, I'd be happy to try and help although I wouldn't consider myself an expert.

    Sorry, I no longer use instructables. I recently logged into an old e-mail account to see a few e-mails from instructables and decided to have a look around my old account. This is a very primitive tutorial might I add. If anyone looking at this has any questions regarding more advanced programming whether it be in this language or higher level programming I will do my best to help.

     useful trick, it only works if you have time left before it shuts down, override is without a dash though, nice ible

    13 replies

    Yeah, that is a problem.
    However if they havent written a forced code such as

    shutdown -s -f -t 100

    you can just open a word document and it will ask if you would like to save it before it shutsdown, this will give you all the time you need to run the file
    or go through the "look like a hacker" option.

     assuming that you have time to open a word file, shutdown viruses are nasty buggers, but booting into safe mode will often keep them from starting...

    if your computer is too slow to load a word document or notepad in 3 seconds, you should just get a new computer.

     if you have a shutdown virus it might as well shut down instantly, there is no rule that they have to wait 3 seconds...

    i never said it did.
    but im saying if you cant open a word document fast enough, you might aswell get a new computer because.

    a standard, stock computer should be able to open a word document on desktop before immediate shutdown.

     that's not true, as soon as a program gives the shutdown command, windows prevents any new programs from opening, and if the virus maker is just a bit smart, the virus will use the /f argument when shutting down, this forces all opened programs to close, no matter what...

    u mean Shutdown -s -f -t 100 -c "message here" the "-f" making it a force shutdown. but a shutdown -a over rides even a Forced shutdown. a shutdown -a will only fail if its a shutdown coming straight from windows itself. -f doesnt stop u aborting it.and u could even have the shutdown over ride in a usb pre made, so u can immediatly open it =]

    like a said, you might not have time to override it, if no delay is given it'll start shutting down, preventing any new programs from opening, if i give my computer the shutdown command it logs out almost immediately...

    yes but, you could write the code, and run it through start up. (start up files) so, on a seperate Computer, make a program that opens autonomously and runs a ISO (Instant Shutdown Over-ride). that will open before the shutdown commances, or has time to process =]

    yes, but that isn't metioned in the instructable anywhere, i'm well aware that you *can* stop these viruses, but not always as mentioned in the instructable. the best possible way to remove these viruses is to boot into safe mode and remove the registry entry that starts it up...

    If you were smart about making the virus in the first place you would make it come under the Administrators name, so even the system will allow it, and delete the Admin and create a new one. you can make viruses do it, by programming it to add a new Admin and delete the old one. and put a total random password like "8456589n-t5489549458y" (you wont have to remember it, it just means the Admin wont be able to guess the password and they will have to do a total system delete, and re-setup.)

    you could even make it as complex as telling the virus to: 1. Make a new hidden Admin. 2. Under that admin name, run a immediate shutdown into start up files. 3. Delete the Admin user. . Leaving no trace that you created the Admin in the first place, and making it seem to the system that the Shutdown file in the start-up files was legally placed by a former Admin.