Basic when you run this. It places a key in current user.
It then copies itself to another location based on the key, then logs the user off.
When the user logs back in the program starts up and logs them back off.
Source is included. And this is an easy fix. Just hop on the local admin account and delete the restart.exe and the infected account will be back to normal
Download
restart.zip
