How to mess up a PC running Windows 7?

302

258

Ok, so for my PC class I have to find 3 hacks that would mess up the lab's PC. Me and my partner are going to mess up the PC and then another team will try to fix it. The system on it is Windows 7. Anything that would stop the normal use or render the PC useless works. The conditions:

Can't open the case
Can't use the registry settings (due to how big it is, it would take the other team a long time to fix)
Needs to be fixable (meaning, nothing that would mess that bad so it would require an reinstall) within 15-30 minutes (by my teacher, preferably not by the other team :)
Can use the administrative tools
No downloads (PC is not even connected to a network)

Note: stuff like create a fake, unclickable desktop by taking the desktop's screenshot and setting it as a background won't work as this has been discussed already. Also creating a reboot link and putting it in the autostart programs has been discussed. But anything of this type would be great to hear.

Any suggestions?

P.S. This is really for my college class, so no harm here, just pure lab fun :)

Added after edit: First would like to thank everybody for the input, some great ideas here. To clarify some things: - I have the admin account - It needs to be done in about 15 minutes, it needs to be able to be fixed in 15-30 minutes - Can't connect it to ANY network, since it's a lab PC and the college wouldn't allow them.

@Billare, yes, our teacher is a hacker at heart :)

Oh, and by the way, I don't think we are allowed to boot from another media, or mess with the BIOS, it is a Desktop Systems Administration class, and everything needs to be done inside Windows. I'll ask and see if we're allowed, if yes, then I can use some ideas from here. Thank again to everybody.

Edit 2: Let's try a different angle. How about disabling some non-vital services which will cause some annoyance. The main point, it needs to be a pain right from the start of using the PC, not in the long term use. Wow, my head is spinning some ideas from here, great, will let you know tonight what I used.

Moderator note: If you suggest ways to disable/break the computer, please include information on how to fix whatever it is you're breaking as well, if it is not immediately obvious.

One-liner answers, that fail to explain how they work or what the do, will be converted to comments.

pHelics

Posted 2011-04-27T06:25:49.287

Reputation: 346

2A personal favourite is creating a scheduled task which executes a windows log off (or shutdown) every minute. You've got to be fast to get there and disable it in time. This can be done remotely if you had the luxury of a network and local admin (not that I'd ever do this to a colleague) – Basic – 2014-08-29T17:10:55.597

Why would you want to do this? – Jeff Clayton – 2014-12-31T22:23:11.273

"Install McAfee", dying laughing here, I might have to go to the doctor to get it to stop. – Moab – 2015-09-22T22:34:03.457

3Do you already have access to an admin account, or do you need to compromise the system first? – rob – 2011-04-27T06:54:51.210

how much time do you have to do this? – Journeyman Geek – 2011-04-27T08:11:19.117

I'm surprised that an "official" institution like a university would allow something like this... – Uticensis – 2011-04-27T11:50:19.643

4@Billare - it sounds like a good lesson to me, the machine is isolated from the network so potential damage is limited and odds are the machine will be overwritten with disc image after so any os damage will be repaired almost instantly. – Robb – 2011-04-27T12:11:50.197

298Install McAfee! – James – 2011-04-27T12:47:54.577

1I would suggest to run a script that applies a bunch of these problems, another script to disable them. :) – Tamara Wijsman – 2011-04-27T12:48:23.973

Wow. I'm actually having a hard time putting an up-vote on this one, since it's more about causing problems than solving any. Ah, the heck with it. Great ideas, everyone! – Iszi – 2011-04-27T12:54:48.367

2lol @James that's funny – pHelics – 2011-04-27T14:02:06.437

40@james - norton antivirus was worse, the last time i had to deal with a computer with it ;p – Journeyman Geek – 2011-04-27T14:34:47.457

1FYI: Users who fail to answer with more than a one-liner will have their answers converted to comments. – Ivo Flipse – 2011-04-27T15:51:32.743

39If it already has Windows 7 on it, it sounds like it's pretty thoroughly messed up already. Your work here is done. – Adrian Petrescu – 2011-04-27T18:01:52.667

I'd be interested in responses that could show what using powershell could accomplish for this. – Jon Schoning – 2011-04-27T18:10:37.000

1@Journeyman Geek norton is worse than ANY anti-virus software i have EVER seen. – Nate Koppenhaver – 2011-04-27T18:25:32.427

@jon - tie something like this http://powershell.com/cs/blogs/tips/archive/2009/04/24/ejecting-cds.aspx into the scheduled tasks to run every minute, or sit the script in auto run wrapped in an infinite loop with random pauses for less predictability

– Robb – 2011-04-27T19:09:39.390

99@Adrian Petrescu - You obviously haven't used windows 7, or confusing it with vista. Windows 7 is actually pretty nice and stable – Journeyman Geek – 2011-04-27T22:03:50.370

There was a decent discussion recently in a very similar vein on the Ars Technica forums. Thread Link. Some sadistic ideas within involving crippling the heaps, boot.ini fun, Driver Verifier, eating memory with extremely large background images, very long system sounds, etc.

– afrazier – 2011-04-28T13:19:36.067

@JourneymanGeek: Linux fan, just go along. – sinni800 – 2011-04-28T15:37:57.273

3@James - I'm loving the fact that despite multitude of evil things you can do to a pc listed below installing McAfee is still in first place on the voting! People can't intentionally break windows as hard as McAfee manages unintentionally! – Robb – 2011-04-28T21:47:15.520

You can also autorun a shutdown command. take a look at msconfig to find go – Fabian Schuh – 2011-04-27T07:58:22.630

This is a easy one to do, rename windows and temp directories and when doing so just add spaces at the beginning also making them read only could be fun. – N4TKD – 2011-04-27T19:45:37.453

15Go into Mouse settings and change all the cursors to a transparent .cur file. – Ry- – 2011-04-28T22:39:29.057

1Hold down Window-e. This opens copies of Windows Explorer at the keyboard's repeat rate. Windows Vista and later use a lot of video resources per open window (thanks to Aero) so that tends to fill up the RAM and bog down the PC after a few seconds. – John Walthour – 2011-04-27T14:30:32.897

Can't. After I'm done with the PC I have to shut it off and give place to the other team to suffer. – pHelics – 2011-04-27T15:22:14.823

It doesn't work in Windows 7, I get only one window, though iirc it worked in Vista. – nyuszika7h – 2011-04-27T17:33:40.913

1+1: i tried it for just a one second on my comp (its an XP SP3), waited for the hourglass to go away, and i got a nasty alert box saying i was out of memory (i have 2GB of RAM) – Nate Koppenhaver – 2011-04-27T20:42:12.157

I'm not sure how much of win.ini and 'system.ini' is used in Windows7 (showing on my 64-bit version), but might be able to have some fun adding stuff there. Back in the Windows 3.x time, it was good fun. :) – Macke – 2011-04-28T11:05:59.953

37Bookmarking this thread for the next time someone in the office goes on vacation. – Alain – 2011-04-29T13:37:25.770

1A simple but mean one, swap the name of the users logon profile, so when they try to logon to the one called 'Admin' or its equivalent, it will be a different profile and a different password. Simple fix is to log on to the renamed one that is actually the admin profile and change it back – RhysW – 2013-03-20T16:07:54.177

Answers

267

A few major problems for you,

In bios disable the processors L2 cache - Machine crawls
Windows+break-->advanced system settings --> hardware tab --> Device Manager, right click disable mouse (make sure you can get here with just your keyboard so you can undo this!)
ctrl+alt + Arrow key - on some graphics cards this rotates the screen. (usually with no method of undoing this unless you know this shortcut)
Make a floppy boot disc/usb Key/CD Rom, pop it in the floppy drive and ensure its set to first in the boot order in bios (bonus points for removing the hdd from boot list and creating all 3 boot discs with a different os on each so they fix one then get the next!)
Use a partitioning tool to shrink the hdd partition to a few mb more than is currently in use
Do the opposite and fill up available space with multiple copies of large files. Combined with a startup script to start the copies would keep the hard drive filled if they first attempted cleanup by deleting files.

And a few irritations to garnish the pc with

If it had internet access - Open Internet Properties --> connections Tab -->Lan Settings, Check use a proxy server, set the address to 127.0.0.1 (prevents them googling for solutions :P)
Right click on desktop - View - uncheck show desktop icons (irritating but not tough to fix)
sticky tape on the bottom of the mouse can disrupt the laser stopping the mouse working (couple this with the major disabling of the mouse in device manager to add confusion).
if the connectors are ps2, swap the mouse and keyboard, obvious if you're used to hardware but passes a quick glance from a noob
In word Office button -->Word Options --> proofing --> AutoCorrect Options --> add a few entries for common words, subtlety is your friend, is --> was the --> teh etc (2k7 instructions but can be done via different route in most versions)

Reverse the steps to undo the problems and ask in comments if you have trouble!

Edit - as we may have had our beastly BIOS tricks taken from us here's a couple more windows based ones

Put the shutdown command into autoexec.bat Command syntax here (you've talked about putting similar functionality in the startup folder, so this should confuse em by doing the same thing from a different spot)

Fork bomb! Create a .bat file containing the following text and make it autorun (either call from autoexec.bat or drop the .bat in startup folder)

:s
start %0
goto s

This will spawn huge numbers of processes untill the machine grinds to a halt (The code is untested but looks viable)

Robb

Posted 2011-04-27T06:25:49.287

Reputation: 631

7as far as i know, the ctrl alt arrow key combo definately works on intel based systems – Journeyman Geek – 2011-04-27T12:42:35.583

@Journeyman Geek - That tallies with my experience, I think some ATI cards do it too. I'm not sure if its universal across their product ranges however. – Robb – 2011-04-27T12:44:04.380

9The double mouse disruption trick is a nice idea... :) – Tamara Wijsman – 2011-04-27T12:46:05.267

2@Journey @Robb It works on any system with an Intel graphics chip and where the igfxhkcmd process is running -- and really only the latter is required, but it comes with the driver for the Intel graphics chips. – Joel Coehoorn – 2011-04-27T13:20:53.767

90Upvoted for this code is untested but looks viable. Also, fork bombs. <3 – eckza – 2011-04-27T13:31:49.677

2@Robb: Along the lines of hiding desktop icons - my roommate and I once did this to a third roommate's laptop when he left it unlocked. To sweeten the deal, though, we first took a screenshot of his desktop with the icons visible, then set it as the desktop background (and hid the real icons). So when our "victim" came back it appeared he had icons but he was really just clicking on his desktop background. It made his troubleshooting take a bit longer (and was more fun to watch). – eldarerathis – 2011-04-27T14:02:46.213

@robb: thanks for the alt-ctrl-arrow thing. Ofcourse I needed to try it and couldn't reverse immediately. Apparently, dual monitors rotate seperatly. Good thing I had some monitor schemes installed ;) – Yoh – 2011-04-27T14:45:04.100

1+1 Just for the Fork bomb. Still works great under Windows 7 even. PLUS no UAC prompt. ;) – Ƭᴇcʜιᴇ007 – 2011-04-27T18:42:37.380

+1 for "Put the shutdown command into autoexec.bat", that made me lol – BlueRaja - Danny Pflughoeft – 2011-04-27T19:34:44.770

7autoexec.bat does nothing anymore... – Hello71 – 2011-04-27T20:18:34.757

create a bat file in the startup folder that references the fake blue screen program from microsoft: http://technet.microsoft.com/en-us/sysinternals/bb897558.aspx

– m4tt1mus – 2011-04-27T21:10:25.807

11I've been saving a fork bomb somewhere, create a shortcut to it on the desktop and (for example) change the shortcut file name to "Firefox" as well as the icon to the real one. Bonus if you do this to Programs Menu as well. >:] You could do this to as much stuff as you want. If you wanna be particularly evil, go to Program Files and mark it as system folder as well as hidden. Next proceed to creating a shortcut in its place. Hehehe. – Christian – 2011-04-28T22:23:22.377

You are evil! :D – Pitto – 2011-04-29T13:04:34.447

2I'd use vistalizator to uninstall english and put vietnamese as basic language too – Pitto – 2011-04-29T13:05:15.617

i'm not sure of that, but isn't the process "hkcmd.exe" commonly found on windows installations responsible of the Ctrl+alt+ArrowKey shortcut? if so, then killing/disabling this process after the rotation will avoid getting recovered with simply the keys combination. – BiAiB – 2011-04-29T13:14:04.957

That's funny and nasty. lol. – crosenblum – 2011-11-06T00:15:52.830

197

Create a mouse cursor theme where the arrow tip is NOT at mouse position.

This should be puzzling enough.

Benoit

Posted 2011-04-27T06:25:49.287

Reputation: 6 563

1Also make it an animated cursor that changes shape. – rob – 2016-08-26T15:45:04.807

46this is proper evil.... – Matt – 2012-02-08T17:10:56.193

disable the mouse x2

< – n611x007 – 2012-06-22T20:25:46.080

3and add tape behind laser block... – tigrou – 2012-06-28T20:50:08.427

20This made me laugh so hard, it took 3 attempts to hit the upvote button :D – Martin Seeler – 2013-10-09T19:57:30.777

104

Change the keyboard layout to "Dvorak" or some other obscure non-English setting. They'll probably figure it out fairly quickly but it will still be really obnoxious to fix. In advance, you can write down the key combinations needed to switch back.

CarlF

Posted 2011-04-27T06:25:49.287

Reputation: 8 576

14French keyboard is pretty mean. It gets better if you can swap ctrl and alt keys. Combine with disabling the mouse for extra fun. – Jonas – 2011-04-27T15:45:13.263

107+1 if you do this and disable the mouse ;) – James – 2011-04-27T16:06:49.900

3+1 for really obnoxious to fix – Robb – 2011-04-27T17:57:18.987

13Along the same lines, perhaps use an autohotkey script to wreak havoc. They're hard to detect, especially if you compile it as a .exe and rename it something like svchost.exe. I have one around here somewhere that alphabetizes the keyboard (e.g., q -> a, w -> b...) – Reid – 2011-04-28T03:26:08.283

10To complement Reid's comment, and autohotkey scripts which changes the keyboard layout every minute. Combined with a 'safe' combination that doesn't change to disable it. – André Paramés – 2011-04-28T11:12:40.187

2works even better if you know dvorak. ;) – John – 2011-05-17T00:32:23.350

Adjust the Date/Time format to include a funny string, often done by viruses.

Fix: Hard to find if you are unaware of these settings, remove the string there.
Move the .cpl items of C:\Windows\System32 elsewhere, thus disabling any control panels.

Fix: Search for those files, probably look by last access/modified date.

How to make this harder: Put them in a zip file, makes it harder to find them as it is a single entry.

Alternative fix: Run sfc /scannow, which should put those files back.
Give them a black screen after logon by removing everyone from the permissions list, don't recursively apply this though but just change it that everyone doesn't apply to this folder anymore but still all files and subdirectories.

Fix: Hard to know the cause, but you can simply give everyone the permission back in Safe Mode.

Why does this happen: Because Windows often pokes your %SystemRoot% (most likely C:) and if it doesn't have permissions for that it will most likely not look further and stop instead...

Tamara Wijsman

Posted 2011-04-27T06:25:49.287

Reputation: 54 163

i recall sfc /scannow needs a cd – Journeyman Geek – 2011-04-27T22:04:29.137

10@JourneymanGeek: If you're running Windows XP, yes. But Windows 7 doesn't need a CD due to the WinSxS cache, or in other words you are simply playing around with the links rather than the binaries. – Tamara Wijsman – 2011-04-27T22:14:36.397

Use left Shift + left Alt + Print Screen to turn high contrast on.

And use the same key to turn it off.

Searock

Posted 2011-04-27T06:25:49.287

Reputation: 733

Great simple trick. – Gordon – 2011-04-29T13:04:20.423

Yes, one of my favorites to do on unlocked workstations, quick and easy. – Bratch – 2011-04-30T00:08:29.840

Put this as a .bat file in shell:startup

taskkill /f /im explorer.exe

Fix: Task Manager (Ctrl+Shift+Esc), File > New Task and type in explorer.exe

kizzx2

Posted 2011-04-27T06:25:49.287

Reputation: 889

60Better, schedule this bat. Make a task that will run every some minutes :) – pHelics – 2011-04-27T15:20:56.883

2@pHelics: It might not be necessary. Winlogon apparently restarts the shell (explorer.exe) automatically, and the shell re-runs startup items ... – user1686 – 2011-04-28T08:51:30.220

8@grawity He probably means adding the .bat as a scheduled task instead of putting in shell:startup -- harder to find out (probably) and it renders temporary fix (by starting explorer.exe manually) less useful. – kizzx2 – 2011-04-28T09:04:18.647

Make the most of the "Scheduled Tasks" component in Windows. Then you can make apps randomly appear or make the system shut down seemingly without cause.

Another alternative would be to write a small script (windows 7 comes with powershell) that hides the powershell window and restricts movement of the mouse to within certain boundaries.

Here is a useful links: Hide Window. And below is a code sample for moving the mouse.

[Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
[System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point(0,0)

Matthew Steeples

Posted 2011-04-27T06:25:49.287

Reputation: 2 130

How about changing the color scheme to make text and background color the same on window titles, buttons, menus etc. It may help to select the "classic" (pre-Vista) theme first. Bonus points if you can make standard controls invisible because all their colors (foreground, text, border etc) are the same as the window background.

Hugh Allen

Posted 2011-04-27T06:25:49.287

Reputation: 8 620

22Also: combine with disabling the mouse. – Jonas – 2011-04-27T15:47:26.647

21And changing the keyboard layout – epochwolf – 2011-04-27T16:18:37.110

Hit them with the Ease of Access Center, which is found in the control panel.

Use the FilterKeys options disable all notification to users that it is turned on and all notification (including beeps) when keys are pressed. Use the Slow Keys setting and adjust it so the user must hold down a key for more than 0.3 seconds before a key is registered as input.

yhw42

Posted 2011-04-27T06:25:49.287

Reputation: 2 161

7In combination with no mouse, pure awesomeness :D – Martin Seeler – 2013-10-09T20:05:48.063

If you're allowed to boot off a CD or USB drive, anything is possible. Once you've cleared the admin password, you can have fun.

Per the moderator note: I think the fix for anything I've listed below is pretty self-explanatory (just do the opposite of what you did to screw the machine up), but if there's something that needs clarification, please ask in a comment.

Depending on the machine, you might be able to change the right BIOS setting to make the CPU "overheat" and turn off. (I'm trying to think outside the box here...note that some motherboards let you set the "overheat" threshold, so you can just set it low without doing any damage. The fix would be to clear the CMOS.)
How about putting it on the network yourself? Then you can set up a different machine to do a remote shutdown of the target machine using Windows' built-in shutdown.exe or some other utility. Set it up as a bunch of scheduled tasks or write a script that does it every couple minutes.
If the machine doesn't have much RAM, set the pagefile to 0 MB and try to run some background processes/services that chew up all the RAM.
Do a user account batch import to create hundreds or thousands of accounts from a file you're prepared ahead of time. Pick a few at random to do sneaky things via Scheduled Tasks (like running the shutdown command as mentioned earlier).
Disable System File Protection, boot up to the console, and start renaming important files. (Keep track of the files you rename, so you can name them back later.)
If the machine has a DualBIOS (i.e., when the main BIOS gets corrupted, you can boot from a backup BIOS), try updating the BIOS and shut off the machine in the middle.
Image the machine onto an external hard drive, then install WinXP/Linux/DOS/BSD/whatever.
Boot from a live Linux CD and use dd to copy a specific range of the hard drive's contents to a file on a USB flash drive. Now overwrite that same region on the target machine's hard drive with zeros. Fix: just dd the backup file back over the same range you just corrupted on the target machine's hard drive. (don't do this if you're not comfortable with dd)
Install one of those tiny bluetooth adapters and use a keyboard/mouse from across the room to close windows, move the mouse, lock the terminal, execute other keyboard shortcuts, etc.
Disable the hard disk controller in the BIOS.
Fill up all the free space on the hard drive.

I think at least a couple of these should have the other guys scratching their heads--particularly the ones that don't require you to change anything in Windows itself. (Let's just hope they don't read SU.) :D

rob

Posted 2011-04-27T06:25:49.287

Reputation: 13 188

41I would recommend against trying to overheat the CPU. That could cause permanent hardware damage, and I doubt their IT department or teacher would appreciate that. – nhinkle – 2011-04-27T07:01:58.863

18Point taken, although most machines have thermal protection which will turn them off before they reach "dangerously hot." Some BIOSes even let you configure the temperature threshold, so you could just set it very low and the computer would think it's overheating & shut down. The concern is if things heat up too quickly, before thermal protection can kick in--e.g. if you don't install the heatsink, and the CPU starts smoking. If you can get the computer to overheat (or think it's overheating) sometime after the OS starts booting, you'll probably be fine. – rob – 2011-04-27T07:25:45.223

23@nhinkle: I got the idea that he meant setting the BIOS overheat limits to something low like 50 C, not actually overheating anything. – Zan Lynx – 2011-04-27T14:58:37.403

On top of setting up a script to force safe mode you can go under msconfig then Boot tab.

Set Safe Boot to Alternate Shell and check No GUI boot and Make all boot settings permanent after that under Advanced options... Set the Maximum memory to 256. Then disable the system Page File

Run msconfig at the shell prompt to undo the settings :)

Riguez

Posted 2011-04-27T06:25:49.287

Reputation: 3 594

Kobayashi Maru: If you can create a VHD and get Windows to boot from that, you can break the rest of rules (except for the bios rules) since technically you are not altering the installed copy of Windows 7.

BTW A really simple hack is to use bcdedit to screw up the boot process, after /exporting, then use /import to import it to repair...though you'd need a boot disk for repairing it.

JeffSahol

Posted 2011-04-27T06:25:49.287

Reputation: 166

3Sadly, if OP is in college, OP is probably too young to get the Kobayashi Maru reference. :( – Shinrai – 2011-04-27T13:29:42.017

11@Shinrai - Given the re-boot movie that was recently released, I think the current generation gets it now better than they would have a few years ago. – Iszi – 2011-04-27T14:43:14.510

@Iszi - Whoops! I forgot that scene was in the reboot film, haha. – Shinrai – 2011-04-27T15:27:32.850

Set the "User Profile Service" in Services to Disabled.

This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them.

Jon Schoning

Posted 2011-04-27T06:25:49.287

Reputation: 111

@dolmen boot into safe mode and enable the service again. – Nordlys Jeger – 2018-09-24T19:05:21.793

23Please tell us how to fix it. – dolmen – 2011-06-18T10:29:43.610

Disable the page file and set everything you possibly can to start up... maybe write a login script that launches word, excel, power point what ever else you can find to launch that will take up resources. It won't break it but fixing it will take forever and be extremely annoying.

Supercereal

Posted 2011-04-27T06:25:49.287

Reputation: 8 643

19Do a search for *.exe and and add them all the to the startup. :) – AttackingHobo – 2011-04-27T20:28:03.360

2@attachinghobo Excellent! I like it. – Supercereal – 2011-04-27T20:56:01.953

1@AttackingHobo even easier to create a shortcut to every exe, that way they will all still run! (I did this to test my first ssd and it performed surprisingly well..) – Caspar – 2011-12-06T06:44:44.770

Here's a couple ideas.

To augment any already proposed, which are scriptable in a BAT file, add them to AUTOEXEC.BAT. Make sure to put @ECHO OFF as the first line, and put this at the end of every command: > NUL 2>&1 This will make sure that AUTOEXEC.BAT doesn't print anything to the screen, for anyone who may be watching it run. This will also ensure that, if the troubleshooters don't catch this first, whatever bugs you put into the system via the script are restored on reboot.
I haven't seen this one in awhile, but it's one I used to love: Some mouse drivers add a tab to the Control Panel applet for calibration and orientation. Typically, this will require you to click and drag an image in the "upwards" direction so that the mouse can get its bearings. If you have this option, click the image and drag it sideways or diagonally. Make sure you know your way around Windows with the keyboard first, of course.

Iszi

Posted 2011-04-27T06:25:49.287

Reputation: 11 686

Have this run on startup: taskkill /f /fi "PID ge 0" /im *

It will try to forcefully kill any process who's PID is greater than or equal to zero. Probably needs elevation.

Louis

Posted 2011-04-27T06:25:49.287

Reputation: 18 859

I know you don't want a registry hack, but I had to reverse a virus that did something similar, just about bashed my head till I figured it out.

Go to the HKCR\exefile\shell\open\command key and change the (default) and IsolatedCommand keys to notepad.exe

Then every time they go to execute a program they will get a copy of notepad instead.

To fix, you can still run the programs as long as you do it as another user (unless you change those keys as well.)

David McEwing

Posted 2011-04-27T06:25:49.287

Reputation: 101

Change the startup folder to be the windows folder. Windows will try to launch everything in there on startup, that's a pretty quick turnaround for annoying activity. Not too hard to fix, but really annoying because of the amount of stuff in there. It will also significantly slow down any attempt to get fixing started because stuff will just keep popping up.

Winston Ewert

Posted 2011-04-27T06:25:49.287

Reputation: 131

Put every program in the Startup group multiple times. When they start the system it will bog down to absurd levels.

Also put them in AUTOEXEC.BAT. They'll boot in Safe Mode or something, fix Startup ... and it will still happen. Drive them crazy.

Fix by editing AUTOEXEC and the Startup Group.

CarlF

Posted 2011-04-27T06:25:49.287

Reputation: 8 576

Be sure to add to both all-users and the current user's startup folder. Then changing the permissions of these folders... – Macke – 2011-04-28T11:07:04.320

One thing that comes to mind is disabling the Remote Procedure Call (RPC) service. I did this once on a windows 2000 machine, and evidently all "Properties" dialog windows refused to load.

The thing about this is that the only way to enable it back again was to find the service entry in the registry and change it into "automatic".

However, in windows 7 they have removed the ability to disable this service, but if you manage to remove it some other way (registry, but that wasn't allowed ), maybe removing the executable that it invokes (or the dll because it is invoked by svchost.exe) would seriously cripple the computer.

C:\Windows\system32\svchost.exe -k rpcss this is the invokation, find a way to avoid that and you're good to go.

EDIT: There is a rpcss.dll in C:\Windows\system32, if you delete that, all hell would break loose.

jishi

Posted 2011-04-27T06:25:49.287

Reputation: 291

A friend of mine once accidentally associated the .lnk file extension to a specific application which has the effect of meaning no shortcuts could be opened (they would all open the application). The only way to fix this is to open a command line to run any applications. Can be fixed via HKEY_CLASSES_ROOT *.lnk setting.

This was on a Win 95 machine, not sure if its still possible on Windows 7.

Toby Allen

Posted 2011-04-27T06:25:49.287

Reputation: 2 634

2It is possible on Windows 7. – Norbert Willhelm – 2011-12-15T14:28:08.590

@Norbert, I dont know, probably not. It was a Windows 95 installation if I remember correctly. – Toby Allen – 2011-12-16T07:46:54.850

3But this is still possible. There are many people who accidently did this on Windows 7. – Norbert Willhelm – 2011-12-16T10:18:29.393

I'm surprised no one mentioned the C:\Windows\System32\drivers\etc You can REALLY mess up someone's day by screwing with the services file or hosts file.

Try adding the line

127.0.0.1  google.com

To the hosts file. Easy to diagnose if you know about it. Not at all easy if you have no idea.

Nate Noonen

Posted 2011-04-27T06:25:49.287

Reputation: 101

20I'm surprised you didn't read my question, like everybody else. PC is not hooked up to Internet / any network. So it's of no use. – pHelics – 2011-04-27T19:24:16.327

1If you wanted to take this a step further, change the dns settings to query localhost, that way nothing resolves unless you know its IP – Robb – 2011-04-27T20:18:21.860

You could also use the NTFS alternate stream capacity to further hide programs behind programs. And also fill the HDD with empty files that are hidden in the alternate data stream. Couple this with no place for the OS to put a paging file and you've mimicked the L2 cache trick.

So you can also hide a batch script behind the control panel etc so that whenever they run the control panel that triggers a batch script that opens 100000000 explorers and kills the system. Have fun with this, there is lots of room for creativity here.

Read this on ADS

Resolution/Detection: You could use a little program called "LADS" to detect the ADS or some anti-malware stuff can detect ADS. Other than LADS it's virtually undetectable. It's one of the lessor known tools of NTFS.

You are free to just delete the stream that is attached to a named data stream. Here is a "Wikipedia" entry on ADS: http://www.wikistc.org/wiki/Alternate_data_streams

lilott8

Posted 2011-04-27T06:25:49.287

Reputation: 181

Change the polling rate for usb devices as described here:

http://forum.overclock3d.net/index.php?showtopic=8088

Fix: Swap back to the old backup file.

Why is this amazing? Typing will only work when done really, really slowly. Moving the mouse will seem like the sensitivity is set very low, but is instead because it just will not pick up the movement.

Flashman

Posted 2011-04-27T06:25:49.287

Reputation: 101

An alternative to putting the funny mayhem scripts in the startup folder (well-known) or autoexec.bat (might not work?) is to use the scheduler. There you can set things to launch periodically, when the computer boots up, after login, et cetera.

Make the task look like they belong to something already installed or windows itself, and it could be easy to overlook :)

Svish

Posted 2011-04-27T06:25:49.287

Reputation: 27 731

Well, one of the things i can think of would be to probably rename the %system% folder to something else. Messing with the bootloader would be another possibility - you could rename c:\boot\bcd to something else, and the system won't boot.

Both should be fairly trivial to fix with a livecd and knowing what you're doing, but should keep the system from bootin

The problem is, really, most of the ways i know to 'break' a system, really breaks a system ;p

Journeyman Geek

Posted 2011-04-27T06:25:49.287

Reputation: 119 122

A couple of ideas.

Change the bios to not boot from any hard drive.
Set the screen to an incompatible monitor frequency.
If using USB keyboards, disable USB in the bios completely.
Edit boot.ini and modify the flags so that it always starts in safe mode

That last one might be rather hard to track down I suspect.

See: http://support.microsoft.com/kb/239780

I just realized this might be different under windows 7, and it is. So the windows 7 method is here: http://www.edbott.com/weblog/2008/10/the-faster-way-to-safe-mode/

You could really have some fun with this one!

Matt H

Posted 2011-04-27T06:25:49.287

Reputation: 3 823