Kaseya Community

Disabling a Windows Vista/7 Computer

  • Disabling a Windows Vista/7 Computer

    I had searched high and low, googling, trying to figure out a way to disable a Vista/7 PC.

    After my own brainstorming, I finally came up with a very simple solution, and that is
    renaming the Boot folder on the OS partition, i.e. C:\Boot

    Rename this folder to something such as C:\Boot_bad   or C:\Boot_bak

    And it will cause a black screen with a \Boot\BCD error and the computer will fail to start.

    I figured that I would share something in which I have yet to see on the forums or related to
    kaseya as I did do my homework and plenty of Googling, prior to coming up with such a simple
    solution.

    Very easy to write your own script/procedure to perform this directory rename on just Vista/7
    machines.

    This is useful for laptops or PC's taken by an employee from their work environment against company policy,
    not to mention various other uses.

    On XP it can be done by attacking the NTDetect file, but that has been discussed previously by
    others.

  • Forgot to mention the solution will require PHYSICAL ACCESS to the machine which is the whole purpose of this procedure.  

    The easiest way to perform the solution is to boot the computer from a Hiren's Boot CD using the Mini XP or under any other  XP PE environment or even a Live Linux boot cd;  thus anything giving you access to the PC's hard drive so as to allowing you access to its file structure in order to rename the folder back to its original name.

    Thus you will rename it back to C:\Boot

  • If its a computer the best solution is to disable cdrom, and usb and enable windows firewall and block all outbound traffic except to your kaseya server.

    That desktop is usless with keyboard and mouse disabled.

    I always like the additional reboot every 3 minutes trick..makes someone knowing what to fix need to be really fast to do it....

  • Hi Mark,

    Great suggestion yourself, and your idea is quite clearly repairable remotely via Kaseya while my method is not..

    In our case, I was trying to force a particular environment/user in to allowing and giving us physical access to a particular machine.

    The black screen and no bootable or functioning computer quite effectively had the individual calling us up.

    We needed physical access to an environment and used this method to accomplish such.

    Sometimes client companies staff can be less than friendly or cooperative when up to no good.

    And a fully dead computer is compelling enough on their part to allow the IT company into their environment.