-- General --

Homepage About
Log in

-- Articles --

All Articles What's New?
Random Page
Timeline

-- Tools --

Archive Article Templates Editor's Guide

Damage to School Computers by Members of Willemstan

Questionable Activity

IT Men Conspiracy

This article was last updated on August 9th of 2022

Image at the top of the screen.

An image of System32, which was deleted several times in school computers by members of Willemstan.

"The entire computer is fucked."

- Ian Hampton on the Crouton Computer, 03/08/19.

Lore

There are several computer labs in Williamston High School, many of which made prime targets for computer atrocities by members of Willemstan. The D1 lab was one of the most used computer labs in the high school, and thus has fallen victim to a variety of shinangians. The library also contains a computer lab, which had been targeted many times as well. What was Mrs. Baldwin's room is a computer lab, as well as many other rooms at the end of the D-hall. However, the surging popularity of Chromebooks in WCS has caused the computer labs to be neglected, and used only by a handful of classes. This article is a summary of the computer fuckery committed by various members of Willemstan on school computers.

From 2018 - 2019, most of the computer atrocities were committed by Charlie, Ian, and Sean. They were responsible for everything ranging from the Consume Saga to the crypto mines to the Live Camera Feed. Over the summer of 2020, in what was dubbed the "Great Leap Forward", the school greatly improved their security by moving off Novell-based networking. Following the March Incident in 2021, the System Trio retired from their role as cyber-terrorists and wasters of James Doyen's time. In September 2021, Malcolm and Andrew filled their shoes for a brief time by shoving stuff into the school disk drives (a classic bit of trolling).

Casualty Report

This section is an extensive estimation of the computer casualties caused by members of Willemstan. Note that most of these occurred in 2018 and 2019. Computer atrocities has been a dying practice due to a variety of factors, including COVID-19, disinterest, not wanting to get caught again, and the continued promotion of chromebooks over desktops. In order to count as a casualty, the computer must be disabled in a significant enough manner to to warrant an emergency IT Man repair job.

D1 Computer Lab - 8 Casualties

Around half a dozen school computers in the D1 Computer Lab were bricked by Consume 2.0 / Novell Auth. The IT Men had to remove the tower of the computer from the library in order to fix it, leaving the monitor behind like a gravestone. When the computer was returned, it was often upgraded to Windows 10. We don't know exactly why this happened. Due to the teacher (Sra. Ide) actually being aware of what was going on, the administration was tipped on suspicious activity. Two computers had their color settings changed by members of Willemstan at the start of the 2018-2019 school year. The students were forced to correct these changes shortly afterword.

Library/Media Center Computer Lab - 3 Casualties

At least two computers in the library were taken offline due to System 32 deletions. A member of Willemstan was given a day of saturday school as punishment for this. One additional computer was the crouton computer, and so it suffered extreme torment but was not actually taken offline.

F6 Computer Lab - 3 Casualties

Three computers in the F6 classroom, which also contained a computer lab, were bricked due to Consume 2.0 / Novell Auth. They likely underwent the same procedure as the computers in D1.

D8 Computer Lab - 2 Casualties

One computer in the D8 classroom known as "WHSLABD8-05" suffered extensive torment. It was infected with Bonzi Buddy several times, as well as Butterflies on Desktop and other random malware. It was knocked offline two separate times. The first was due to random malware installed alongside Butterflies on Desktop. The second was when the Ethernet connection was shut off via control panel by a member of Willemstan, and the connection could not be re-established due to insufficient permissions. This resulted in the computer being stuck offline and unable to log in. Due to poor lying, this activity was easily traced back to the student and was a contributing factor to the destruction of System I at the hands of the IT Men and the prosecution that followed.

Security Vulnerabilities Known to Willemstan

The "Test Test" and "Mud Mud" Dummy Accounts

The "Test Test" and "Mud Mud" accounts were two separate dummy accounts used in Williamston Community Schools, presumably by the IT Men. The username and password was the same for these accounts, giving them their name. Any student at WCS could log in with these accounts, making them great tools for members of Willemstan to use to screw around without being tracked as easily. Unfortunately, the accounts are set up with weaker permissions than regular student accounts, and thus cannot be used to install things like Bonzi Buddy or "Novell_Auth.exe" in the start up files. During the technology overhaul during the summer of 2020, these accounts were deleted.

Backdoor into the (C:) Drive

Not long after the First Attack on D1, a backdoor into the C Drive became common knowledge for members of Willemstan. You see, in order to prevent the students from accessing System 32 and other important files, the IT Men decided the easy fix was to just hide the entire C Drive. However, a work around was quickly discovered. The C Drive could be accessed by using "open file location" in the windows menue on any built-in Windows software, such as the Snip-it tool. This backdoor was used to delete System32 in several computers in the Library computer lab. This was done by modifying the security settings of the folder, in which one would go into the advanced security settings and change the permissions for users and groups. After some tinkering this would allow for all users of the computer to have full permissions in the System32 folder, including deletion. View the process here. This worked on both Windows 7 and 10 computers at Williamston High School until the Great Leap Forward.

Group Policy Editor

The Group Policy Editor is a very important file. It controls many of the permissions given to users, such as whether or not command prompt can be opened, or if the control panel could be accessed. Naturally, you would expect this file in System32 to be unavailable to students, as the undoing of the restrictions could have major consequences. That was not the case. The IT Men were so confident in their concealment of the C Drive that they didn't put any other safeguards in. Soon after the backdoor was made public, it was discovered that the Group Policy Editor can be accessed simply by opening it in System32. It took about 15 minutes to undo most of the restrictions, but once that is done, things like command prompt, control panel, task manager, etc., were all unlocked. This made it possible to delete entire programs from the computer using the control panel, a powerful weapon. You could even re-enable access to the Registry Editor, if things are locked behind that. If you do some digging, you can also re-enable the ability to change the owner of files. This allows for the complete deletion of files like System32. This complete failure gave essentially total control of the computer to the student. This was the most severe network security flaw ever discovered by members of Willemstan.

An instance of Firefox no longer existing, as it was removed from the computer.

Following the permissions overhaul during the summer of 2020, this loophole was patched by the IT Men. While the shortcut into the C Drive still works, they locked down the group policy editor itself.

The Incidents

The First Attack on D1

Early in the 2018-2019 school year, two computers in the D1 computer lab had their color and resolution settings adjusted by Charlie and Sean. One computer had the colors inverted, while the other had the resolution stretched and then compressed into 4:3 aspect ratio. This was accomplished through the Intel Graphics control panel. The IT Men quickly found out and it was claimed by Sra. Ide that they could not fix the issue. Charlie and Sean were forced to fix the issue themselves after school. In retrospect, it is likely that the IT Men were totally able to fix the issue themselves, but the idea was to force Charlie and Sean to clean up their own mess in the hopes that they would learn a valuable lesson that day. No such lesson was learned, this was the first of many attacks on the D1 lab.

A few months later, on February 22nd of 2019, this method of attack resurfaced. Notice how ugly the computer looks from a distance.

Bonzi Buddy

Bonzi Buddy is an abandoned adware program, first released in 1999, but then abandoned in 2004. The program features a talking purple gorilla which can tell you jokes, play games with, and also takes up a chunk of your screen as it flies around on a vine. Since the server the program used to spam advertisements is no longer accessible, reducing it to a largely useless and annoying program.

Bonzi Buddy was installed on several computers in Williamston High School, although most instances of it have been deleted. At one point, a member of Willemstan attempted to install the malware on Mrs. Baldwin's computer. Bonzi Buddy was also installed on 5-12 computers in Williamston Middle School.

The files of the Bonzi Buddy program, along with Bonzi starring his shades. Notice how the anti-virus is ticked off.

Butterflies on Desktop

Butterflies on Desktop is a classic example of malware. Once the program is downloaded, the user can spawn cute little butterflies that fly around the screen. These butterflies cover up anything on the screen, and cannot be deleted through task manager. The only ways to get rid of them is to uninstall the malware, or initiate a shutdown on the computer, and then abort it once the butterflies die off. The malware cannot be deleted via powershell, you must use an antivirus to truly get rid of it. This was installed on a computer in Mrs. Baldwin's class on January 18th of 2019, and yielded expected results. (A system restore was required.) The virus also used to mine your data, but it is unclear if it still does that.

"Awwwwwwww, look at the butterflies!" - Mrs. Baldwin

Willemstan Wallpaper

A Willemstan wallpaper was created from the WHS wallpaper, with the goal of replacing the later with the former. On March 28th of 2019, a computer in the library had its wallpaper replaced by the Willemstan one. That was the only time this has ever occured.

The Willemstan wallpaper in question.

Here is a link to a short video of some random students coming across this event.

The Crouton Computer

This computer was defaced about as hard as the one with the butterflies on desktop, bonzi buddy, and more. "WHSMEDIA-24", a school computer in the library computer lab, was defaced to the extreme on March 8th of 2019. First, the wallpaper was replaced with a gigantic pixelated crouton, (you know, the bread thing in your salad). From there, the color scheme, spacing of applications, and system font type were all played around with, leading to the following:

First, the spacing of applications was changed. The theme system process was also stopped via task manager.

The color of the selection box was changed to Christmas colors.

File explorer was then attacked brutally, changing its color scheme, font size and style, font color, image sizes, and spacing.

File explorer was made completely unusable.

Finally, the font was changed to Comic Sans for the entire system.

"Consume.bat" / Consume I

The "consume.bat" file was a batch file which filled up storage upon activation. When opened, it would create a new text document and begin filling it with characters. Consume I was tested on the High School Student Shared, with the goal of filling up the server. However, because the computer had to shut down after one hour, only a few megabytes were filled. If left running for an entire day, could fill up 30 gigabytes of storage. So it was theoretically possible to fill up an entire hard drive if left running for a week. However, this was impossible as you can't leave a school computer running for a week. School computers are supposed to be shut down every hour, so even if you left it on, somebody would restart it and log on with their own account in the next hour. If by some miracle you were the only one to use that specific computer that day, the odds of that occurring all week are almost zero. As a result, Consume I was a complete failure.

"Novell_Auth.exe" / Consume II

Development of Consume II began on March 17th of 2019. This time it was a ".exe" program, which is much better than a batch file. Consume II has multiple layers to it. If you opened it just by double clicking on it, you would be greeted with an error message, reading "aw shit". The only way you can set it up to run was through command prompt. Novell_Auth was named after "Novell", the service WHS used at the time for login functions on the school computers. That way, it could be thrown into the startup files and looked like it belonged there. Novell_Auth is 10 times more efficient than Consume I. Little did the creators of the System folder know at the time, but this program would lead to the destruction of System I, 22 days later.

Consume II had several test runs before it was unleashed on Williamston High School. The first test was on March 17th of 2019, on a small throwaway computer with only 80gbs of storage. After filling up only 1 gigabyte of space, the computer blue screened. The second test also occured on March 17th of 2019, hosted on a virtual machine. 14 gigabytes of storage was filled up during the half an hour long test. The third and final test occured on March 18th of 2019, on a virtual machine confined to the specs of a school computer. In the exactly one hour long test, 30.5 gigabytes of storage was filled. This not only showed an improvement to the second test, but proved Novell_Auth was efficient enough to do significant damage in a reasonable time period. In 24 hours, Novell_Auth can fill 732 gigabytes in perfect school computer conditions. That is almost double of what you need to fill up a school computer.

Test #1.

Test #2.

Test #3.

When Novell_Auth was unleashed on school computers, something unexpected occurred. The computed bricked. In order to restore the computer, we suspect the IT Men had to wipe the hard drive and install a new OS. Novel_Auth also resides in the start up files, so it's possible that the computer would just continuously brick before the IT Men could stop it. It is also possible they had to replace the hard drive, maybe even the whole computer, but that is unproven. As a result, Consume II began the push to upgrade the school computers from Windows 7 to Windows 10. This involved taking the entire computer out of the classroom for several days, leaving only the monitor behind. This was really funny because you would know a computer was dead when you saw the tower was just gone and the monitor was left behind like a gravestone.

It was at this point that the IT Men began to hunt down those responsible for Consume II. Computers were dropping like flies at this point because of Novell_Auth and System32 deletions. You see, Novell_Auth had one fatal flaw. It installs itself in the "users" folder. Which means all the IT Men have to do is partially restore the affected computers, go into the user folders, and see which one has the program. They quickly backtracked and discovered instances of Consume II in the accounts of the same three students who created System I. However, if the hard drive was comprimised in some way due to the virus, how the IT Men were able to recover user data is unclear. Our theory is far from perfect. Over spring break, System I was deleted, and two of the students were suspended from school. The best part though is that the IT Men only busted said students because of the "aw shit" error message. They were only punished for the profane nature of the message. The IT Men never made the connection between the program and the hard drive filling. (Once again, this could be due to the hard drive being compromised in some fashion) If they had, the suspensions would have been for much, much longer, and overall punishment would have been more severe. Novel_Auth.exe" is still around today, and can be found in System IV for safekeeping.

The Novell Auth error message, the main reason for the suspension.

"WindowsUpdateBackground.exe" / Consume III

Despite common sense, which would tell you that developing Consume III would be pushing your luck, development began on July 10th of 2020, over a year after Consume II was developed. There were a few goals in mind for Consume III:

The first test occurred on July 11th of 2020 and was actually on accident. The developer accidentally ran Consume III on their own computer instead of a virtual machine. It did 10GB worth of damage before it was stopped. Later that day, Consume 3.0 was released as "WindowsUpdateBackground.exe". Improvements since Consume II included smaller starting file size, automatic installation, un-deletable files, and the new name to remain un-suspicious. It was a lot more discrete than "Novel_Auth" because there were no more error messages, and it no longer used the users folder. The virus also copied itself to the startup files so that it would run whenever the computer was on. This way the computer doesn't have to remain online for a whole school-day straight in order to successfully take out a computer.

Consume 3.1 was developed on July 11th of 2020 to fix some issues. Another test occurred shortly after and was uploaded as a private video on the Silly Goose YouTube channel.

The Consume 3.1 test video.

Consume 3.2 was developed on July 12th of 2020 in order to make it less suspecious. An antidote was also released alongside Consume 3.2 in order to reverse the damage. A test of Consume 3.2 and the antidote was demonstrated in a video released publicly on the Silly Goose channel, and the virus was made public.

The Consume 3.2 and Antidote test video.

Consume 3.3 was developed on July 25th of 2020, with the main goal of making it completely hidden. This was accomplished by having Consume 3.3 run without administrator permissions, which was discrete because that meant it wouldn't have to ask for any permissions to function. A test was made in a virtual machine on the same day. The test was unsuccessful. A patch and another test took place, but it was still a failure. Administration permissions were needed in order to get the virus into the startup files, and so the idea of Consume 3.3 turned out to be infeasable.

What failure tastes like.

During the summer of 2020, Windows Update Background has been deployed on the Willemstan Discord Server, as well as other servers. This was done mainly as a joke, but some people have actually gotten Consume 3 on their computers because of this.

Consume 3.3 was accidentally deployed on a computer in a Business Tech class in the D hallway in early 2021. The program was not able to install itself due to insufficient permissions, but was still able to fill an entire hard drive in less than an hour. The computer would not log in or shut down and it seemed to be dead. However, the next day, the computer was working although it seemed that maybe the IT men had reinstalled Windows on it. It has since been decided that Consume 3 will not be deployed at school.

Troll Face Saga (September 2021 - October 2021)

On September 27th of 2021, Malcolm Hollingworth uploaded a video to #williamston-discussion in the Williemstan Discord Server, showing him pulling a folded up troll face out of a disk drive slot in a school computer. This was followed by a picture of him removing the "H" computer key from a keyboard in the D8 computer lab, which he later put back. After being discouraged by Ian Hampton, who worried about the repercussions of being caught, Malcolm removed the troll face paper out of the computer the following day. Then, Andrew Meyer then took the troll face paper and shoved it into his own computer. This was recorded by Malcolm, prompting another negative response from Ian. On September 29th, Andrew took the paper out of his computer and shoved it into Michael's computer (k9 in Willemstan).

This new saga of computer fuckery was, while funnny, also quite controversial for a time. Ian, and later Charlie and Sean, voiced their concern about Malcolm and Andrew's activities, claiming that the administration may will blame them for their actions. Fortunately, this saga came to an end during October 2021, and Malcolm & Andrew were never punished for their actions.