Windows 10: Scammer locked PC with Syskey startup password

  1.    22 Apr 2017 #1

    Scammer locked PC with Syskey startup password


    My older, non-computer savvy Dad was just taken by the oldest trick in the book. Hoping someone can help out.

    System: Toshiba Laptop. Windows 10 Home.

    Scammer from "AOL" calls my dad and says his computer is corrupted. My Dad (sadly) gave him remote access. Scammer installed a password using Syskey startup. Now, on startup, Dad gets a black screen with message "This computer is configured to require a password in order to start up. Please enter the startup password below."

    He's tried to get into the F8 menu by turning on PC and pressing F8, but the system goes straight into the password.

    Can anyone help? Is there an easy fix I can help my Dad do remotely by talking him over it the phone? Click image for larger version. 

Name:	scammer.jpg 
Views:	3 
Size:	1.33 MB 
ID:	131553
      My ComputerSystem Spec


  2. Posts : 3,922
    Win10 Home and Pro, Win10 Insider Preview, Win7 Home, Linux Mint
       22 Apr 2017 #2

    Without the password it usually means a clean reinstalling of Windows. Haven't seen or heard of it yet but possible the BIOS has been passworded, usually has 2, one for starting the computer and the other for entering the BIOS to make changes, they are separate where can have one but not the other.
      My ComputerSystem Spec

  3.   My ComputerSystem Spec


  4. Posts : 9,471
    Windows 10 Enterprise and Pro/Windows 7 Enterprise/Linux Mint
       22 Apr 2017 #4

    First, do not try to boot into Windows again. It will depend on how aggressive the scammers were.

    You can boot to a Windows 10 installation USB/DVD drive and attempt to do a system restore. System Restore Windows 10 - Windows 10 Performance Maintenance Tutorials

    If that does not work, as a last resort you can try this. It will depend if the registry backup was altered by the scammer and if the backup was altered by trying to boot into Windows.

    You can use a Live Linux DVD/USB or another type USB. Many of us like the Windows 10 recovery ISO Windows 10 Recovery Tools - Bootable Rescue Disk - - Windows 10 Forums
    1.POWER OFF your PC immediately.
    2.Boot to external media of some sort (NOT your Windows installation) and navigate to the %SYSTEMROOT%\system32\config folder.
    3.Backup the registry hives in this folder to a temporary location. The files are:
    A.SOFTWARE
    B.SYSTEM
    C.SAM
    D.SECURITY
    E.DEFAULT

    4.Navigate to %SYSTEMROOT%\system32\config\RegBack as mentioned earlier.
    5.Copy all registry hives from this folder (the same files as listed above) into the %SYSTEMROOT%\system32\config folder.
    6.Reboot the PC.

    EDIT: Looks like I was too slow
      My ComputersSystem Spec

  5.    22 Apr 2017 #5

    Thanks for the rapid replies. The Windows community is great!

    The only problems remain:

    * My Dad doesn't have a way to burn a recovery CD or USB. He only has one PC (the one that's infected).
    * I'm 2000 miles away from my Dad so must assist him over phone.
    * Sounds like there's no "simple way" to reset or reinstall Windows?
    ...
      My ComputerSystem Spec


  6. Posts : 9,471
    Windows 10 Enterprise and Pro/Windows 7 Enterprise/Linux Mint
       23 Apr 2017 #6
      My ComputersSystem Spec


 

Related Threads
I have Windows 7 so had no idea how screwed up this could get. I've googled this for 3 hours and the simplest of answers will never be provided. No one seems to be able to think thoroughly on this. My 90 yr old dad has a hosed PC. It now has...
Forgotten password, locked out of computer in User Accounts and Family Safety
I recently made a dumb move by attempting to change my picture password without giving any regard to the fact I don't remember what my local text-based password was. It wasn't until I deleted my picture password when realized what I had done and...
I've got a client who wants to get rid of the lock screen password requirement but keep the lock screen with the time etc. Obviously disabling the password requirement leaves the device vulnerable. I've found plenty of information on how to...
Hi, I recently upgraded from windows 7 to windows 10. I didn't realize it was going to mess with my log in credentials just to get into my PC. Well, I'm locked out of my PC. I can't log on, it just tells me when I enter in the PIN and the...
Scammer call in General Support
Just got a call from California from guy who said he was from Microsoft calling about error messages being sent out from my computer running Windows 10. Wanted me to get on computer to fix problem. These scumbags are clever enough to take advantage...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:22.
Find Us