Scammer locked PC with Syskey startup password


  1. stocktiki
    Posts : 26
    Windows 10
       New #1

    Scammer locked PC with Syskey startup password


    My older, non-computer savvy Dad was just taken by the oldest trick in the book. Hoping someone can help out.

    System: Toshiba Laptop. Windows 10 Home.

    Scammer from "AOL" calls my dad and says his computer is corrupted. My Dad (sadly) gave him remote access. Scammer installed a password using Syskey startup. Now, on startup, Dad gets a black screen with message "This computer is configured to require a password in order to start up. Please enter the startup password below."

    He's tried to get into the F8 menu by turning on PC and pressing F8, but the system goes straight into the password.

    Can anyone help? Is there an easy fix I can help my Dad do remotely by talking him over it the phone? Scammer locked PC with Syskey startup password-scammer.jpg
      My Computer
    Quote Quote

  3. Berton
    Posts : 14,020
    Win10 Pro and Home, Win11 Pro and Home, Win7, Linux Mint
       New #2

    Without the password it usually means a clean reinstalling of Windows. Haven't seen or heard of it yet but possible the BIOS has been passworded, usually has 2, one for starting the computer and the other for entering the BIOS to make changes, they are separate where can have one but not the other.
      My Computers
    Quote Quote

  4. NavyLCDR
    Posts : 18,432
    Windows 11 Pro
       New #3

    How to remove syskey on Windows 10 (first post) - General Security
      My Computer
    Quote Quote

  6. essenbe
    Posts : 12,801
    Windows 11 Pro
       New #4

    First, do not try to boot into Windows again. It will depend on how aggressive the scammers were.

    You can boot to a Windows 10 installation USB/DVD drive and attempt to do a system restore. System Restore Windows 10 - Windows 10 Performance Maintenance Tutorials

    If that does not work, as a last resort you can try this. It will depend if the registry backup was altered by the scammer and if the backup was altered by trying to boot into Windows.

    You can use a Live Linux DVD/USB or another type USB. Many of us like the Windows 10 recovery ISO Windows 10 Recovery Tools - Bootable Rescue Disk - - Windows 10 Forums
    1.POWER OFF your PC immediately.
    2.Boot to external media of some sort (NOT your Windows installation) and navigate to the %SYSTEMROOT%\system32\config folder.
    3.Backup the registry hives in this folder to a temporary location. The files are:
    A.SOFTWARE
    B.SYSTEM
    C.SAM
    D.SECURITY
    E.DEFAULT

    4.Navigate to %SYSTEMROOT%\system32\config\RegBack as mentioned earlier.
    5.Copy all registry hives from this folder (the same files as listed above) into the %SYSTEMROOT%\system32\config folder.
    6.Reboot the PC.

    EDIT: Looks like I was too slow
      My Computer
    Quote Quote

  7. stocktiki
    Posts : 26
    Windows 10
    Thread Starter
       New #5

    Thanks for the rapid replies. The Windows community is great!

    The only problems remain:

    * My Dad doesn't have a way to burn a recovery CD or USB. He only has one PC (the one that's infected).
    * I'm 2000 miles away from my Dad so must assist him over phone.
    * Sounds like there's no "simple way" to reset or reinstall Windows?
    ...
      My Computer
    Quote Quote

  8. essenbe
    Posts : 12,801
    Windows 11 Pro
       New #6

    You can try option 6 Boot to Advanced Startup Options in Windows 10
      My Computer
    Quote Quote

 

  Related Discussions
Win10 PIN and password problems . I'm locked out!
in User Accounts and Family Safety

I screwed up and can’t get in to my Windows account . I was trying to fix another problem that suggested I boot Windows with minimum start up stuff. After I did that, the desktop PC rebooted but instead of asking for my pin number it said “something...
MS XL 2000 password locked
in Microsoft Office and 365

Hi. I appreciate this is an old version of Excel, but I still use it. Some time ago I created a password spreadsheet which was encrypted with a password itself. However, I am unable to remember it. I have found much information how to...
I have Windows 7 so had no idea how screwed up this could get. I've googled this for 3 hours and the simplest of answers will never be provided. No one seems to be able to think thoroughly on this. My 90 yr old dad has a hosed PC. It now has...
Forgotten password, locked out of computer
in User Accounts and Family Safety

I recently made a dumb move by attempting to change my picture password without giving any regard to the fact I don't remember what my local text-based password was. It wasn't until I deleted my picture password when realized what I had done and...
I've got a client who wants to get rid of the lock screen password requirement but keep the lock screen with the time etc. Obviously disabling the password requirement leaves the device vulnerable. I've found plenty of information on how to...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 17:30.
Find Us




Windows 10 Forums