So if you read the title and thought, I can help, cool, if you didn't understand a word, you can't!
An acquaintance of mine got scammed. More exactly his wife got scammed in a Talk Talk scam. One of the things the scammers did was lock him out of his own PC with Syskey password which I can't guess. So, without re-building the whole PC, which will be a headache, I need to break the Syskey password, so I'm looking for utilities to do this. I've tried one but it didn't work. There are others but I'm reluctant to look at some of them as they're on dodgy hacking sites.
Has anyone any recommendations or methods or even password guesses?
Treat that computer as hosed. You can absolutely bet that Syskey is the very least of your worries. Malware, ransomeware,, virusese, trojans, they're all distinct probabilities. The scammers had the opportunity to install all of these - and more. You have to treat everything on it as compromised.
My solution? Take off and nuke it from orbit. It's the only way to be sure. Or, more accurately, reformat the hard disk (a
full format, not the quick option) and reinstall the operating system. I hope your acquantances have backups.
A high risk strategy is to take the hard disk out, attach it to another machine, and try and salvage the data - if the drive's not been encrypted. Don't attach it to another Windows machine, there's a good chance there'll be malware just waiting for that opportunity. Use something like Linux (it's more obscure, so there's fewer unpleasantries written for it), and don't use the root account! Assume any files you retrieve to be infected, and disinfect with multiple passes through several different AV programs and something like Malwarebytes.