Syskey.exe RRS feed

  • Question

  •    The long and skinny of it:  I was scammed a few months ago by a syskey.exe scammer.  Now I spend my free time exposing these companies and helping those that have been victimized by these horrible people. 

    What I'm attempting to do is replace syskey.exe file in system32 (xp sp3 running in VirtualBox) with a modified version of the file.  This version is intended to display the syskeys updated password into a text file and an "error window" along with a short message outing the scammer once they attempt to change my VMs password. 

      I intend to use this machine as "scambait" and get multiple scammers a day to lock out the system.  I'll record each password and then compile them into one large list of "Most common syskey passwords used by Scammers to ransom your system!" for people to HOPEFULLY have one more avenue of recovery.  The problem that I am running into is that the syskey.exe file keeps reverting back to the original shortly after replacement.  Some assistance in suspending any services or processes that are causing this issue would be PHENOMENAL.  

    Thank you in advance for yalls help!



    Tuesday, March 20, 2018 4:48 PM