Thanks! Though I don't see any mention of the syskey, which is different from the admin password.
You're good now. Save the data, wipe the drive. It's just not worth something lingering that scans don't find.
Sometimes this is true, but in this case I can be fairly certain that all they did was create a syskey password as a lame ransom attempt. If the solution was always to back up the data, wipe the computer, and start over, I'd be out of business because nobody would pay for the time it would take to do that.