Any cryptographic hash function works as a key derivation function (KDF) or cryptographically secure pseudo-random number generator (CSPRNG). Even ones with broken collision resistance are probably still suitable-- you could just take the bottom bits of MD5(secret_key + counter) and that would be enough.

Very much no. If I know the hash function will always map input X > Y for all machines and I can guess say 100,000 possible states for the PRNG based on for example the time stamp then:

Hash those 100,000 states, compare the output of those hases to the observed output to find the actual PRNG state. Then always know the hashed output of the PRNG.

PS: Read https://en.wikipedia.org/wiki/Cryptographic_hash_function Now if each machine used it's own hidden salt then that would be a real option. But, cryptographic hash does not imply an unknown salt.

With a secret state of 128 bits or more, you can't brute force it before the sun burns out.

Edit: You said secret_key aka hidden salt, but if I can get that key by say access to the machine then it's not necessarily hidden.

I am pointing this out because the assumption is a poor PRNG used by incompetent team in the first place. Saying just do X, when it's possible to do X and still have a problem is not an actual solution. It's equivalent of saying just be competent.

Well yes, I was giving them the benefit of the doubt & assuming they would spend a few weeks with the Handbook of Applied Cryptology.