-
Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.
Why not Click Here To Sign Up and start enjoying great FREE Tech Support.
This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
my Micorosoft account got hacked/stolen/deleted
- Thread starter Mai Brumec
- Start date
-
- Tags
- #microsoft hacker minecraft
- Status
These logs take a while to go over, so it may take me a couple hours, so lets run a couple scans while you wait. 
Download AV block remover .
Unzip to your desktop, Right click run as admin and follow the instructions. If it does not start, rename the AVbr.exe file to, for example, AV_br.exe
Click yes to reset hosts file.
After the machine reboots then there will be a logfile in the new folder created, post that please.
Adware Cleaner
Download Malwarebytes v.4 . Install and run.
Download AV block remover .
Unzip to your desktop, Right click run as admin and follow the instructions. If it does not start, rename the AVbr.exe file to, for example, AV_br.exe
Click yes to reset hosts file.
After the machine reboots then there will be a logfile in the new folder created, post that please.
Adware Cleaner
- Download AdwCleaner and save it to your Desktop
- Right-click on AdwCleaner.exeand select
Run as Administrator - Accept the EULA (I accept), then click on Scan Now
- Let the scan complete
- Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
- Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
- Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
- Close all other open windows and allow it to restart
- After the restart, Notepad will open with the AdwCleaner cleaning log
- Please Attach the contents of that log into your next reply to me
Download Malwarebytes v.4 . Install and run.
- Once the MBAM dashboard opens, click on Settings (gear icon).
- Click on Security tab and make sure that all four Scan options are enabled.
- Close Settings and click on the Scan button on the dashboard.
- Once the scan is completed make sure you have it quarantine any detections it finds.
- If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
- If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
- If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.
adw cleaner i cannot select clean and reparl there is just quaranteenThese logs take a while to go over, so it may take me a couple hours, so lets run a couple scans while you wait.
Download AV block remover .
Unzip to your desktop, Right click run as admin and follow the instructions. If it does not start, rename the AVbr.exe file to, for example, AV_br.exe
Click yes to reset hosts file.
After the machine reboots then there will be a logfile in the new folder created, post that please.
Adware Cleaner
- Download AdwCleaner and save it to your Desktop
- Right-click on AdwCleaner.exeand select
Run as Administrator- Accept the EULA (I accept), then click on Scan Now
- Let the scan complete
- Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
- Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
- Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
- Close all other open windows and allow it to restart
- After the restart, Notepad will open with the AdwCleaner cleaning log
- Please Attach the contents of that log into your next reply to me
Download Malwarebytes v.4 . Install and run.
- Once the MBAM dashboard opens, click on Settings (gear icon).
- Click on Security tab and make sure that all four Scan options are enabled.
- Close Settings and click on the Scan button on the dashboard.
- Once the scan is completed make sure you have it quarantine any detections it finds.
- If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
- If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
- If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.
# -------------------------------Go ahead with that option.
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-28-2022
# Duration: 00:00:09
# OS: Windows 10 Pro
# Cleaned: 20
# Awaiting reboot:3
# Failed: 0
***** [ Services ] *****
Deleted SecurityService
Deleted webshieldfilter
***** [ Folders ] *****
Deleted C:\ProgramData\SecuritySuite
Deleted C:\Users\Uporabnik\Documents\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
Needs Reboot C:\Program Files (x86)\TotalAV
Needs Reboot C:\ProgramData\TotalAV
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\TotalAV.lnk
Deleted C:\Users\Uporabnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
Deleted C:\Users\Uporabnik\Downloads\TOTALAV_SETUP.EXE
Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Classes\*\shell\TotalAV
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\TotalAV
Cleaning failed C:\ProgramData\TotalAV
*************************
***** [ Files ] *****
Cleaning failed C:\Windows\System32\drivers\webshieldfilter.sys
*************************
AdwCleaner[S00].txt - [2965 octets] - [28/08/2022 16:00:19]
thats the adwcleaner i couldnt post it faster because forum was down
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
FRST Fix.
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Last edited:
- Status