Email and UAC PW stolen

Thanks in advance for your help.

I haven't run any of the Read and Run Me First Yet steps yet as ,
I am not able to shut off my UAC account as my passwords on my user account and my emails have been changed. I did make a second PW for my sign in on my laptop so whomever did it hasn't been able to disengage me from using the web.
So , not being able to shut off the UAC , would that make any of the steps a mute point?

If it will work , I will proceed. I did download all the programs suggested and am ready to go when you say so...

Pella333

 

That is correct

 

You wish me to do the run and read me first steps and logs minus turning off UAC account?

 

Sorry, not sure if you received the file logs. Sending them again to you...thanks a bunch!

 

I didn't. I just looked in internet options and noticed remote access was on. I NEVER enable that. I unchecked it and now I can't get online.

 

My Admin password was changed, I have a guest account it was off. I attempted sfc/scannow in cmd it says I have to be admin. I am admin and signed in to admin . Confused, if this isn't malware then what? I am the only person to use my laptop, absolutely no one else uses it, it is with me 100% of the time.

I did system restore, got back online , still unable to get my Microsoft password, will attempt to contact Microsoft to resolve that problem

 

Changed my admin pw with microsoft, it handles my laptop admin sign in. I then created a new micro account and user on my laptop. When I tried to change my original user admin account on my laptop uac account I received the following error message " service is unavable for this task try again later" stumped as to next step (s) I also downloaded Trend Micro ran scans on both accounts no threats found. Strange that all passwords on my laptop and email accounts were changed and no malware is found. Damn suspicious

 

Not yet, I have got control of one of the compromised email accounts and my Microsoft account. There is still one email account dangling out there am waiting for google team to phone me , they only do one account at a time.
It might be a few days before I get it all sorted.

I did find my compromised email, once I gained access today flooded with spam from Loan Companies, I had done an app on the web to refinance and that must have been at the bottom of the mess.
I used recovery manager to refresh my win app and that has helped a bit...

Odd that Trend, Norton and Defender ( I disabled each one then used and enabled them one at a time independently) they found nothing, but MBAM found some PUM issues.

I need a break, thanks for trying, I am beat for today will post to software forum, not sure how to do that...maybe by wed I will have minute to try.

 

I dug into the computer last night and today, here is what I found.
Servicesmsc. I found a ton of remote desktop enabled and running. I shut them off.
I just went into COmputer management and found this: A little worried since I found Admin remote user in two areas.
Here is what is listed
Shares folder when I expanded that I had :
ADMIN$ C:/Windows client connections 0 Remote Admin
C$ C:/ Windows 0
D$ C:/WIndows 0
IPC$ 0 Remote Admin

Also I found alert errors for the date 6/3/2014
desc 51
error 900
Have no clue what any of this is or whether it is benign or malevolent. Just that remote admin has me worried...although it says it has 0 connection it might even be normal as I have never looked around the computer management pane before.
I reran Norton, after disabling all the remote systems running , it found a few cookies and that is all.

I think I am at the end of the road of what I can do, should I post in another forum at this point or is this nothing to concern myself with?
Thanks TIm, have no idea how you do this as often as you do, I would need meds and a lot of Vodka...
Alexandra