Microsoft account hacked and security info deleted but I have emails telling me which email I used to sign up to microsoft for.

The screenshots confirm that the attacker changed the primary alias to the …@achromml.ru address and then removed the original Gmail address from the account’s security info. In this situation, Microsoft can only use the standard hacked‑account and recovery workflows; support cannot manually swap the alias back, restore deleted security info, or process refunds outside those workflows.

A detailed step‑by‑step path is:

1. Clean every device that had the malware
   Before signing in to any Microsoft service again:
   • On Windows 10/11 or 8.1, open Start → search for Windows Defender → run a full scan and remove anything found.
   • Turn on real‑time protection and automatic updates so the system continues to be scanned regularly.
2. Start from the official hacked/compromised account guide
   Use the dedicated helper for hacked Microsoft accounts. It will:
   • Ask for the email or phone of the affected account.
   • Show the appropriate self‑help path or, if eligible, options to contact an agent.
     This is the entry point Microsoft uses for cases where the alias and security info were changed by an attacker.
3. Try normal sign‑in and password reset first
   If the account still accepts the old password or allows password reset:
   • Sign in and immediately change the password to a strong one.
   • Then go to the Security basics page and review Recent activity and security info.
4. If sign‑in fails, complete the Account Recovery form (ACSR)
   When the attacker has changed the alias and removed your security info, the recovery form is the only way to prove ownership:
   • Go to the account recovery form and enter the hacked Microsoft account address (the original Gmail‑based Microsoft account), plus a different contact email where responses can be received.
   • Fill in as much accurate information as possible, such as:
     • Old passwords used on the account.
     • Services used with the account (Outlook.com, Xbox, OneDrive, Microsoft 365, Minecraft, etc.).
     • Billing details that were on the account (name, address, last digits of cards, subscriptions).
     • Subject lines of emails recently sent, or names of frequent contacts (if Outlook.com was used).
   • Submit the form from a device and location that were previously used with the account (for example, the PC that was already signed in before the hack). This matches the guidance that using a familiar device/location improves the chances of success.
   • If the result says there was not enough information, adjust the answers with any additional details remembered and resubmit. The form can be submitted multiple times (up to a few times per day).
5. What happens if recovery succeeds
   Once access is restored:
   • Immediately change the password.
   • Go to the Recent activity page (linked from the security emails and from the security portal) and review all sign‑ins. For any activity that is not recognized:
     • In the Unusual activity section, expand the item and select This wasn’t me.
     • In the Recent activity section, expand and select Secure your account.
   • Re‑add trusted security info (alternate email and mobile phone) so future recovery is easier. The Outlook.com protection article recommends adding as much security info as possible for this reason.
   • Remove any unknown aliases, devices, and app passwords.
6. What happens if recovery fails
   The Q&A guidance in the context is explicit:
   • If the attacker has replaced the security info and the automated recovery form does not accept the information provided, there is no other working method to recover the Microsoft account.
   • Microsoft Support and forum moderators do not have tools to override the automated checks, manually change the alias, restore deleted security info, or verify ownership from screenshots alone.
   • In that case, the account is effectively unrecoverable, and associated purchases (Xbox, OneDrive, games, subscriptions) cannot be moved or refunded through a manual support override.
7. Check for and respond to unusual‑sign‑in alerts
   For any future alerts like the ones shown in the screenshots:
   • Sign in to the Security basics page.
   • Select Review activity to open the Recent activity page.
   • For any sign‑in that is not recognized, mark it as not yours so Microsoft can help secure the account and prompt for password change.
8. Strengthen protection going forward
   The Outlook.com protection guidance recommends:
   • Keeping the operating system fully updated.
   • Using antivirus software and keeping it updated.
   • Adding alternate email and mobile phone numbers as security info so recovery is easier if something similar happens again.

In summary, the only path to get the account back or to have any chance of affecting that account (including closing it) is to:

1. fully clean the devices, and 2) go through the hacked‑account guide and the account recovery form with as much accurate information as possible. If that automated process ultimately fails, Microsoft cannot manually intervene to restore or modify the account.

References:

• How to recover a hacked or compromised Microsoft account
• Help protect your Outlook.com email account
• What happens if there's an unusual sign-in to your account
• My account got hacked - Microsoft Q&A
• Need help with hacked microsoft account - Microsoft Q&A
• hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A
• Hacked account - Microsoft Q&A