theoldmole Posted July 6 ID:1576097 Share Posted July 6 I got a notification saying that my Microsoft Account had been compromised. I just want to make sure the source isn't from my computer. FRST.txt Addition.txt Log.txt Link to post Share on other sites More sharing options...
Porthos Posted July 6 ID:1576100 Share Posted July 6 How were you notified of the compromise? @theoldmole Link to post Share on other sites More sharing options...
theoldmole Posted July 6 Author ID:1576121 Share Posted July 6 Through an email from Microsoft. Link to post Share on other sites More sharing options...
Porthos Posted July 6 ID:1576133 Share Posted July 6 2 hours ago, theoldmole said: Through an email from Microsoft. Could you attach the email? Or copy the header here. Link to post Share on other sites More sharing options...
theoldmole Posted July 6 Author ID:1576134 Share Posted July 6 This is all I can get. Quote Microsoft account team <account-security-noreply@accountprotection.microsoft.com> Link to post Share on other sites More sharing options...
Porthos Posted July 6 ID:1576136 Share Posted July 6 17 minutes ago, theoldmole said: This is all I can get. Thanks for the additional info. It seems legit. https://support.microsoft.com/en-us/account-billing/what-happens-if-there-s-an-unusual-sign-in-to-your-account-eba43e04-d348-b914-1e95-fb5052d3d8f0 Link to post Share on other sites More sharing options...
theoldmole Posted July 6 Author ID:1576137 Share Posted July 6 Are you going to be taking a look at this? Link to post Share on other sites More sharing options...
Porthos Posted July 6 ID:1576138 Share Posted July 6 1 minute ago, theoldmole said: Are you going to be taking a look at this? Someone will not me. Just wanted to see if the email was legit. @AdvancedSetup Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 6 Root Admin ID:1576145 Share Posted July 6 Hello @theoldmole To begin, please do the following so that we may take a closer look at your installation for troubleshooting. This is a report only. NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to the Public desktop, please upload that file on your next reply Thank you Link to post Share on other sites More sharing options...
theoldmole Posted July 6 Author ID:1576153 Share Posted July 6 (edited) This can't be seen by anyone else right? Edited July 6 by AdvancedSetup Removed log Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 6 Root Admin ID:1576162 Share Posted July 6 I've removed the log. I have it and will review Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 6 Root Admin ID:1576166 Share Posted July 6 The logs do not indicate that the current system is infected. Please check your email address used now and ones possibly used in the past on this site and see what it says about any compromise https://haveibeenpwned.com/ Make sure that you do not share the same password on more than one site. All sites should use their own unique strong password. If you want to pay a security company to do a forensic analysis then I'd suggest you fully stop using this computer and contact them for assistance. If you simply want to reset your Microsoft Online account and do some basic general cleaning of this computer, we can do that but not if you want to pursue forensic analysis (often very costly) Let me know what you'd like to do @theoldmole Link to post Share on other sites More sharing options...
theoldmole Posted July 6 Author ID:1576168 Share Posted July 6 If there is nothing in the logs that indicate that the source is the computer, then that is fine with me. Feel free to go ahead and close this topic. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 6 Root Admin ID:1576183 Share Posted July 6 No problem. I'll go ahead then and close this topic and leave some general information about passwords below for others to read as well My own personal recommendation for a password is to choose a minimum of 16 characters. If using a password manager and the site allows it you may want to opt for a 20 character password as both AI and Quantum computing may make password cracking easier. Also don't for get to use MFA/2FA (Multi-Factor-Authentication/Two-Factor-Authentication) on top of a good strong password Forum discussion on the topic of passwords Are Your Passwords in the Green?https://forums.malwarebytes.com/topic/284814-are-your-passwords-in-the-green/ For reference only. Do not use a password in production that you've obtained from this site. Password Generator Plushttps://passwordsgenerator.net/plus/ Another quick throw-away temporary password generator. One should not use this for any purpose beyond temporary. Passphrase and Password Generatorhttps://ae7.st/g/index.html Site to verify the strength of a password. However, once tested the password should no longer be used. It is designed to help show you how to build a strong password. Verify password strengthhttps://www.uic.edu/apps/strong-password/ Use Password Management software Bitwardenhttps://bitwarden.com/ KeePass Password Safehttps://keepass.info/ 1Passwordhttps://1password.com/ 1Password has none, KeePass has none... So why are there seven embedded trackers in the LastPass Android app?https://www.theregister.com/2021/02/25/lastpass_android_trackers_found/ 1Password Will Kill the Last Password You Neededhttps://www.reviewgeek.com/145292/1password-will-kill-the-last-password-you-needed/ Password Managers Compared: LastPass vs KeePass vs Dashlane vs 1Passwordhttps://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/ LastPass Scandal Goes Nuclear, Parent Company Services Breachedhttps://www.reviewgeek.com/143695/lastpass-scandal-goes-nuclear-parent-company-services-breached/ Security News This Week: The LastPass Hack Somehow Gets Worsehttps://www.wired.com/story/lastpass-engineer-breach-security-roundup/ Why You Should Stop Using LastPass After New Hack Method Updatehttps://www.forbes.com/sites/daveywinder/2023/03/03/why-you-should-stop-using-lastpass-after-new-hack-method-update/?sh=6b991b3728fc Link to post Share on other sites More sharing options...
Recommended Posts