Hi, I'm Bernard, a fellow Windows user. I'm happy to help!
Kindly follow the steps provided by QA Assist. If the issue persists, I recommend adding 2-step verification, such as an authenticator app:
I scanned my entire computer for malware, spyware tracking cookies, trojans, etc. and I am getting suspisious activity on all my accounts.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 96%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELC%3C/text%3E%3C/svg%3E)
lance cheng
0
Reputation points
I got hacked on March 17 and I created a new Microsoft account and changed every password on my personal accounts, but I am still getting hacked and got my school password changed. I checked to see if I had a Trojan or a malware, but scans showed that I had no threats. I do not know if my device is hacked or if my passwords on my Microsoft account are still there.
Windows for home | Windows 11 | Security and privacy
2 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 77%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELB%3C/text%3E%3C/svg%3E)
Lester Bernard Reyes 77,490 Reputation points Independent Advisor2026-03-24T04:36:01.4333333+00:00 -
Q&A Assist2026-03-24T03:53:02.3266667+00:00 AI generated content. This question contains an answer created with AI from Q&A Assist. Learn moreFollow these steps to lock things down and verify whether the accounts or devices are still compromised:
- Secure each account immediately
- For personal Microsoft accounts, go to the Recent activity page at https://account.live.com/Activity to see when and where the account was accessed in the last 30 days. If any sign-in is not recognized, immediately change the password and update security settings on the Security settings page.
- For work or school accounts, sign in to https://myaccount.microsoft.com/ and select My sign-ins (or Recent Activity) to review all sign-ins. If anything looks unfamiliar, change the password and then go to Security info to update security methods (phone, email, app).
- Treat this as a possible account compromise
- Follow the official steps for a hacked or compromised Microsoft account:
- Make sure all devices are clean (see step 3 below).
- After that, change or reset the password for each Microsoft account using the official password-change or reset pages.
- Check account settings for malicious changes such as:
- Connected/linked accounts
- Forwarding rules
- Automatic replies These can be used by an attacker to keep reading or redirecting mail even after a password change.
- Follow the official steps for a hacked or compromised Microsoft account:
- Re-scan and harden every device used with these accounts
- Ensure Windows 10/11 Windows Defender (Microsoft Defender Antivirus) is turned on and fully updated, then run a full scan (not just a quick scan) on each Windows PC used with the accounts.
- Set the antivirus to update automatically and to scan regularly.
- If sign-ins continue to appear from unknown locations or devices even after password changes, consider:
- Removing any unfamiliar apps or browser extensions.
- Resetting browsers (clearing saved passwords and sync data) and re‑setting them up with new, unique passwords.
- Check for ongoing unusual sign-in activity
- For personal Microsoft accounts, continue to monitor the Recent activity page. If unusual activity persists after password changes and device scans, repeat the steps: change password again and review security info.
- For work/school accounts, keep checking My sign-ins at https://myaccount.microsoft.com/ to ensure only expected locations, devices, and apps are shown.
- Strengthen security to stop repeated compromises
- Use strong, unique passwords for each account (do not reuse passwords between school, personal, and other services).
- Add and verify alternate email addresses and phone numbers on personal accounts so recovery is easier and more secure.
- For work/school accounts, ensure multi-factor authentication (two-step verification) is enabled if the organization supports it.
If sign-ins from unknown locations or devices continue even after these steps, assume at least one device or password store (browser, password manager, or synced profile) is still compromised and work with the school’s IT or organization’s admin to reset the school account and review sign-in logs.
References:
- Secure each account immediately