Email in my Sent box that I did not send, contains credentials in plain text

The subject line is in regard to a very specific portion of what I'm dealing with at the moment. I was very lazy with my online credentials (using one password everywhere). They were obtained somehow and I've been scrambling to lock everything down properly ever since. The point of the post is in bold text below, but a quick summary of the sequence of events.....

I received a message from LinkedIn that an alternate email was added to my account. I did not do that myself so I tried to log in to see what had happened. I found myself locked out of LinkedIn and have not been able to get back in. I need to either 1) email them a photocopy of my ID, or 2) get a form notarized. I'm not sending a picture of my ID electronically as a resolution to identity fraud...

I then started receiving replies to messages I did not send from within Facebook market place. Someone was in my Facebook and trying to buy things. I sent messages to all of the recipients of the malicious messages, telling them not to believe a word I say.

I immediately changed my credentials and enabled mfa wherever possible

I'm using unique randomly generated passwords for every account I can recall having....but I keep recalling new ones each day so I cannot say for sure that the leaked credentials are now useless everywhere but I'm getting there.

I have McAfee and have run full scans on any device I've been using. There have been no hits on anything malicious. McAfee does agree that my (previous) credentials have been leaked to the wild but I already knew that part.

I received an email that contained a number of my previous passwords in plain text, along with a .jpg and a .pdf that I did not open. I still have the email, but know I need some sort of sandbox environment if I want to examine the attachments. My guess is that the pdf is going to demand I pay a ransom or else... 

I then found a message in my outlook sent messages fold from me, containing my login credentials in plain text. The complete message was:

Subject: CHECKER RESULT: v1

New--Smtp--Test

Host: smtp.office365.com

Port: 587

User: xxxx

Pass: xxxx

where the xxxx was my real outlook email credentials. 

this message was sent to fdskamil566@gmail.com

I don't know if this is the origin of the leak, or someone taking advantage of the previously leaked credentials to gain further access. However, I don't know how this email was triggered, or how to prevent it from happening again since my McAfee software is not finding anything wrong. I'm hoping this sounds familiar to someone and I can get a point in the right direction. 

Let me re-iterate... I was being completely lazy and am now laying in the bed I made....if you'd still like to reassure me of just how stupid I was being using the same password everything, I'll understand, but I am on the road to securing everything as properly as I can.

Thank you in advance for any help!! I really appreciate it. 

Thank you for the fast response. The output of the MiniToolBox is attached. Most of the contents are beyond my knowledge but I will say that anything to do with sysinternals Autorun happened after my security breach. 

I am going to refer you to post a request in the virus removal section

https://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I saw nothing out of the ordinary but there could be something cause this is strange.

Edited by buddy215, 06 September 2024 - 07:01 PM.

It turns out that the OP already has an active MRL Forum topic here:

Outlook Sent email that I did not send, contained credentials in plain text.