Cracking 2FA eh.. was it 2FA to an e-mail or phone? I figure if you are using 2FA with an e-mail it kind of defeats the purpose.
I thought 2FA was always to a second device separate from your computer, like a mobile phone or something. Can it mean just to email? If your computer is infected, then your email password is as compromised as your exchange passwords.