help with e-mail hack

recently both my outlook/msn and Gmail accounts have been hacked and i notice emails from myself in the junk folders , i have changed passwords 4 times on each account but i am still getting hacked .

I have run everything i can think of , Combo fix ,JRT, Malwarebites , CCcleaner Advanced System Care ,Glary utilities ,IObit malware fighter and still it happens .

I have had this email for 12 years and do not want to close it down over one silly hack in all those years , but ATS has come smart cookies when it comes to computing , so how do i fight back guys

I do not know about hacking. But i ma guessing there is a key logger there to see your new passwords. Don't know. One thing that has worked in the past for me is to do your scans in safe mode. They tend to find more stuff. For email i am not sure you may need safe mode with networking. Good luck.

a reply to: douglas5

If youre using the same computers and devices you have been...it wont matter. Hacking is deep deep now a days...Good Luck though!

it's not a gmail account by any chance is it?

Same problem and I smell something fishy.

And before you ask it's not baldricks crumble.

a reply to: nonspecific


Both Outlook.com and Gmail have been hacked in the last 2 month , i normally use lastpass to store my passwords as it gets a good write up from people .

Everything seems to be getting hacked these days Ebay -Yahoo Gmail etc

a reply to: douglas5

I am guessing here...have you lost a phone or mobile device recently?

You may have to go into account settings and remove that device depending on the service.

OR, you have a key logger on your machine that you are using. Going to a public library or other persons machine to make changes may help.

Just remember the old and golden rule.

This password is small.

the other ones are very far away....

a reply to: douglas5

a reply to: nonspecific

Will a Aspirin stop the virus i have

a reply to: tadaman

I have not lost a phone so a key logger seems to be the culprit

And that is your curse, no matter what you say or how well you word your post we will always read it internally with Dougals accent.

Carefull now.

a reply to: douglas5

a reply to: nonspecific


I am doing it myself --- help

If you have important things on your computer, either back them up and format/reinstall or you can TRY to fight it. I see you have run a lot of malware scans, but you need to go deeper. Download something like avast! Or AVG and run their Slowest most intensive scans in Safe mode. You can also run safe mode with networking, to give you basic access. Try accessing your outlook or gmail accounts in this mode. Let me know what happens and I'll try to help.

My advice would be to stop using the computers until you have done a full search in your registry etc. Check out hkey/local machine/software/microsoft/windows/current version/run and also /run once. A lot of viruses will sit in there so they get loaded on startup. Also check the same thing in hkey/current user.

You could also go to someone's place that you trust, change your keyboard settings to Turkish and make a new pw with the character that is a "i" without the dot. That might help.

I work in I.T and have to deal with viruses every so often, they can be very annoying indeed! Good luck.

P.S Have you contacted gmail etc to let them know that this is happening?

originally posted by: douglas5
a reply to: nonspecific


Both Outlook.com and Gmail have been hacked in the last 2 month , i normally use lastpass to store my passwords as it gets a good write up from people .

Everything seems to be getting hacked these days Ebay -Yahoo Gmail etc

Also, NEVER use anything 3rd-party to store your passwords. Heck, I wouldn't even go 2nd-party. Keep it a single party operation and Keep it either in your head, written on a secure piece of paper, or buried deep in your hard drive in a disguised notepad file.

If its not a key logger, it's this. Remove your info from this stuff ASAP and change your passwords. I would still scan everything to be sure but you will probably not have to format.

originally posted by: Ensinger23
... Keep it a single party operation ...

MD5(password+salt)

MD5(gmail+gobbledygook) = 314e0d703ac7097cff1194a32e2ae6df

MD5(hotmail+gobbledygook) = 88a9db400ef7861f170858f54e69d9dc

Your computer probably already has an MD5 calculator , if not there are many you can download. You commit the gobbledygook to memory , never write it down , but you can write the apparent passwords like "gmail" and "hotmail" down , and permit people to see them, as the actual passwords you use are 314e0d703ac7097cff1194a32e2ae6df and 88a9db400ef7861f170858f54e69d9dc respectively.

originally posted by: douglas5
recently both my outlook/msn and Gmail accounts have been hacked and i notice emails from myself in the junk folders , i have changed passwords 4 times on each account but i am still getting hacked .

Emails which appear to come from yourself do not necessarily mean you account is currently being used by hackers : they can be spoof emails ... wikipedia.org/wiki/Email_spoofing

If that is the case the header of the email will show it didn't actually come from your account.

I'm admin for some 2.500 mail accounts in 300 domains. I encounter abuse of email accounts - usually for spam campaignes - two or three times a month. Culprit is usually malware in end user Windows machines.

I do not think keylogging is main technique used here. It is much more easier to search for stored passwords in browsers and mail clients. Its easier to hide this then active keylogger - and you get exactly what you want without keylogger data analyzes.

In times I was using Windows professionally I ended up with bootable flash disk holding image of fresh Windows with basic software installed + automated image transfer script. If you have data on separate partition or disk its matter of 10 minutes to have clean OS with all data ready. It is also possible to hold user profile on separate partition and re-use the profile in fresh windows. But there is danger of reinitiating some malware which often resides there.

This method proved to be much more effective then spending hours on figuring out what and how each time M$ forget to patch some hole - especially if you use 5+ identical computers.

Now I have Windows safely closed in virtual machine and almost do not use it. Linux desktop did big leap in last years and I found it more comfortable and easier for use then Windows. Especially package systems are very nice feature: You install almost all software from secured repositories, hence there is minimal chance of installing malware. Also simple typing:
apt-get update
apt-get install package
is many time faster then downloading and "manually" installing some unknown via third party installer inflating registry .... auuuu Windows registry ....
I'm running Debian with no antivirus, virus and or other troubles

Hijack this

..hijack this is good for locating bho and tough malware. It also has other nice features like reg tools and file checker for unknown processes, programs, bho, etc... It will identify bad files.

I set up my system just how I like it, running lean and mean, disabling unneeded programs and services, then create a system image.

If anything gets past my antivirus(vipre), or strict system setting in UAC in windows, I do a full format and reinstall. The Image saves you all the setup time vs a install from software w user/config settings.

Antivirus is always chasing new viruses and definitions. So if I notice any weird behaviors, I don't mess around and clean install from saved system image for safety. It is a fairly quick procedure and I do this about every 6 months even with no known problems. It seems to keep the pc operating like new.

a reply to: Mandroid7

When you've clarified the problem you're facing (whether your accounts of being actually hacked - which I doubt - or you have some malware or mail spoofing problem), you should consider securing your accounts with a two-factor authentication system.

Gmail offerers two-step verification www.google.com... - which can be a secondary password sent via SMS or read from a USB security key. In the case of a Yubikey, you can use this for both unlocking Lastpass premium as well as securing gmail logins. www.yubico.com...

Outlook.com also offers two-factor verification: blogs.microsoft.com...

If you do any on-line banking or bill-paying, that kind of thing, I'd look for a two-factor solution that's supported by all (or most) of your primary "sensitive" sites, and try to find solutions that are supported by most or all. Some offer SMS verification, some support two-factor tokens like Yukikeys or Symantec VIP tokens, for example:

www.yubico.com...
idprotect.vip.symantec.com...

But first thing's first - figure out what's happening - on the bottom of gmail's web page is a "last account activity - details" link - see if anyone's actually logging in from a suspicious location. I suspect not, that you have a local malware infection. Get your system cleaned up first, using the tools others have mentioned.

highjinx67 BAY004-MC2F19.hotmail.com

from 177-74-67-13.ateky.net.br ([177.74.67.13]) by BAY004-MC2F19.hotmail.com (sender IP is 177.74.67.13 comes back not known ??? my ip starts with 86 .

It seems that this is a long running hack for some going back to 2008 at least highjinx67 was showing up when i deleted my email name and this showed up on Gmail BAY004-MC2F19.hotmail.com was on outlook i have gone to two step verification again but wil try another computer tomorrow .

Thanks everybody who responded I have run every security feature i can think of and nothing is showing up so i will go with a key logger attack