Try to login to Gmail email account and then click the link to "Last account activity" at the bottom of the page.
A new window will open that will display the IP address that have login to your gmail account. It should appear your IP address and location (country). Also how you accessed the gmail account e.g. POP (using email client), IMAP (using any device or email client), or web-based (using the browser).
If you will notice a suspicious IP address, immediately click on the available button to "logout all sessions" so anyone else who login, if any is disconnected. Change your password again and the security question.
Not sure if there's such option in Yahoo but I suggest to change again the Yahoo password and then the security question.
Try to clean the temporary files in Windows using CCleaner - http://www.piriform.com/ccleaner/builds (get the no toolbar, slim installer)
Try to scan using MalAware which require NO installation:
Or using online scanner by ESET:
I have had two email accounts hacked in the last 2 weeks: one is a Yahoo account and one is a Gmail account. The Gmail was first, so I just changed the password (used a 12+ character, super-strong password) and my security questions (used very obscure answers unrelated to actual question).
Just yesterday my Yahoo account was hacked! Did the same as above, but I am kinda freaked out now. A second Gmail account hacked I could accept as a coincidence; Gmail has been getting hacked a lot lately. But both a yahoo and a gmail account hacked in the same 2 weeks is too much coincidence for me.
I have to beleive there is a backdoor or keylogger infection on my PC. Over the last 2 weeks I have scanned 3 times with Avast (nothing found) and 3 times with Malwarebytes (again nothing). Finally scanned with Superantispyware portable (don't want 20 anti-malware programs installed) and found 28 "Adware tracking cookies", which I deleted. But my understanding is that cookies CANNOT steal data or passwords, so I suspect I am still infected with something.
Am going to try Mcafee Rootkit detective today, but I am not too hopeful. I have a laptop running Win 7 Ultimate 64 bit, using Avast and Malwarebytes. I connect wirelessly through a Tmobile Linksys router using a MAC address list for security. I use Firefox with NoScript and adblocker; never allow NoScript to unblock any site that isn't pretty safe, like CNN, Treehugger, Yahoo, etc. I leave smaller sites blocked, if I can't read them with NoScript in place I just move on.
Any advice on this? Is it possibly a coincidence and I am being paranoid? Any opinions on what tools I should try next?