Gmail Hijack

Primroselite · Apr 24, 2014

This morning I was unable to log into gmail. It said to go to my recovery email address to reset my password. I did, and when I checked details I noticed two logins from location "unknown" with no IP. Mine are always U.S. with the usual IP's.
When I got into my recovery account there was an email from yesterday with the subject header Your Google Account Recovery Request. In the subject line was "Hi! I hope your day's been great so far..." Didn't open it. Two days prior I had changed my password (because of the heart bleed story) but that was done & confirmed already.
So something's going on, but is the something on Google's end or mine (a keylogger?) Is this a familiar story? I looked but didn't see anything here, and not much explanation elsewhere.
I have my Malware Removal Guide at the ready if you think it's warranted.
Thanks,
P'lite

Sony Vaio
Windows 7 Home Premium, 64 bit
Firefox 28.0

Primroselite · Apr 24, 2014

Ran RogueKiller & Malwarebytes but the log files show up as .dat and xml respectively and can't be uploaded. What did I do wrong?
Also, I set "show hidden files etc" but what about "hide protected operating system files"?
Thanks,
P'lite

chaslang · Apr 24, 2014

Primroselite said: ↑

Ran RogueKiller & Malwarebytes but the log files show up as .dat and xml respectively and can't be uploaded. What did I do wrong?
Click to expand...

Please follow the instructions given in the READ & RUN ME to run scans and get logs as text files.

When you complete all of the instructions, attach all 5 logs. Odds are high the your problems may not be due to malware on your PC. Typically people have their passwords hacked by using unsecure networks or a friends PC, a library PC, a hotel PC....etc.

Primroselite · Apr 26, 2014

Malwarebytes & TDSS ran but found nothing.
Roguekiller & Hitman are attached.
MGtools would not run. This may be where i ran up against an Administrator problem. There are only 2 users on my windows 7 - me and guest. I do show up as administrator in control panel, yet I get a message to the effect that I need to be an administrator to run the program.
Thanks,
P'lite
View attachment RKreport[0]_S_04242014_141038.txt

View attachment HitmanPro_20140424_1635.log

chaslang · Apr 26, 2014

Primroselite said: ↑

MGtools would not run. This may be where i ran up against an Administrator problem.
Click to expand...

Did you right click on it and Select Run As Administrator? Have you shut down AVG to avoid it getting in the way?

Primroselite · Apr 27, 2014

The Run Me First instructions said to uninstall all but one antivirus program. AVG is my one - isn't disabling it risky?
Thanks,
P'lite

chaslang · Apr 27, 2014

Primroselite said: ↑

The Run Me First instructions said to uninstall all but one antivirus program. AVG is my one - isn't disabling it risky?
Click to expand...

But when you run many of the tools that we we require you to run, your antivirus software can get in the way of our tools running properly. Hence we ask you to disable it before running the tools. It is not a permanent disable and any problems you could pickup ( which there is low risk of occurring if you only disable while running our tools ) would be easy for us to fix anyway. Ask yourself these questions. Did AVG protect you from the problem you have? Is if fixing it?

Log in or Sign up

Gmail Hijack

Primroselite Private E-2

Primroselite Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Primroselite Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Primroselite Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member