There are bots around designed to attempt to crack passwords. Don't know much about the tech details, but the long and short of it is, use a complex, random password of at least 6 characters. There's all sorts of advice about how/why to do this all over the internerd. Plain, old fashioned manual attempts can sometimes yield results, too. I know of computers for which the password for certain protected functions is "password", or "administrator" etc
Other possibility. You have a keylogger on your own computer, or another computer from which you have at some time accessed these mail accounts.
onetrack I wouldn't touch Spyzooka with the pointy end of a metal tool. Apart from the fact its performance is rather average, there are other
reasons not to.
It's easy to find reputable security software. Try
MBAM, one of the current better ones. Superantispyware is also extremely good.