Opinions on email providers are great and all... but what I was looking for was technical reasons to support taking one action or another. But since you mentioned it, i'll add that I've had my Hotmail account since 2001, and receive only a couple of spam messages per week. I signed up for a new Gmail account several years back, and that one was immediately inundated with spam. It continues to receive i'd guess around 20 per day.
You've got to be kidding me?!
A WHOLE 7 months since last install? What the heck do you do for a living, TRY to ruin computers?!!
I have 8 Windows 7 machines that have NEVER been reinstalled and are as clean and fast as the day I installed 7, which was a couple days after it came out. Never have been able to figure out why so many people, here especially, are always suggesting format and do it so often?
If you must and are THAT paranoid, just do a thorough scan with Malwarebyts, your AV and what ever other malware program you have, in safe mode.
Ditch that crap a** not so hot, Hotmail also. Easily one of the worst e-mails in existence!
Also, my last reinstall of windows 7 was due to a hard drive crash. I completely agree that reinstalling 7 is needed vastly less frequently than on previous Windows OS's. But the days of XP and early Vista trained me to keep data separate from OS / program locations, so a reinstall is really not a big inconvenience for me.
I see your point, but what hard evidence is there to support an infection? My only symptom so far has been the password change and spam message sent. That all could easily have been done from the Hotmail site, right?
Only way to be sure he is rid of the infection.
BTW, read my sig
No XBox Live account. But I do have Battlefield 2 and 3 player accounts tied to my Hotmail address.
Have you got anything attached to that account? I'm thinking specifically of an Xbox LIVE account?
If yes, do you have any EA games for which you've had to sign up for the EA online account rubbish?
I haven't yet heard of a key scrambler extension, although I will look into it. I'm assuming that is an anti-keylogger measure of some sort?
At OP: Sounds like you covered your bases pretty good there.. and as for the password hack, I really couldn't tell you how that happened!
A reinstall of Windows is probably not needed, although you might want to look at getting a key scrambler extension for your browser just to be on the safe side.
If my system is fully updated and AV protected, plus I don't go around installing crap I don't know is safe, how would a keylogger make it onto my system? Nobody but me has physical access to my office PC.
You probably have a keylogguer installed on your PC.
edit: Or you got fished.
Or you are using the same password everywhere, which is plain stupid.
Phishing requires me sending my info to somebody, right? Believe me, I've received my share of phishing requests, and I've laughed at every one. I'm not going to fall for a nicely-formatted email or website asking me to input my account info.
Also, I've never truly understood the logic behind the argument against using the same password everywhere. If the password is a complex and secure one, what is the added risk in using it at multiple sites or services?
what seems odd is you say in your offline copy of sent you saw spam sent. Was this email sent from your pc, or was it synced down from email sent via the web? If from the web, how did you get a copy because I would have to assume first thing would happen is password change vs just sending spam right away.
So the timeline of your account be accessed would be good to know in trying to figure out the method of their access. Was your machine infected, or was it just a simple brute/guess on the web. 8 characters is not really very secure..
for example my neowin password is 20 random characters using all four Ab1^ etc..
Very good point. I didn't think about the Sent folder needing to sync. I use Windows Live Mail for accessing my Hotmail account from my home PC, a Hotmail app for Android on my mobile, and the Hotmail site from anywhere else. Is there a way to determine the source of the sent message? Like you said, the only way i can see the sent spam message showing up in my Sent folder of my WLM program at home is if the spammer sent it before changing my PW, which i agree does seem odd.
As for timeline, I know that the sent spam message went out at 4:48am on the 11th, according to the message in the Sent folder. I had my account recovered by about 5:30am on the same day (yes, I wake up early - can't help it!)
Done and thank you! No rootkits detected.
Download TDSSKiller from kaspersky (it's free) and run that as well.
Out of curiosity, any evidence to support that? Like I mentioned above, I'm not easily fooled by attempts to solicit my info. I'm mildly paranoid, i suppose.
I am going to guess that it is a phishing attack.
Scanned it a few times now with multiple tools, and no infections found. I'll admit i was secretly hoping to find an infection, just so that i could have a potential explanation for this madness.
Scanning your PC would be a good idea. It's always a good idea to do this at least a couple of times a week.
Sounds like a phishing attack though, so you shouldn't be worried about having to reinstall Windows.