I sent a virus message to Malcolm

[sleepygit]

I read an article the other day about confusing keystroke loggers which went like this.
Say your password was ABCDEFG if you type in ABCDE then using the mouse you click between the C&D then type DEFG, what you then have is your correct password with 2 extra characters to the right of the cursor which you delete by pressing the delete key. Because keystroke loggers don't monitor the mouse, as far as it is concerned you typed in ABCDEDEFG then deleted the F&G leaving ABCDEDE

That is the best way to guard against hardware keyloggers, type it in with a mistake and then click back and delete a few of the missings bits.

A determined hacker will probably be able to still work your password out but if it is just an automated script that will then hack your hotmail, you will probably foil it.

 

[MrFluffy]

I also scanned with the Windows malicious software removal tool, and that found nothing, either. I doubt if this piece of scum software is still on my PC but if anyone has any better ideas for other checks, I'd like to hear about them.

Theres also the option that you have a weak hotmail password. We generally run what are called brute force dictionary attacks against things which will end up internet facing to test them, and a little program tries all the dictionary words, then swaps in the odd @ in place of a "a" etc, then moves onto combos. If your password was something like "p@ssw0rd" or something equally as weak, chances are a brute forcing attempt would get that out pretty quick.

 

[Robotstar5]

I was told to use things like * £ % etc in your passwords as it is totally unexpected.

 

[Alfaman]

Backup, format & reinstall the OS. "It's the only way to be sure" © Ripley, Aliens 1986.

Bonus is that your PC runs like new again, and it gives you the chance to go through all that crappy freeware that you've never used in years, and give it a wide berth this time.

 

[GeorgeB]

Theres also the option that you have a weak hotmail password.

I admit it was 'weak' as assessed on screen - not a common word but perhaps too few characters comprising simple letters and numbers. There are so many other reports of near-identical hacking, it surprises me that any person or robot would spend as long as it presumably takes to figure out the password. I also assumed the hotmail website (or any website) would block entry for a while after a handful of incorrect password attempts. My guess is still key-logging or a major hack of the hotmail database itself, which must have my password stored somewhere.

My point about only the time being shown was a red herring. The mail box shows time only, during the current day, so there was nothing abnormal about that.

Ad-aware is scanning my PC now, but it hasn't yet found anything, either. The password could have been grabbed years' ago. I'd used the ad-aware product, also, a few years ago but became tired of them all, hogging my PC. My new strategy was based on just Firewall and Defender with no anti-virus product running unless I activate it from time to time. Let them try and kill the PC, I thought - it's quick and easy to restore from another hard disk. With all these security products, the cure is worse than the threat. So far the strategy seems to be working, with nothing at all detected, as resident on my PC. Yesterday's hotmail incident is the only breech but I reckon the password was either 'guessed' or nabbed several years' ago.

 

[GeorgeB]

Backup, format & reinstall the OS. "It's the only way to be sure" © Ripley, Aliens 1986.

Bonus is that your PC runs like new again, and it gives you the chance to go through all that crappy freeware that you've never used in years, and give it a wide berth this time.

I effectively do this as routine, about every 3-6 months, when I restore from a presumed-clean version of XP and all my main programs (that took hours to load). The restore/transfer takes just a few minutes. My base system was built up with near-zero connection to the Internet. I agree with you about the performance improvement. Any PC starts losing efficiency within hours of entering service, and numerous security products are a major cause, in my opinion.

 

[MrFluffy]

I just run linux.

 

[GeorgeB]

Thanks again to TIG Paul for flagging up the Windows Live ' help lists. There's more and more people now saying they've had the same problem with their hotmail account. I now reckon the passwords were obtained direct from the Hotmail database, or just by-passed entirely. I don't think it's anything to do with my PC, or anyone else's.

Please see:
https://windowslivehelp.com/community/t/168822.aspx?PageIndex=1