Windows 7: hacked

I'm using yahoo for my emails. I believe I've been hacked. (contact lists).
What are my alternatives?

change all passwords related to online accounts

There are a number of different ways one's email can be hacked. I've had my email hijacked several times and here are some suggestions that I've learned.

First, run one or two good malware scans (i.e. Malwarebytes or MSE or TrendMicro) to get rid of any malware in your email account (or anywhere on your system).

Then, follow the steps below, and hopefully there's help for you there.

First line of defense is to change your password and all "secret questions" and "answers."

(If hackers have locked you out of your email, go on-line and sign up for the free service in which you give your email provider (i.e. MSN/Hotmail, Yahoo, etc.) your cell phone number and they text you a secret code to allow you to get back into your email.)

Next, when you're in your email, always "Log Out" of your email when you exit, rather than just hitting the exit X icon. Hitting the exit X doesn't end your email session, only 'logging out' actually shuts it down. If you just press exit, that leaves it available to be hacked because technically, it's still open, even after you've gone.

(By the way, when you are signing into your account, if you get a popup message that says you're signed in to multiple locations when you’re not, you need to sign out of those other locations. In that situation too, it is possible that you are being HACKED from one of those other locations.)

Finally, and most important, since most hacking is done through your address book, temporarily delete all contacts in your address book. Some sources advise leaving it this way for a week or more --- I think that's a matter of judgment. I deleted my address book over a year ago after I was really badly hacked and oddly enough, have found that for the most part, I really can live without it. And the good news is that since I've deleted it, I haven't been hacked once.

This last bit of information is the bad news, and that is: sometimes your account is hacked by someone stealing your account information, and they use it from a totally separate location to send out the infected emails. So, since the problem isn't connected with your system, there is nothing you can do on your system to change it. And even changing your email wouldn't help because the hacker can still continue to send out infected emails from their location, still using your old email address. The only way you might possibly be able to control it might be if there was some way to actually invalidate your email account's address. And even then, it may be possible for those phony emails to continue to go out.

If nothing above has helped the problem, take a look at this tutorial to see if there is any help there for you:

Windows Live Solution Center:- http://windowslivehelp.com/accountrecovery

The instances you were hacked do you know how they accomplished it? Fortunately I haven't had this happen, but I'd like to keep it that way.

I was hacked 3 different times within about a year, and I really don't know how the hacking was accomplished on any of those occasions --- at first I didn't even know it had happened, until some people started complaining that they were receiving strange emails or commercial-advertisement emails from me. Then, shortly afterwards, I started receiving similar kinds of emails from people in my contact list. I don't know if it was my infected email that infected them, or if they were being hacked independently from me.

I had 2 email accounts at that time, Yahoo and Hotmail, and all three hijackings were on the Hotmail account. The 'bad' emails kept being intermittently sent from my email address, in spite of the fact that I changed my password and personal information, until I finally read some advice (from one of our members on the Vista Forum) to delete my contact list. I also learned NEVER to open any attachment unless I was 100% sure that it was safe. Both actions seemed to help, because in taking those two precautions, there was no longer any vehicle for the hijacking -- to either receive the infected material or to send it out.

Hmm, that's good to know. Since I switched to gmail I only email to other legit emails and if I don't recognize the sender I delete it, but I've rarely seen any spam in my gmail. It does a good job of filtering. My yahoo account on the other hand is still getting lots of spam. As I mentioned I've relagated it to a junk account. I will definitely keep an eye out that kind of activity.

To add to that I do not store usernames and passwords locally for any remote site, yes this means I have to actually type my details to get in, a novell aproach I know but removes the risk of hackers/malware stealing passwords from my system.

I can also recommend bookmarking the secure login page for your e-mail provider. Most providers are secure by default but my provider (GMX) have a Free Webmail and Email by GMX | Sign Up Now! and a https://www.gmx.com/ page available. I had to manually enter the S and bookmark it to make it default, it may be worth checking your too.

I had a Hotmail account several years ago, and very shortly after setting it up, I started getting spam from an untraceable source. When I contacted Hotmail support about it, I told them that I had used the account so little, and the only places that I had sent email to, I had total trust in. That only left the possibility that they got my email address directly from Hotmail. They discounted all of that, like it was a routine problem with all email servers. That is when I terminated my Hotmail account, and never returned to Hotmail again.

I still get some spam on my Gmail account, but I think that is because I'm much more active with email now than I was then, and Gmail automatically filters out most of them anyway. Of course, the more serious problem is when the problem is in the opposite direction, and your contacts list is used as they have your's.