If there is no trojan detected from a virus scan (the obvious possibility), there also could be a chance that this user is in a position to sniff network traffic from your host. Are you on any kind of shared network segment, such as a cable modem? If so, it is a definate possibility. Many times, authentication to sites such as hotmail and yahoo, is not encrypted via SSL by default. Usually there is a link to a secure login page. If I were you, I would make sure of that for starters, assuming of course, there is no trojan installed on your system as others have stated.