In early hours of this morning, I happened to check my Security Event Log and saw that there had been 34 attempts to hack/change my password over a 12-minute period!
Panicking, I did some checking, and found that a reference was made in the event log to 'Incredimail' - a program I had tried but had uninstalled weeks earlier.
Further checking, I found my Firewall had 3 exceptions listed, all for Incredimail - and yet I had NOT added those exceptions myself! So I removed them.
I concluded that the uninstall of Incredimail had not removed the exceptions which that program must have inserted originally.
I have now set my Firewall to No Exceptions - lesson learnt.
Anyone else had similar problem?