Absolutely, and
all the others given what you just said - especially since you found so many (if it's still installed and has a log or report, please save a copy of it to the desktop to attach to your next reply). SuperAntiSpyware
only addresses spyware and adware - it does
not address viruses and worms and trojans and other malware - and that's what I'm most concerned about. The others do. It sounds as if you are massively infected. In fact, I'd like you to add Hijack This
HijackThis - Trend Micro USA (the full release, not the beta) to the list (and do it right after Malwarebytes). Although it does not really clean they system, it is very good at detecting infections. Under the circumstances, given so much infection and possibly more yet to be revealed, I may ask our malware removal security expert to take a look and offer advice to get you system completely clean as even this may not be enough (but she will do a thorough job using special tools I'm not qualified to use).
Your password to your hotmail account wasn't working probably because whoever hijacked it changed it to something else. By changing it, it may stop him at least temporarily. Are you saying they sent the new password to the account where you told them your password didn't work? That makes absolutely no sense. How do they expect you to get it? Call them back and have them send it to an account you can access, even if you need to create a new one just for that purpose (perhaps a free yahoo account or another hotmail account using somewhat fictitious information so it won't flag as a duplicate account).
If this old hotmail account is just there to get e-mails from people who you forgot to notify about your new gmail address and is essentially inactive and all these messages are coming from it, then I suggest you consider one final check of anyone you know still using that address and notify them of the new address with your gmail account and then close that hotmail account for good.
When this is done, considering how much you were infected (and we're not sure we have everything yet), I would strongly suggest changing products. I recommend you switch to the free Microsoft Security Essentials (one you will be using so you may want to move that one to the last one so you don't have to uninstall it) for real-time AS/AV/AM protection, plus update and scan with SuperAntiSpyware and Malwarebytes ever 2-3 weeks to catch anything MSE may have missed. That's how I protect my own system and while I've been attacked many times, I've never been successfully infected to the point where it could not be removed without causing any harm. And they're all free. Plus MSE uses less system resources than most of the others and updates through Windows Update so you don't have to do it manually.
But
PLEASE do
ALL of the scans even if it is a hassle and a bother and takes time (and even if the first couple come up clean) since we
KNOW you've been severely infected already, so there's a very good chance there's more to be found. No one product is good enough to find everything, so we need to use several to be more sure we've caught and removed everything. When done and you've posted the logs, if they show anything, I'll ask our expert to examine them to see if anything else is required. And then we'll check your files to see if the infections caused any damage we need to repair - that sometimes happens even if the malware is removed.
While you're doing these scans (you can still use the computer while they run in the background), try to deal with anyone you want to stay in contact with still using that old hotmail account (in fact, they are at risk right now because whoever may be using your account may attempt to infect your friends as well) and then close it out for good. That may solve the false email problem. And this malware removal process should keep it from happening again (assuming the information was obtained from your computer and not from hotmail itself - but you can only deal with protecting your own computer so that's what you should focus on).
I hope this helps. I know doing all those installs and removals and running all those scans and removals and saving the logs is a bother, but we want to deal with this problem once and for all so it is crucial to do it right. I can't emphasize that enough.
Good luck!