You don't have to go to unrepitable sites... Any site can be infected by malware, Even Amazon has been hit like this.
There are no 'Anti-Hack" programs. Hacking is an activity.
Just get MSE, or AVGfree, or Avast. Despite what you think, someone got your system infected by visiting a infected site, could have been any site comprimised by hackers. Any real-time scanner can help stop this, to a certain extent.
The biggest thing is that hotmail sent out things not your computer. Your email and password was stolen, and no firewall or program can stop that. Switching out your password is pretty much only solution.
As for your "controlling" computer, without knowing what you are infected with, Or what else got put in once access was gained via a drive by/bad click, just wipe it out and re install. Once you have a quality AV and Malware detector, Windefender type thing, its just smart surfing... It'll stop 99% of issues. the 1% comes from hacked legit sites that get yha.
As for a individual computer firewall, other than the simple MS one, I used zonealarm loing time back, it was both great and a royal pain.
Linux really doesn't have anything.. With under 4% of market shares, nobody cares about them enough to put forth the effort.
There are no real ways to hide your ip, evenb the so called changer/hiders don't really do it. You could surf through a TOR connection, but that won't stop drive bys. Though It might be a good idea to call your ISP and have them switch up your ip, if in fact you were zombied.
In my opinion, you are over blowing the situation. Get an ip change, clean your systems, and find out who clicked a bad link and educate them.