I think Keylogger is installed on ur PC.Just try 2 scan ur PC with any good latest version of Antivirus.
Using one system to detect keyloggers isn't the most secure way - even if it is the best on the market as they never divulge who has paid them to not flag certain things as potentially unsafe. Glad you got back in control of it and have been able to stop further abuse, though I dont see google mentioning anything about lack of responsibility on their part to act quickly to prevent identity theft or fraud from occurring within a hacked googlemail account. I guess the only interest to google is obtaining more market research info... though a hackers use of googlemail would certainly be different than a normal user, so it would only skew data sets. Obviously it is not widespread enough to give google any concerns, otherwise there would be an amendment to their policies on acting quickly to reported hacked googlemail accounts (ie instant shutdown to access to affected accounts or other measures).
altho i am bit disapointed in gmail terms, i did recieve an email from both adsense & adwords earlier today about the subject and they are looking into it.
At least it shows google do look into such instances (but it seems only if it could be used to adversely affect the revenue generating services rather than simply the gmail aspect).
I had this exact thing happen to me about 2 years ago. Lucky you only had $400 taken from you. I had $8000! I'm not sure how he got my password, as the password fo my gmail acocunt was not the same for any other account. I now never use the same password twice...and always have 6 numbers...and 6 letter scrambled in there.
same thing here from now on, also i just recieved an email from the gmail team about this. Seems they are helpful, just need to be patient