I'll go with the Boot CD idea too. I've tried Knoppix though and I didn't like it that much - I've got Mandriva Move coming in the post (yeah, I paid for it rather that download it, I'm like that!) which does a similar sort of thing.

Some thoughts.

The router - well, I don't know Linksys routers very well or their capabiltiies, but it is possible that the router has a logging function (my Netgear one has a limited logging function) and that remote management for the router has been enabled. With remote management, the hacker could basically open up any port they want remotely - they could have gained remote management through a previous successful intrusion.

Wireless - maybe you don't use it but can you confirm that it has NO wireless or the wireless is defintely turned off.

A question - on the email messages, does it seem that the hacker can read the whole email or just the message title? If they're just reading the message title, then maybe they have some sort of logging function enabled rather than a full compromise.

Check your proxy and autoconfig settings in IE. Make sure that you're not using a strange, alien proxy that you don't recognise.

Check your HOSTS file - now I personally have lots of entries in my HOSTS file but most normal people should have something like:

# Copyright (c) 1993-1999 Microsoft Corp.
#
..blah blah blah..
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
Any other entries in the HOSTS file are highly suspect.

As for TEMPEST - well, it's a way of snooping on electromagnetic radiation from computers. CRT monitors are the worst for leaking EM radiation. Laptops leak a lot less and are much harder to do a TEMPEST attack on. A patient amateur could probably do a TEMPEST snoop on a CRT, a laptop would probably require the CIA! It's unlikely though, but the whole scenario is a bit unlikely.

Finally, and most disturbingly, the hacker could have access to your ISP logs. They could even work for your ISP. There's a limited amount you can do in these circumstances, but if your PC is clean (especially if you boot from Knoppix or Mandriva), your firewall is clean and there are no physical devices on the computer, then it could be a possibility.

Another hint - use an external proxy service for your web browsing. I use Megaproxy. That should create a secure layer that will be very difficult to snoop on if your router or ISP is compromised.