Help! I'm being hijacked!

1) Can a router still emit a signal while wireless radio is disabled?

No. If the wireless radio is actually disabled and not just having the SSID not being broadcast, then there should not be any radio signal emitted by the router.

2) If my MAC address is being spoofed, would that be the MAC address on my internet modem or somewhere else?

It would most likely be the router's WAN-side MAC hardware address. However, it may also be the MAC hardware address of your computer's wired or wireless network interface.

3) With either one of these possibilities, would any of my passwords be compromised? ie: my computer login, passwords on websites I visit, etc.

If the instruder manages to enter your local network, then any of these could potentially be "sniffed" from data traffic to/from your local network to the Internet.

The MAC address issue worries me, though. How would someone have access to that? Does a router emit that info somehow? What happens when someone has that info? Can they be using my internet account on their own computer without even having to crack into my wireless anymore?

Without having to drag you through a bunch of technical jargon around networking and the OSI model, suffice to say that MAC addressing is related to the data link layer of that model and each of these addresses uniquely identifies a hardware network interface, typically Ethernet or wireless adapters, routers, switches, etc.

When two devices on a local broadcast network communicate with each other they need, as a minimum, the MAC address of each other's network adapter. As part of that communication, the MAC address is sent over wire or wireless depending on how they are connected. It's this communication that can be intercepted and how MAC addresses can be "learned."

Normally, there is no way for someone to "sniff" data on a local wired network, unless they are physically connected to that network. A unsecured wireless network is another matter ... as you can imagine, this type of network does not require a physical connection to access. This is why it is extremely important to use wireless security.

The potential results of someone finding out your computer's MAC address, is that they would be provided a means to access your computer and any unsecured data on that computer could become vulnerable.

And now that this may have happened, what do I do to fix it? How would I stop or prevent someone from having access to my MAC address?

The number one preventative measure is to enable wireless encryption. Use WPA2 with a strong password and change that password every 60-90 days. This will prevent unintended access to your local network and any of the devices connected to it.

My ISP guy said that if it were a case of spoofed MAC address, they would swap out my cable modem. But if someone has my wireless network interface address (I"m assuming that's my ethernet card or airport card?) do I have to change the addresses on those things - can this even be done?

You will find hundreds (if not thousands) of articles on the web with the title "MAC spoofing." It may not be a bad idea to have your ISP swap out your modem, especially if it over 2-3 years old anyway.

As far as your computer, you can spoof the MAC address of your Mac, but I don't think that will really be necessary once you enable wireless security.