I just wanted to follow up on my previous post about the keylogger scam to address some of the comments I received.  First off, I'd like to extend a huge amount of thanks to the community for your outreach and compassion, I really appreciate it.  The initial shock is over and the reality of the situation has set in...it's going to get a lot worse before it gets any better, but more on that in a bit (another post).

Regardless, to answer some of the questions I've received about the actual detection and removal process (expanding on my comment here):

• I would have never suspected that I had a keylogger installed unless a buddy of mine hadn't explicitly asked me.  Haacked correctly mentioned that this probably wouldn't have happened if I had been running as LUA; we gain a false sense of security thinking "oh, well I have anti-virus/anti-spyware/firewalls in place...there's no way anyone could have done something like that" which is a really bad mindset to have.  Unfortunately it's an easy mindset to have until it bites you in the ass.  No one ever thinks it will happen to them.
• The removal process consisted of me formatting my machine (actually, my entire network) after the keylogger was detected.  I used numerous free utilities to scan my drive to no avail, and then paranoia set in and I broke down and purchased SpyCop (60 bucks) which is a tool that specifically targets keyloggers.  Of course it offered a removal step (which I did), but not wanting to take any more chances I flattened everything with a harddrive in it.  SpyCop appears to do a signature based scan similar to most a/v software, whereas anti-adware apps (like SpyBot/adaware/etc) simply scan the registry for known bad guys, which brings me to...
• This particular keylogger is super nasty in that the attacker can configure the remote installation program to rename all of the files/registry entries it installs to whatever they want and hide it from Task Manager, and if they can get you to click on any type of message box, the software can be installed silently without the user ever knowing.  They have detailed instructions as to how to do this on their site (.doc format).
• Several people have asked me "what can I do if I suspect that something like this may be on my machine?"  It's easy, if you have even the slightest suspicion (or a reason to be suspicious) then scan your machine.  I do not know if there is a free utility that could have picked this particular nasty up, there very well could be.  But after doing some research on SpyCop I decided the 60 bucks was worth the peace of mind in knowing that if it came back with no results, I was probably alright.  More than likely I would have formatted my machine anyways, but it's too little too late, the damage is already done.  Paranoia pays off sometimes.
• To expand on the above bullet, if you are technically savvy enough, use a tool like Ethereal to monitor your network activity if you suspect something.  Keyloggers usually use SMTP[1] or FTP[2] (or both) to transmit data back to the attacker, so it should be easy to monitor those ports for suspicious activity.  I didn't do this, but in hindsight it would have been a good idea.  But again once the damage is done you're already sunk.

Hopefully that list should address most questions I've received.  I know it's a little vague, but this is a very vague situation and I'm still learning more and more with each passing day.  The main point is this: It pays to be paranoid.  If you suspect something, take action immediately, even if it does set you back a few greenbacks.  This is obviously a big deal (and something that many of you are interested in...not me being keyloggered, but the process itself) so I will be devoting some time to posting more about it; the next post will be about the steps to take after finding out your system (and potentially your identity, which we don't know yet) has been exploited, i.e. who to contact and what steps to take.  And finally I hope to wrap up this mini-posting series with steps to harden your network (as well as your mindset) as well as pitfalls to avoid getting in this situation in the first place (hindsight is so 20/20 right now).

Again I appreciate everyone's concern about this, hopefully I can get some knowledge out of this terrible situation and help to prevent this from happening to someone else.

Addendum:

[1] SMTP stands for Simple Mail Transfer Protocol (see this Wiki for more information), and is the underlying protocol for sending mail (receiving mail uses the POP3 (Post Office Protocol) and is entirely different).  This would not be a good candidate for keyloggers to send data over as the messages would show up in your sent email folder in your desktop mail client (i.e. Outlook, Outlook Express, etc), plus if you have an a/v program like Norton installed, every time a message is sent a "scanning email" box would pop up.  Of course the keylogger could install its own SMTP server to use for sending email, which some of the keyloggers I've researched do indeed do, but that's much more complicated.

[2] FTP stands for File Transfer Protocol (see this Wiki entry for more information).  In a nutshell, it's a protocol that allows for data to be sent over the internet, however an FTP server does not need to be installed on your machine to use it as it's a very easy protocol to use from external programs.  This is the preferred method of keyloggers from what I've gathered during my research as it's very stealthy, and the ports it uses (20 and 21) are open on most machines by default.