Here's the need:  I have a friend that may be the subject of surveillance by her ex.  Her ex is EXTREMELY intelligent, and works in the cryptologic analysis field.  

My friend, being a little naive, still talks to this person occasionally.  She has had some indicators that he is keeping close tabs on her actions, and as he lives many thousands of miles away, the most plausible explanation is that he has installed some monitoring software on her computer.  He HAS had physical access to her machine (he gifted her a Microsoft wireless USB mouse a while back, and he DOES have the aptitude to alter the USB key.).

What I would like to do is burn a CD that would allow me to scan her machine without having to download and install something...and it should be able to detect sophisticated trojans, backdoors, and so on.  I realize nothing is 100%, but what would you guys recommend for this application?

(Forget the sociological/legal aspects of the situation for the moment.)

Thanks!

Be carefull you do not kick over a hornets nest, depending on who the ex works for you may end up on someones crap list. Just my .02 cents.

i agree with Headlice.  i worked with spyware before and its extremely hard to detect.  i've seen key logging software that masks itself as an svhost.exe service and deletes the data bank and creates a new one in a different directory, with different name mimicking system files.  there are 2 basic types of spyware software and hardware hack

if it's software spyware i wouldn't junk the computer, just format the suspect computer that should rid the spyware.  only after formatting, change all your passwords like windows login, bank account, emails, vpn, etc.  this type of software can record information remotely and send through a designated SMTP server back to the person that installed the spyware.  and oh yes it will detect anything executed even though it's not installed, so even if you got a CD that can scan, it will record what executable was opened at what time and how long, tipping off the suspect

if it's hardware just junk anything that suspect person gave to you.  if this case that usb mouse.  with this type of spyware the person usually can't remotely retrieve data because it records right into the unit rather than the computer.  there are two popular types both work the same way.  plug this into the ps2 or usb port then plug the keyboard into that port.  the keyboard must be plugged into directly into this unit for it to capture the key strokes.  and even then the person needs to retrieve that key logger unit physically to download data.  

here is a similar unit for usb keyboards
http://www.brickhousesecurity.com/home-keystrokelogger-keyphantomusbhome.html
here is a ps2 unit
http://www.keyghost.com/sx/

if the person doesn't have direct contact with this computer i would suspect its software spyware, in this case format, then change all passwords because i would assume the worst that all accounts have been compromised.  if he's a electric engineer and he is that sophisticated to create a new hardware hack that can retrieve the information remotely just junk the computer gifts he gave... then format just for good measure...   =)

the issue with altering the hardware is that the stock drivers wouldn't work; there would need to be other software to provide access to the data it would be collecting.

if you suspect the computer is compromised, buy a new one, pull the hard drive out of the old one, and copy the data over. take the old hard drive out and burninate it or whatever.

Thanks, guys.  That's enough to get started.

Who gives a shit about tipping the guy off. Maybe if he knows he's being watched, he'd stop this shit IF he is doing it.

Spyware isn't hard to detect as some might make you believe. Any good spyware/virus scanner will pick this stuff up. A trial/demo of a personal firewall will show you if data is going back out of the computer to a remote source, such as an SMTP server somewhere.

My sisters ex put some software on their laptop to try to catch her in something. Dumbass thought he had bought some "undetectable" software. She suspected something because he knew about one thing that she knew she hadn't told him. I snooped around on the laptop, found the software within 5 minutes... managed to crack his password on it, and found all of the logs. The same logs that showed him setting up a time and a place to meet. Busted! Backfired on his stupid ass.

At any rate, if the software is there, you can find it. Some might be harder to remove, but I bet it will be detected.

-d

Quoted: Who gives a shit about tipping the guy off. Maybe if he knows he's being watched, he'd stop this shit IF he is doing it. Spyware isn't hard to detect as some might make you believe. Any good spyware/virus scanner will pick this stuff up. A trial/demo of a personal firewall will show you if data is going back out of the computer to a remote source, such as an SMTP server somewhere. My sisters ex put some software on their laptop to try to catch her in something. Dumbass thought he had bought some "undetectable" software. She suspected something because he knew about one thing that she knew she hadn't told him. I snooped around on the laptop, found the software within 5 minutes... managed to crack his password on it, and found all of the logs. The same logs that showed him setting up a time and a place to meet. Busted! Backfired on his stupid ass. At any rate, if the software is there, you can find it. Some might be harder to remove, but I bet it will be detected. -d

Yup. Nothing is un-findable...though some professional-grade shit is really close.

This gives me an idea...starting a new thread...

backing up the data and copying it back over after a format might not do any good if you don't scan it first for hidden code/viruses/trojans/etc

Quoted: eric specializes in this

Whoa! Eric is making a lot of money...needs to invest that in making a better website

-d