If someone has written in a "security hole" none of the items mentioned above will track or detect it. Granted, a *known* virus will get detected. A firewall will track traffic from xolox.. but who can tell what that traffic is reading.. or copying, or scanning.

It's probably just me being paranoid... but when my HD starts to click.. and I'm not running anything to read it (other than xolox), I always wonder.

How hard would it be to put in a back-door for a malicious user? My guess is that it would not be a radical change to allow this sort of thing.

"It's not paranoia.. if they're really after you."