Here's the deal: I have a friend who recently got a new mac and asked a friend of a friend to set it up for her because this guy was reputed to be a very computer saavy person. This guy has now turned into a creepy, stalking, freaky guy. In light of the creepy, stalking, harassing behavior from the guy that originally installed her Mac, my friend is concerned for the security of her data and privacy. I've enabled the firewall, disabled root access, and changed the administrator password. How concerned do I need to be that while installing the computer for the first time he installed some keystroke monitoring utility or some such spyware/malware? (She's on DSL.) Before the flames about how secure a Mac is, let me say that I know how secure the Mac is from external attack, but the story changes for any computer platform in which the administrator suddenly becomes suspect. Short of using the restore disks and returning the system to factory default and reinstalling all of her apps and reconfiguring her system, how can I be absolutely sure that the original installer has done nothing malicious? I've thought about comparing the Activity Monitor on her computer to my two at home that are also running 10.4 and see if any suspicious entires appear there, but the meaning of various entires in the Activity Monitor are not always obvious. Any such malware would also appear on the startup items listing, too, right? But could such things be rendered invisible by a savvy user? This person was relatively unmonitored while installing and configuring the computer. I want to provide my friend with as much assurance as possible that she never has to worry about this guy's remote attacks. If I have to, I'll restore the drive using the system restore disks, but that's a non-trivial task and if it's overkill, I'd rather not spend all that time sitting at her house feeding disks into her mac. Thoughts?