I see nothing

OK, my ISP is claiming that this computer is somehow infected. Client bank details were apparently found on a website somewhere. Client insists this is the only computer they use for banking. I can't find a thing. Am I missing anything from any of the attached logs, or is someone lying to me?

SASLog: (putting it here to not have to do 2 posts...)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/21/2009 at 03:44 PM

Application Version : 4.25.1014

Core Rules Database Version : 3808
Trace Rules Database Version: 1763

Scan type : Complete Scan
Total Scan Time : 00:19:21

Memory items scanned : 337
Memory threats detected : 0
Registry items scanned : 4243
Registry threats detected : 0
File items scanned : 14161
File threats detected : 0

 

It's my ISP, it's also their ISP, hence the mis-type.

The computer was on their network at their place of business being used by them when this happened. I only found out about it when I went to visit, and offered to look at the system for them in return for a small fee (they're friends), hence they are "clients", although I don't pretend to be an expert malware remover. I did part of the scans at their place of business, and part of the scans at home, but wasn't able to find anything. I was just asking here to see if my "nothing here" is correct, or if I missed something in the logs that I attached.

The intrusion was confirmed as the ISP security team was able to give this client their banking password that had been found on a cracker website.

Will be going back later to scan the other computers at their workplace, although they insist that those computers are never used to do any banking. But was just looking for confirmation that the logs I attached show nothing, or did I miss something obvious?

 

thanks.

OK, thanks, will go through the list to see which ones are "free" for business use. I haven't found much out there, and with all the extra tools actually necessary to "secure" Windows (or at least make it less porous) it can easily add another $200 per machine for a small business.

Yeah, I know. But I still need to make sure that their systems are clean in order to rule that out.

I'm going to try to migrate these people away from Windows, but some of the tools they use are "Windows only" (including on ONLINE, web based system!! Idiots.) so it's not going to happen quickly. I wish the companies that continue to insist on "Microsoft only" tools, especially when it's so unnecessary, could be held responsible as accomplices in Microsofts continuing anti-trust activities, I really do.

Thanks for your help.

 

Yeah, but one currently needs SEVERAL tools in order protect a typical Windows system. This adds up. Plus the "site license" deals that I've seen so far, with some exceptions, don't tend to be worth it (or even kick in) until you have 10+ machines - which is unlikely for a small business.

It's a pity I'm such a stick-in-the-mud when it comes to following license rules as set out by greedy, self-serving companies dealing with a captive audience. But that's the law, and I'm not going to jeopardize a client's business by having them break it.

 

Whereas from my perspective it's "that's the cost of doing business with an abusive monopoly". Business clients that I've convinced to leave this monopoly are quite happy with their lowered costs of operation and increased reliability. Hard to do unfortunately, as there as so many people and organizations out there who are bound and determined, either through laziness or sheer spite, to assist in maintaining the lock-in.

 

I try not to have "preferences". It gets in the way of deciding what's better for the job at hand. I DO try to look at things like effectiveness for the job, total cost of ownership, potential for lock-in, and the ethics of the company that I'll be dealing with (however indirectly).