Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recommended online AV and Network scanner


  • This topic is locked This topic is locked
16 replies to this topic

#1 Scott Stoef

Scott Stoef

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 26 December 2013 - 04:26 PM

I'm getting ready to add 2 more computers to my network, but before I do it I want to make sure everything is clean.  I've ran all of my computers with Norton Anti-Virus (full scan), ESET Online Scanner, and MBAM (quick and full scans) and found nothing.  Is there another product out there that the expertson Bleeping Computer recommend will give me 100% assurance my entire network is clean? I also have Spyware Blaster installed on both of my computers as well. 

 

We recently had our credit card get compromised and my network is constantly having inconsistent download speeds (Comcast says nothing is wrong).  I just want to make sure nothing is deeply rooted in my network (kids downloading stuff) that cannot be detected by the products I'm using. I have even thought about rebuilding the OS all of my computers and resetting my router back to factory defaults just to make sure, but that is a PITA and I think I'm going overboard.  I just think you cannot be too safe right now with your PI.

 

Any guidance and ideas you have would be greatly appreciated. 


Edited by Scott Stoef, 26 December 2013 - 04:28 PM.


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:05 PM

Posted 26 December 2013 - 05:34 PM

What router do you have?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Scott Stoef

Scott Stoef
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 26 December 2013 - 06:45 PM

I have the Asus RT-N66U router.  I'm also going to be placing an RT-N56U in my basement.


Edited by Scott Stoef, 26 December 2013 - 06:47 PM.


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:05 PM

Posted 26 December 2013 - 07:05 PM

That's the one without DSL modem?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 Scott Stoef

Scott Stoef
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 26 December 2013 - 09:48 PM

Yes.  I have a separate iZoom cable modem.  



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:05 PM

Posted 27 December 2013 - 08:46 AM

OK. Do you have any experience looking at packet captures (with Wireshark for example) or running an IDS (like Snort for example)?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Scott Stoef

Scott Stoef
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 27 December 2013 - 09:13 AM

Uortunately I do not have any experience looking at packets.  The Comcast tech looked at packet loss when he was here the other day.He did a few tests at Speakeasy.  He also did a continuous ping test against google.com and he didn't see anything.  I ran a test using my Ooma speedtest utility and that test came back with abnormally high jitter rates and a .4% packet loss. The next day everything came back normal. 



#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,685 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:05:05 PM

Posted 27 December 2013 - 03:08 PM

OK, than this is not an option.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:05 AM

Posted 28 December 2013 - 07:10 AM

Is there another product out there that the expertson Bleeping Computer recommend will give me 100% assurance my entire network is clean?

Although we will assist with malware disinfection and recommending security tools to use, there are no guarantees and no security vendor can provide 100% assurance your entire network is clean.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Scott Stoef

Scott Stoef
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 28 December 2013 - 07:39 AM

Yes, I realize nothing is 100% guaranteed, but if I use a lot of the tools here and find nothing then I'm going to feel pretty confident.  So far I have used Norton Antivirus, ESET Online scanner, and Malwarebytes and found nothing.  Is there another program I can add that will do one final, and hopefully, more thorough check? From my past experience MBAM and ESET are both pretty good products.



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:05 AM

Posted 28 December 2013 - 08:01 AM

List of Free Scan & Disinfection Tools which can be used to supplement your anti-virus and anti-spyware or get a second opinion:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Scott Stoef

Scott Stoef
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 28 December 2013 - 03:37 PM

I ran the Sophos tool and it found nothing.  

 

I then ran the Hitman Pro and it came back with a few things. Most of them were cookies that were removed. It couldn't remove the Chrome cookies. It did find a worm in the RealPlayer download I did this morning, but I never installed the application so that was an easy to fix by just deleting the downloaded file. It keeps coming back with a CIDIALOG32.DLL as suspicious, but I have no clue how that .dll file is used. The only other odd finding was Softonic software that I'm not familiar with. Any clues on either one of these? 

 

I ran ESET Rogue Application Remover and Dr. Web CureIt and neither of those tools found anything either. 


Edited by Scott Stoef, 28 December 2013 - 04:14 PM.


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:05 AM

Posted 28 December 2013 - 05:59 PM


Anytime you come across a suspicious file for which you cannot find any information about, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to one of the following online services that analyzes suspicious files:--In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:05 AM

Posted 28 December 2013 - 09:49 PM

Hello, just to add -

 

If none of the brilliant ideas from quietman7 work, please follow this .....

 

Please follow the instructions in THIS PREP GUIDE starting at Step #6.
NOTE - If you cannot complete a step, skip it and continue.

 

 Once the proper DDS logs are created, then make a NEW TOPIC and post it to =>
Virus, Trojan, Spyware, and Malware Removal Logs area Not Back Here

 

They are the specialists in Malware detection and removal.

 

Please post it now, and please be patient as the Volunteers are busy at this time of the year.

 

Thank You -



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:05 AM

Posted 29 December 2013 - 09:06 AM

About Softonic.com

cidialog32.dll Details
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users