Antivirus Software to find Botnet Activity?

[m0k]

I just received a lengthy email from my ISP. this was the key info:

Unwanted and or Abusive Web Requests:
Offending/Source IP:  174.XXX.XXX.XX
       - Issue: Source has attempted the following botnet activity: WordPress Login Brute Force
       - Block Type: New Ban
       - Time: 2016-10-02 19:16:15-07:00
       - Port: 80
       - Service: http
       - Report ID: d3ddaca4-13df-4650-810f-cccd38abd4bb
       - Bot Fingerprint: ecfeb55593d60e18bcb90450dacca9dd
       - Bot Information: https://www.webiron.com/bot_lookup/ecfeb55593d60e18bcb90450dacca9dd
       - Bot Node Feed: https://www.webiron.com/bot_feed/ecfeb55593d60e18bcb90450dacca9dd
       - Abused Range: 5.133.182.0/24
       - Requested URI: /wp-login.php
       - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1
       - GET/POST Arguments Sent: pwd, wp-submit, testcookie, log

       - Issue: Source has attempted the following botnet activity: WordPress Login Brute Force
       - Block Type: Banned IP
       - Time: 2016-10-02 19:16:15-07:00
       - Port: 80
       - Service: http
       - Report ID: 935dbdb4-4782-4909-88e2-e681faae3db5
       - Bot Fingerprint: 78c5e7c8e2bf89b015688ee6cb512412
       - Bot Information: https://www.webiron.com/bot_lookup/78c5e7c8e2bf89b015688ee6cb512412
       - Bot Node Feed: https://www.webiron.com/bot_feed/78c5e7c8e2bf89b015688ee6cb512412
       - Abused Range: 5.133.182.0/24
       - Requested URI: /wp-login.php
       - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101  

 

I called tech support and they confirmed that this is logged on their system and is infact a real threat (i thought it could have been spam)
I have already scanned 4 of my computers with Windows Defender, Malwarebytes, Spybot Search & Destroy, and Sophos and all four have come up empty/clean
My last remaining computer on the network belongs to the basement tenant who uses our Guest WIFI network

 

Now just to be safe im going to purchase a proper Antivirus Software, But i dont know which one would effectively find something as malicious as this botnet activity.


Can you guys give recommendations on one? I'm currently looking at ESET and Kaspersky (for 5 devices)

[m0k]

edit: can someone also confirm if the "user-agent" is saying that it was done through a mozilla browser?  or does that mean something else (this is important to me because none of my 4 computers use mozilla, and would point towards my tenant)

[TheRedViper]

BitDefender and Norton are the only ones I would recommend. As for the user/agent line, I can't help you.

[Energycore]

9 minutes ago, mok said:

(this is important to me because none of my 4 computers use mozilla, and would point towards my tenant)

Step one: scan your tenant's computers with all the things.

[System Error Message]

I wouldnt recommend norton. They have a good database but their anti virus software misses lots of malware. Its really difficult to find an anti virus that will block malware that i have resorted to manually removing malware and using a configurable firewall to block suspicious behaviour based on how one would define it. Although upon doing it i find that google, facebook and other sites do get blocked as they attempt to track you.

[m0k]

3 hours ago, System Error Message said:

I wouldnt recommend norton. They have a good database but their anti virus software misses lots of malware. Its really difficult to find an anti virus that will block malware that i have resorted to manually removing malware and using a configurable firewall to block suspicious behaviour based on how one would define it. Although upon doing it i find that google, facebook and other sites do get blocked as they attempt to track you.

I hate Norton, it was never an option 
Did a more detailed scan with Sophos and Malwarebytes, was able to find one malware on my sister's computer. 

as for trackers i use Ghostery extension on chrome, it disables trackers

[Lurick]

I recommend Kaspersky myself as it's always been great to me.