Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3081 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2/Generic-A

Kevin Reichel

After following the recommended steps below I was unable to find anything that needed to be removed.

Recommended remediation steps:

  1. Identify the compromised machine. The IP address of the machine attempting to connect to the C&C server will be visible within the alert.
  2. Perform a full system scan on the compromised machine using the Sophos Virus Removal Tool (free download).

I run ESET A/V on all my workstations and it hasn't found anything just like the sophos virus removal tool didn't.

Is there something else I should be trying?



This thread was automatically locked due to age.
Parents
  • 0

    Well, that doesn't mean the machine was infected with anything.

    It's generic, meaning there was something potential that may have been detected - yes, a vague understanding, which is why it's called generic.  Normally, this is seen as just traffic being blocked because there was a potential command and control access.  These a lot of times are false positives and traffic was blocked prior.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to Amodin

    I appreciate you taking time to respond.  

Reply Children
No Data
Unfiltered HTML