This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2/Zbot-A Infection

According to my UTM I have a few workstations infected with C2/Zbot-A. Sophos Endpoint is detecting nothing on these machines. I've tried to install Malware bytes and Microsoft Security Center as well. I've even manually searched through my registry. I'm finding no trace of this infection.

I'm at my wits end trying to track this thing down. I've dealt with Zeusbot before. I've checked for all the exe's it normally runs under and checked the keys that it normally modifies. I have no idea how I should procede on this matter. Zbot-A is a fairly serious infection so I don't want to let it run unchecked, but I have no idea how to procede.

https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/C2~Zbot-A.aspx

This thread was automatically locked due to age.

Parents

0 QC over 10 years ago

Hello twarren,
so it's the UTM which claims to detect C2/Zbot-A but the endpoints seems to be clean? Does the UTM (I'm not familiar with these) have any details why it thinks the endpoints are infected? Wonder if it could be a false positive.
Christian
:58119
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 10 years ago

Hello twarren,
so it's the UTM which claims to detect C2/Zbot-A but the endpoints seems to be clean? Does the UTM (I'm not familiar with these) have any details why it thinks the endpoints are infected? Wonder if it could be a false positive.
Christian
:58119
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data