ERROR - "Sophos Firewall detected malicious traffic: 'C2/Generic-C' at 'C:\Windows\System32\svchost.exe' (Technica..."

Hey Paul,

did you find something? We are getting this error on some computers here too. I found the URL which is responsible for the threat: "sync.header.direct".

Is it the same for you?

I'm not that knowledgeable about domains. Is this a safe domain and the Sophos popup wrong?

Kind regards

Marc

Hi Marc,

We are getting the exact same reports as you are across multiple machines all to the URL "sync.header.direct" It just started out of the blue a week or so ago and no matter what I try I cant confirm that it is actually malicious and not a false positive.

Have you heard back from Sophos?

Thanks

Steve

We are getting the messages now all over the place and no help from Sophos :(

We are getting the messages now all over the place and no help from Sophos :(