I was getting ready to start the installation of [Manjaro](https://manjaro.org/) into a VM using vmware workstation 15 Player. I had just started up the VM to begin the installation when I got message from Sophos saying:
>” Malicious traffic detected: ‘C2/Generic-B’ at ‘C:\Windows\SysWOW64\vmnat.exe’ This application was detected connecting to a known bad website. ”
I know that *vmnat.exe* is the legitimate program used by vmware for NAT (and not malware), and unfortunately Sophos Home doesn’t let you see the IP address of the “known malicious site”. (It happened right as the ISO was loading, so, realistically, it shouldn’t have been from any traffic associated with the Linux installation (the installer wasn’t up yet)- though, I suppose its possible.
Has anyone else had this issue?
View Reddit by avtechx – View Source