See screen shot above.
This Virus warning appears when a user attempts to download an .exe from a frequently used Vendor website. This just started a few days ago. As far as I’m aware we don’t have any content filtering / A/V rules on our firewall device and the vendor domain is whitelisted there as well. I thought it may be Windows defender blocking it but I couldn’t find where to whitelist downloads, I can only add exceptions for files/programs that are already on the machine. Is this being blocked by some kind of Group policy?
This issue effects all PC’s on the network and all users. It is a windows 10 pro environment at a Server 2012R2 domain level.
If anyone has seen this error message or knows where it comes from, can you point me in the right direction? I’d like to whitelist the file or remove/edit the filter.
Edit: the Firewall device is a Meraki Mx64. AMP is disabled.
Answer
This ended up being a result of a Palo Alto Firewall that the vendor was using. They resolved it on their end.
Attribution
Source : Link , Question Author : McITGuy , Answer Author : McITGuy
