I have a client that is getting a Win.Trojan.NetWiredRC variant registration message when they try to access their web development site at googleusercontent.com. They are being denied access to that site because of the message (and I have Security in the MX set to Prevention). I appears the MySQL requests are causing the message.
I have whitelisted the site in both AMP and content filtering, but that does not solve the issue. Besides whitelisting the IDS rule, is there another way to allow traffic to and from googleusercontent.com?