So, I have the SDU logs from a Mac regarding Adobe as a ransomware. What do I check in the SDU logs to make sure that its a false positive or a negative?

Question

So, I have logs from a Mac regarding Adobe as a ransomware. What do I check in the logs to make sure that its a false positive or a negative?

Barb@Sophos · Answer

Hello G33k, 
 As provided on my previous response Sophos support can assist with False Positives. 
 You can also filter the logs searching for " Adobe" to see if there are any detections listed. But, please follow the article from the previous thread to create a case and provide the SDU logs to support for analysis, so that you can be sure whether this is a false positive or anything else. 
 Regards,