So, I have the SDU logs from a Mac regarding Adobe as a ransomware. What do I check in the SDU logs to make sure that its a false positive or a negative?

Hello G33k,

As provided on my previous response Sophos support can assist with False Positives.

You can also filter the logs searching for " Adobe" to see if there are any detections listed. But, please follow the article from the previous thread to create a case and provide the SDU logs to support for analysis, so that you can be sure whether this is a false positive or anything else.

Regards,

Hello G33k,

As provided on my previous response Sophos support can assist with False Positives.

You can also filter the logs searching for " Adobe" to see if there are any detections listed. But, please follow the article from the previous thread to create a case and provide the SDU logs to support for analysis, so that you can be sure whether this is a false positive or anything else.

Regards,