Hi
After We have installed serverprotection with intercept-x / ransomware portection, we experience occasional block's of workstations without Sophos protection ( in some of our associated companies ).
We have identified them as false positives, but how do we unblock them ?
The description in help site says :
Stop detecting ransomware
If ransomware is detected but you’re sure the detection is incorrect, you can stop it happening again.
This will apply to all your users and computers.
Go to the Computers or Servers page, depending on where the application was detected.
Find the computer where the detection happened and click on it to view its details.
On the Events tab, find the detection event and click Details.
In Event details, look for Don’t detect this again.
Select Exclude this Detection ID from checking. This prevents this detection on this app.
Click Exclude.
We’ll add your exclusion to the Global Exclusions list.
BUT , on the event tab/detection I cant find any functions called "details" - and have not yet found any way to see details - nor the functionality "dont detect this agin"
Can anyone help with this?
/søren Skjoldager
This thread was automatically locked due to age.
