Made a copy of Threat Protection added 2 exclusions
C:\ProgramData\SolidCast\
C:\ProgramData\SolidCast\FixedVolumeFillUtility.exe
Yet every now and then we get this:
Generic ML PUA detected at C:\ProgramData\SolidCast\FixedVolumeFillUtility.exe
Threats cleaned up.
This kills the licensing and the license program must be run again
Hi Frank,
Thanks for reaching out to the Sophos Community Forum.
For ML PUA detections specifically, I would suggest sending in a sample of the detected file so that our Sophos Labs team can make changes to the ML detection engine to ensure it does not get detected again.
In the meantime, you can add a PUA exclusion if this is a false positive.
You can also check the sub-keys in the following location to verify that all exclusions have been received successfully on the endpoint.- HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Management\Policy\ThreatProtection\