Ransomware Protection helps us to block ransomware more effectively and automatically roll back any changes made by the ransomware. If this feature is disabled, VIPRE will solely block encrypted actions. However, with Ransomware Protection enabled, VIPRE will not only stop further encryption, it will also restore any previously encrypted files. 

Ransomware Protection is enabled with Monitor network share paths selected by default.

To manage Ransomware Protection:

1. Within your EDR web console, under Manage, select Policies
2. Choose the desired policy, then click EDR and scroll down until you see Ransomware Protection
3. To enable, add a checkmark next to Enable ransomware protection to rollback files encrypted by ransomware as soon as VIPRE detects and blocks the attack
   1. Check whether you want it to Monitor network share paths
   2. To disable Ransomware Protection, remove the checkmark
4. Save your policy changes

To view Ransomware Protection events:

1. Within the EDR web console, under Monitor, select Reports
2. Click Threat Detection Report
3. Select and click on the name of a threat in the table at the bottom of the page
4. Click the device name in the Detections table
5. In the light blue side-navigation bar, select Threats