Learn about the Benefits of Multi-Factor Authentication (MFA) . Turn your MFA on now!
Information: Three minute survey on Exploring more ways to contact Sophos Technical Supportt. If you can spare the time, we would love your feedback!
We'd love to hear about it! Click here to go to the product suggestion community
Calibre Library is book management software. https://calibre-ebook.com/
False positive is reported. Sophos saying "I'll investigate the logs"
Anyway, I 've already tried to exclusion. But It does not except. Here for the my exclusion list screenshots.
How do I except for Calibre Library? Any advice please?
It is not recommended to add exclusions for any software and is best to get it checked with Sophos Support.
What is the name of the detection?
You can try excluding the process of Calibre Library and check if that helps. (You can exclude any process running from a specified executable. This also excludes files that the process uses, but only when they are accessed by that process. Check the Help supported wildcards and expansion variables.)
If it detected by Intercept X as an exploit detection, then you can try excluding it from Endpoint Protection> Policies> Select the threat protection policy applicable on the machine> Exclusions> Add Exclusion.
Select "Exclusion Type" as Detected Exploits (Windows/Mac) from the drop-down menu and select the event where it was detected. Save the policy.
In reply to Yashraj:
Yashraj What is the name of the detection?
Not detection. Just blocked deletion process of the Calibre Library. After turing off the “Anti-Ransomware detect” option, the Calibre Library is works normally.
YashrajYou can try excluding the process of Calibre Library and check if that helps.
Yes. I was tried ten or more times. This ways is NOT working. Did you check my screenshot?
In reply to FoW:
Thank you for the video. It has made a lot of things clear.
This issue needs further investigation from our Technical Support team. Can you please PM me your case number so that I can ask them to contact you ASAP?
If you have not registered a case yet, please open a support ticket.