Closed BloomerzUK closed 5 years ago
Same Problem here during weekend. Today after updating the list, it is working without any false positives again.
Same Problem here during weekend. Today after updating the list, it is working without any false positives again.
The developer replied back to a reddit thread. Basically an extension of .??? was added which seems to be a wildcard within FSRM which has since been removed.
Hi,
I've been receiving notification emails this morning (GMT) that some files have been blocked. Looking at the notification the FSRM CrytoBlocker is blocking common and fine extensions including txt and JPEG.
I'm not the only person with the issue - reddit thread: https://www.reddit.com/r/sysadmin/comments/9m2nbb/issues_with_fsrm_cryptolocker_file_screen_from
Example of the notification I'm getting right now:
User NT AUTHORITY\SYSTEM attempted to save C:\Windows\Temp\Sophos Anti-Virus Install Log_181007_080552.txt to C:\Windows on the $server server. This file is in the "CryptoBlockerGroup1" file group, which is not permitted on the server.
Can you help?!
Cheers