Is it possible to do this??
I got rid of tamper protection notifications by excluding the actual drwtsn32.exe file, but I've read that excluding or checking the file's fingerprint is better since malware could change the file or filename of drwtsn32.exe.
Is creating exceptions according to file fingerprint documented anywhere for SEP 12.x??
Thank you, Tom