We recently had a false positive from CryptoGuard and were unsure whether to exclude it via Detection ID or filename+filepath.
What details actually make up a Detection ID? We installed two versions of the software and although the exe file that caused the problem were different (different CRC, different version number), they both had the same Detection ID, so clearly the actual contents of the file don't go into the Detection ID. Is a Detection ID specific to a PC or is it the same on other PCs?
Is there any difference between excluding via Detection ID or filename+filepath?
Also, we opened a case with the full details including SDU submission. The initial response just told me how to exclude a false positive. Does Sophos actually look at the SDU information I submitted to prevent this false positive in the future or was I just wasting my time getting all the info?
This thread was automatically locked due to age.