I would set the signature to Informational, and enable it for all your systems. That way you get the full picture before you turn it on for all systems.
1 of 1 people found this helpful
Sig 6053 prevents a user from modifying files in another user's profile directory. I triggered it by simply trying to create file in another users directory.
1. Logged in with TestUser1.
2. TestUser1 opens cmd.exe and tries to copy a file to C:\Users\TestUser2\Desktop\.
3. Sig 6053 violates.
Both answers are very helpful. I am going to go ahead "greatscott" and set the signature to log like you suggested and see what results I get. Thank you "Kary Tankink" that was very helpful and just opened another can of worms for me . I appreciate both of your feedback.