Changed files (signature) (Windows)

Module: File Watch

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check performs signature checks and compares current signatures against snapshot values to detect changed files in the folders being watched.

The following table lists the error messages for the check.

Table: Error messages for Changed files (signature)

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESMM_MODIFIED Category: Policy Compliance	Windows 2000 (45934) Windows 2003 (215334) Windows 2008 (215834) Windows Vista (215534) Windows XP (49134)	Title: File modified Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.	Severity: yellow-1 Correctable: false Snapshot Updatable: true Template Updatable: false Information Field Format: [%s]
String ID: ESMM_MODIFIED_GREEN Category: Policy Compliance	Windows 2000 (45953) Windows 2003 (215353) Windows 2008 (215853) Windows Vista (215553) Windows XP (49153)	Title: File modified (Green level) Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.	Severity: green-0 Correctable: false Snapshot Updatable: true Template Updatable: false Information Field Format: [%s]
String ID: ESMM_MODIFIED_YELLOW Category: Policy Compliance	Windows 2000 (45954) Windows 2003 (215354) Windows 2008 (215854) Windows Vista (215554) Windows XP (49154)	Title: File modified (Yellow level) Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.	Severity: yellow-2 Correctable: false Snapshot Updatable: true Template Updatable: false Information Field Format: [%s]
String ID: ESMM_MODIFIED_RED Category: Policy Compliance	Windows 2000 (45955) Windows 2003 (215355) Windows 2008 (215855) Windows Vista (215555) Windows XP (49155)	Title: File modified (Red level) Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.	Severity: red-4 Correctable: false Snapshot Updatable: true Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESMM_MODIFIED

Category: Policy Compliance

Windows 2000 (45934)
Windows 2003 (215334)
Windows 2008 (215834)
Windows Vista (215534)
Windows XP (49134)

Title: File modified

Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.

Severity: yellow-1

Correctable: false

Snapshot Updatable: true

Template Updatable: false

Information Field Format: [%s]

String ID: ESMM_MODIFIED_GREEN

Category: Policy Compliance

Windows 2000 (45953)
Windows 2003 (215353)
Windows 2008 (215853)
Windows Vista (215553)
Windows XP (49153)

Title: File modified (Green level)

Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.

Severity: green-0

Correctable: false

Snapshot Updatable: true

Template Updatable: false

Information Field Format: [%s]

String ID: ESMM_MODIFIED_YELLOW

Category: Policy Compliance

Windows 2000 (45954)
Windows 2003 (215354)
Windows 2008 (215854)
Windows Vista (215554)
Windows XP (49154)

Title: File modified (Yellow level)

Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.

Severity: yellow-2

Correctable: false

Snapshot Updatable: true

Template Updatable: false

Information Field Format: [%s]

String ID: ESMM_MODIFIED_RED

Category: Policy Compliance

Windows 2000 (45955)
Windows 2003 (215355)
Windows 2008 (215855)
Windows Vista (215555)
Windows XP (49155)

Title: File modified (Red level)

Description:The file changed after the last snapshot update. If the changes are authorized, update the snapshot. If they are not authorized, restore to the file from a backup.

Severity: red-4

Correctable: false

Snapshot Updatable: true

Template Updatable: false

Information Field Format: [%s]