0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D4CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D4CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D4CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE18026A8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE18026A8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE18026A8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17A8948 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17A8948 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17A8948 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D1CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D1CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17D1CA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FC828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17DBCA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17DBCA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17DBCA8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FB828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FB828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17FB828 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 (win32ss/user/ntuser/msgqueue.c:2398) err: MQ Cleanup Post Messages E1655BF8 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 (win32ss/user/ntuser/msgqueue.c:2398) err: MQ Cleanup Post Messages E17FA548 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17BF6E8 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== (win32ss/user/ntuser/msgqueue.c:2398) err: MQ Cleanup Post Messages E17C06F0 Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (win32ss/user/ntuser/msgqueue.c:2398) err: MQ Cleanup Post Messages E17C0B88 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17E7720 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 fixme:(dll/win32/imm32/ctf.c:77) (040C040C) (win32ss/user/ntuser/msgqueue.c:2398) err: MQ Cleanup Post Messages E17C0B88 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE1572720 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-32-544 SD Group SID -> S-1-5-18 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 32 Acl->AceCount -> 1 ================== 0# ACE DUMP INFO ================== Ace -> 0xE1572758 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x00020c79 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17EE6C0 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17EE6C0 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000 (ntoskrnl/se/accesschk.c:708) SepAccessCheck(): Failed to grant access rights. RemainingAccess = 0x00000410 DesiredAccess = 0x00000410 ================== SECURITY DESCRIPTOR DUMP INFO ================== SecurityDescriptor -> 0xE165B3A8 SecurityDescriptor->Revision -> 1 SecurityDescriptor->Control: SE_DACL_PRESENT SE_SELF_RELATIVE SD Owner SID -> S-1-5-20 SD Group SID -> S-1-5-20 ================== DACL DUMP INFO ================== Acl->AclRevision -> 2 Acl->AclSize -> 56 Acl->AceCount -> 2 ================== 0# ACE DUMP INFO ================== Ace -> 0xE165B3DC Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-20 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== 1# ACE DUMP INFO ================== Ace -> 0xE165B3F0 Ace->Header -> 0x00140000 Ace->Header.AceType -> ACCESS_ALLOWED_ACE_TYPE Ace->AccessMask -> 0x10000000 Ace SID -> S-1-5-18 Ace->Header.AceSize -> 20 Ace->Header.AceFlags: ================== ACCESS TOKEN DUMP INFO ================== Token -> 0xE17EE6C0 Token->ImageFileName -> cmd.exe Token->TokenSource.SourceName -> "User32 " Token->TokenSource.SourceIdentifier -> 0.7563 Token primary group SID -> S-1-5-21-1659792754-1042897035-510237955-513 Token user and groups SIDs: 0# S-1-5-21-1659792754-1042897035-510237955-500 1# S-1-5-21-1659792754-1042897035-510237955-513 2# S-1-5-11 3# S-1-5-5-0-7562 4# S-1-2-0 5# S-1-1-0 6# S-1-5-4 7# S-1-5-32-544 8# S-1-5-32-545 ================== ACCESS CHECK RIGHTS STATISTICS ================== Remaining access rights -> 0x00000410 Granted access rights -> 0x00000000 Denied access rights -> 0x00000000