From 8d30edefb86faf612723550c0c8d9e76de70a8eb Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Thu, 7 May 2020 08:53:10 -0700 Subject: [PATCH 01/39] Add AUMIDs Adding AUMIDs for File Explorer and Store. Even though they are not recommended we have promised to provide them. --- devices/hololens/hololens-kiosk.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index c08a6c076b..1bbd7ddefd 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -98,7 +98,9 @@ If you use a Mobile Device Management (MDM) system or a provisioning package to |Dynamics 365 Guides |Microsoft.Dynamics365.Guides\_8wekyb3d8bbwe\!MicrosoftGuides | |Dynamics 365 Remote Assist |Microsoft.MicrosoftRemoteAssist\_8wekyb3d8bbwe\!Microsoft.RemoteAssist | |Feedback Hub |Microsoft.WindowsFeedbackHub\_8wekyb3d8bbwe\!App | -|Mail |c5e2524a-ea46-4f67-841f-6a9465d9d515\_cw5n1h2txyewy\!App | +|File Explorer |c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy!App | +|Mail |microsoft.windowscommunicationsapps_8wekyb3d8bbwe!microsoft.windowslive.mail | +|Microsoft Store |Microsoft.WindowsStore_8wekyb3d8bbwe!App | |Miracast4 |  | |Movies & TV |Microsoft.ZuneVideo\_8wekyb3d8bbwe\!Microsoft.ZuneVideo | |OneDrive |microsoft.microsoftskydrive\_8wekyb3d8bbwe\!App | From 1c72c2ee112d3fad7aec8b0ffff3aea216d4bd7d Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 16 May 2020 11:54:23 +0500 Subject: [PATCH 02/39] minor correction Volume E was mentioned in the document but in actual case it should only b Volume. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6218 --- .../bitlocker/bitlocker-basic-deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 406d096165..a2cc7ac74e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -457,7 +457,7 @@ Checking BitLocker status with the control panel is the most common method used | **Suspended** | BitLocker is suspended and not actively protecting the volume | | **Waiting for Activation**| BitLocker is enabled with a clear protector key and requires further action to be fully protected| -If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume E. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. +If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. Using the control panel, administrators can choose **Turn on BitLocker** to start the BitLocker Drive Encryption wizard and add a protector, like PIN for an operating system volume (or password if no TPM exists), or a password or smart card protector to a data volume. The drive security window displays prior to changing the volume status. Selecting **Activate BitLocker** will complete the encryption process. From d2bd7348adcb4f8d14b8620f248eaaa52ab53006 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Mon, 18 May 2020 16:07:27 +0500 Subject: [PATCH 03/39] Update windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../bitlocker/bitlocker-basic-deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index a2cc7ac74e..96fc9bd8c2 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -457,7 +457,7 @@ Checking BitLocker status with the control panel is the most common method used | **Suspended** | BitLocker is suspended and not actively protecting the volume | | **Waiting for Activation**| BitLocker is enabled with a clear protector key and requires further action to be fully protected| -If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. +If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on the volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. Using the control panel, administrators can choose **Turn on BitLocker** to start the BitLocker Drive Encryption wizard and add a protector, like PIN for an operating system volume (or password if no TPM exists), or a password or smart card protector to a data volume. The drive security window displays prior to changing the volume status. Selecting **Activate BitLocker** will complete the encryption process. From 66ab96d20913b8535ceecf7fb00975d215c9d151 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Thu, 28 May 2020 09:58:28 +0500 Subject: [PATCH 04/39] Update surface-system-sku-reference.md --- devices/surface/documentation/surface-system-sku-reference.md | 1 + 1 file changed, 1 insertion(+) diff --git a/devices/surface/documentation/surface-system-sku-reference.md b/devices/surface/documentation/surface-system-sku-reference.md index 0d49be965e..73294d7794 100644 --- a/devices/surface/documentation/surface-system-sku-reference.md +++ b/devices/surface/documentation/surface-system-sku-reference.md @@ -26,6 +26,7 @@ System SKU is a variable (along with System Model and others) stored in System M | Surface Book 2 15inch | Surface Book 2 | Surface_Book_1793 | | Surface Go Consumer | Surface Go | Surface_Go_1824_Consumer | | Surface Go Commercial | Surface Go | Surface_Go_1824_Commercial | +| Surface Go 2 | Surface Go 2 | Surface_Go_2_1927 | | Surface Pro 6 Consumer | Surface Pro 6 | Surface_Pro_6_1796_Consumer | | Surface Pro 6 Commercial | Surface Pro 6 | Surface_Pro_6_1796_Commercial | | Surface Laptop 2 Consumer | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer | From 8f4662fa310b3c8cb19d4d4c89ccff59328d4c1a Mon Sep 17 00:00:00 2001 From: v-jodben <65978782+v-jodben@users.noreply.github.com> Date: Thu, 28 May 2020 12:09:54 -0700 Subject: [PATCH 05/39] Update hololens-release-notes.md Line 165-7; ### Known issues We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working. --- devices/hololens/hololens-release-notes.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index b98be63493..c1c12c8178 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -162,6 +162,10 @@ Improvements and Fixes also in the update: - Added ‘Share’ button in Feedback Hub so users can more easily share feedback. - Fixed a bug where RoboRaid did not install correctly. +### Known issues + +We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working. + ## Windows Holographic, version 1903 - May 2020 Update - Build 18362.1061 From 28b18c9bbc5a63c67e974502b42778ccb9812a77 Mon Sep 17 00:00:00 2001 From: v-jodben <65978782+v-jodben@users.noreply.github.com> Date: Thu, 28 May 2020 12:55:58 -0700 Subject: [PATCH 06/39] Update hololens-release-notes.md --- devices/hololens/hololens-release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index c1c12c8178..3ee2cef5f3 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -164,7 +164,7 @@ Improvements and Fixes also in the update: ### Known issues -We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working. +- We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working. ## Windows Holographic, version 1903 - May 2020 Update - Build 18362.1061 From 107fbe4f3afced72a6a9164c2a6ae93fd6278341 Mon Sep 17 00:00:00 2001 From: Todd Lyon <19413953+tmlyon@users.noreply.github.com> Date: Thu, 28 May 2020 13:39:00 -0700 Subject: [PATCH 07/39] Update hololens-release-notes.md Moved the Cortana known issue down to the known issues section --- devices/hololens/hololens-release-notes.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index 3ee2cef5f3..e83ad1af28 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -142,9 +142,6 @@ You can now quickly access and use commands with your voice while using any app The updated app integrates with Microsoft 365, currently in English (United States) only, to help you get more done across your devices. On HoloLens 2, Cortana will no longer support certain device-specific commands like adjusting the volume or restarting the device, which are now supported with the new system voice commands mentioned above. Learn more about the new Cortana app and its direction on our blog [here](https://blogs.windows.com/windowsexperience/2020/02/28/cortana-in-the-upcoming-windows-10-release-focused-on-your-productivity-with-enhanced-security-and-privacy/). -> [!NOTE] -> There's currently an issue we're investigating that requires you to launch the app after booting the device in order to use the "Hey Cortana" keyword activation, and if you updated from a 18362 build, you may see an app tile for the previous version of the Cortana app in Start that no longer works. - ### Quality improvements and fixes Improvements and Fixes also in the update: @@ -165,6 +162,7 @@ Improvements and Fixes also in the update: ### Known issues - We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working. +- We're investigating an issue that requires you to launch the Cortana app after booting the device in order to use the "Hey Cortana" voice activation, and if you updated from a 18362 build, you may see a second app tile for the previous version of the Cortana app in Start that no longer works. ## Windows Holographic, version 1903 - May 2020 Update - Build 18362.1061 From c77d424231bb08d822163703764decdf5e1cf46c Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Sat, 30 May 2020 16:10:21 -0700 Subject: [PATCH 08/39] Update manage-updates-baselines-windows-defender-antivirus.md May 2020 Update --- ...es-baselines-windows-defender-antivirus.md | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md index 8146772e45..90822a5761 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md @@ -58,11 +58,32 @@ All our updates contain: * serviceability improvements * Integration improvements (Cloud, MTP)
+
+ May-2020 (Platform: 4.18.2005.4 | Engine: 1.1.17100.2) + + Security intelligence update version: **1.317.20.0** + Released: **May 26, 2020** + Platform: **4.18.2005.4** + Engine: **1.1.17100.2** + Support phase: **Security and Critical Updates** + +### What's new +* Improved logging for scan events +* Improved user mode crash handling. +* Added event tracing for Tamper protection +* Fixed AMSI Sample submission +* Fixed AMSI Cloud blocking +* Fixed Security update install log + +### Known Issues +No known issues +
+
April-2020 (Platform: 4.18.2004.5 | Engine: 1.1.17000.2) - Security intelligence update version: **TBD** + Security intelligence update version: **1.315.12.0**  Released: **April 30, 2020**  Platform: **4.18.2004.5**  Engine: **1.1.17000.2** From bd4fcff39785fbde819cafcb04f168ea9ec57126 Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Sat, 30 May 2020 18:23:24 -0700 Subject: [PATCH 09/39] SupportLogLocation parameter Adding new parameter SupportLogLocation and usage explanation --- ...llect-diagnostic-data-update-compliance.md | 34 +++++++++++++++++-- ...ne-arguments-windows-defender-antivirus.md | 4 +-- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md index 1cae26190b..0b217d93f5 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md @@ -38,14 +38,19 @@ On at least two devices that are not reporting or showing up in Update Complianc c. Enter administrator credentials or approve the prompt. 2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`. - +> [!NOTE] +> If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`. 3. Type the following command, and then press **Enter** ```Dos - mpcmdrun -getfiles + mpcmdrun.exe -GetFiles ``` - + 4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`. +> [!NOTE] +> To redirect the cab file to a a different path or UNC share, use the below command: +> `mpcmdrun.exe -GetFiles -SupportLogLocation ` +> for more information see '[Redirect diagnostic data to a UNC share](#Redirect-diagnostic-data-to-a-UNC-share)' 5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us. @@ -60,6 +65,29 @@ On at least two devices that are not reporting or showing up in Update Complianc Please contact me at: ``` +## Redirect diagnostic data to a UNC share +To collect diagnostic data on a central repository, you can specify the SupportLogLocation parameter. + +```Dos +mpcmdrun.exe -GetFiles -SupportLogLocation +``` +Copies the diagnostic data to the specified path. If the path is not specified, the diagnostic data will be copied to the location specified in the Support Log Location Configuration. + +When the SupportLogLocation parameter is used, a folder structure as below will be created in the destination path: +```Dos +\\MpSupport--.cab +``` +| field | Description | +|:----|:----| +| path | The path as specified on the commandline or retrieved from configuration +| MMDD | Month Day when the diagnostic data was collected (eg 0530) +| hostname | the hostname of the device on which the diagnostic data was collected. +| HHMM | Hours Minutes when the diagnostic data was collected (eg 1422) + +> [!NOTE] +> When using a File share please make sure that domain accounts used to collect the diagnostic package has write access to the share. +> To prevent data loss, you can deny these accounts from deleting data. + ## See also diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md index b42e1c8729..4922a7ff73 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md @@ -36,7 +36,7 @@ MpCmdRun.exe [command] [-options] ``` Here's an example: ``` -MpCmdRun.exe -scan -2 +MpCmdRun.exe -Scan -ScanType 2 ``` | Command | Description | @@ -44,7 +44,7 @@ MpCmdRun.exe -scan -2 | `-?` **or** `-h` | Displays all available options for this tool | | `-Scan [-ScanType [0\|1\|2\|3]] [-File [-DisableRemediation] [-BootSectorScan] [-CpuThrottling]] [-Timeout ] [-Cancel]` | Scans for malicious software. Values for **ScanType** are: **0** Default, according to your configuration, **-1** Quick scan, **-2** Full scan, **-3** File and directory custom scan. | | `-Trace [-Grouping #] [-Level #]` | Starts diagnostic tracing | -| `-GetFiles` | Collects support information | +| `-GetFiles [-SupportLogLocation ]` | Collects support information. | | `-GetFilesDiagTrack` | Same as `-GetFiles`, but outputs to temporary DiagTrack folder | | `-RemoveDefinitions [-All]` | Restores the installed Security intelligence to a previous backup copy or to the original default set | | `-RemoveDefinitions [-DynamicSignatures]` | Removes only the dynamically downloaded Security intelligence | From 22cd81e37e514419131c47b0a716d25c0606f653 Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Sun, 31 May 2020 11:05:55 -0700 Subject: [PATCH 10/39] general doc for diag data making it a general doc to collect diagnostic data --- ...ta-update-compliance.md => collect-diagnostic-data.md} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename windows/security/threat-protection/windows-defender-antivirus/{collect-diagnostic-data-update-compliance.md => collect-diagnostic-data.md} (92%) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md similarity index 92% rename from windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md rename to windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index 0b217d93f5..ecbbb8d074 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -1,6 +1,6 @@ --- -title: Collect diagnostic data for Update Compliance and Windows Defender Windows Defender Antivirus -description: Use a tool to collect data to troubleshoot Update Compliance issues when using the Windows Defender Antivirus Assessment add in +title: Collect diagnostic data of Windows Defender Windows Defender Antivirus +description: Use a tool to collect data to troubleshoot Windows Defender Antivirus keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -17,13 +17,13 @@ ms.reviewer: manager: dansimp --- -# Collect Update Compliance diagnostic data for Windows Defender AV Assessment +# Collect Windows Defender AV diagnostic **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV Assessment section in the Update Compliance add-in. +This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV. Before attempting this process, ensure you have read [Troubleshoot Windows Defender Antivirus reporting](troubleshoot-reporting.md), met all require prerequisites, and taken any other suggested troubleshooting steps. From ec6e3599e22145a67136b4205eb5a015efee6ac0 Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Sun, 31 May 2020 11:09:59 -0700 Subject: [PATCH 11/39] add ref to diag data page add reference to collecting diagnostic data page --- .../command-line-arguments-windows-defender-antivirus.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md index 4922a7ff73..8a16818ba6 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md @@ -44,7 +44,7 @@ MpCmdRun.exe -Scan -ScanType 2 | `-?` **or** `-h` | Displays all available options for this tool | | `-Scan [-ScanType [0\|1\|2\|3]] [-File [-DisableRemediation] [-BootSectorScan] [-CpuThrottling]] [-Timeout ] [-Cancel]` | Scans for malicious software. Values for **ScanType** are: **0** Default, according to your configuration, **-1** Quick scan, **-2** Full scan, **-3** File and directory custom scan. | | `-Trace [-Grouping #] [-Level #]` | Starts diagnostic tracing | -| `-GetFiles [-SupportLogLocation ]` | Collects support information. | +| `-GetFiles [-SupportLogLocation ]` | Collects support information. See '[collecting diagnostic data](collect-diagnostic-data.md)' | | `-GetFilesDiagTrack` | Same as `-GetFiles`, but outputs to temporary DiagTrack folder | | `-RemoveDefinitions [-All]` | Restores the installed Security intelligence to a previous backup copy or to the original default set | | `-RemoveDefinitions [-DynamicSignatures]` | Removes only the dynamically downloaded Security intelligence | @@ -58,5 +58,6 @@ MpCmdRun.exe -Scan -ScanType 2 ## Related topics +- [Reference topics for collecting diagnostic data](collect-diagnostic-data.md) - [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) - [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) From ad6261e8b9cb82d456acfd7342da8a51557ff1f1 Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Sun, 31 May 2020 15:03:39 -0700 Subject: [PATCH 12/39] refining and updating reference links refining and updating reference links --- .../collect-diagnostic-data.md | 44 ++++++++++--------- .../troubleshoot-reporting.md | 2 +- 2 files changed, 24 insertions(+), 22 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index ecbbb8d074..c3c1d2b052 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -17,7 +17,7 @@ ms.reviewer: manager: dansimp --- -# Collect Windows Defender AV diagnostic +# Collect Windows Defender AV diagnostic data **Applies to:** @@ -25,28 +25,29 @@ manager: dansimp This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV. -Before attempting this process, ensure you have read [Troubleshoot Windows Defender Antivirus reporting](troubleshoot-reporting.md), met all require prerequisites, and taken any other suggested troubleshooting steps. - -On at least two devices that are not reporting or showing up in Update Compliance, obtain the .cab diagnostic file by taking the following steps: +On at least two devices that are experiencing the same issue, obtain the .cab diagnostic file by taking the following steps: 1. Open an administrator-level version of the command prompt as follows: - + a. Open the **Start** menu. b. Type **cmd**. Right-click on **Command Prompt** and click **Run as administrator**. c. Enter administrator credentials or approve the prompt. - + 2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`. + > [!NOTE] > If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`. -3. Type the following command, and then press **Enter** - + +3. Type the following command, and then press **Enter** + ```Dos mpcmdrun.exe -GetFiles ``` 4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`. + > [!NOTE] > To redirect the cab file to a a different path or UNC share, use the below command: > `mpcmdrun.exe -GetFiles -SupportLogLocation ` @@ -54,29 +55,32 @@ On at least two devices that are not reporting or showing up in Update Complianc 5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us. -6. Send an email using the Update Compliance support email template, and fill out the template with the following information: - - ``` - I am encountering the following issue when using Windows Defender Antivirus in Update Compliance: - - I have provided at least 2 support .cab files at the following location: +> [!NOTE] +>If you have a problem with Update compliance, send an email using the Update Compliance support email template, and fill out the template with the following information: +>``` +> I am encountering the following issue when using Windows Defender Antivirus in Update Compliance: +> I have provided at least 2 support .cab files at the following location: +> +> +> My OMS workspace ID is: +> +> Please contact me at: - My OMS workspace ID is: - - Please contact me at: - ``` ## Redirect diagnostic data to a UNC share To collect diagnostic data on a central repository, you can specify the SupportLogLocation parameter. ```Dos mpcmdrun.exe -GetFiles -SupportLogLocation ``` + Copies the diagnostic data to the specified path. If the path is not specified, the diagnostic data will be copied to the location specified in the Support Log Location Configuration. When the SupportLogLocation parameter is used, a folder structure as below will be created in the destination path: + ```Dos \\MpSupport--.cab ``` + | field | Description | |:----|:----| | path | The path as specified on the commandline or retrieved from configuration @@ -85,9 +89,7 @@ When the SupportLogLocation parameter is used, a folder structure as below will | HHMM | Hours Minutes when the diagnostic data was collected (eg 1422) > [!NOTE] -> When using a File share please make sure that domain accounts used to collect the diagnostic package has write access to the share. -> To prevent data loss, you can deny these accounts from deleting data. - +> When using a File share please make sure that account used to collect the diagnostic package has write access to the share. ## See also diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md index 2efa65178d..05e621e3b8 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md +++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md @@ -62,7 +62,7 @@ In order for devices to properly show up in Update Compliance, you have to meet If the above prerequisites have all been met, you might need to proceed to the next step to collect diagnostic information and send it to us. > [!div class="nextstepaction"] -> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data-update-compliance.md) +> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data.md) From b6c0864e1b2f56a18a0c544bb2b1735a6df7fbc3 Mon Sep 17 00:00:00 2001 From: amirsc3 <42802974+amirsc3@users.noreply.github.com> Date: Mon, 1 Jun 2020 12:48:29 +0300 Subject: [PATCH 13/39] Update offboard-machine-api.md Adjusting support statement to avoid customer confusion --- .../microsoft-defender-atp/offboard-machine-api.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md index 5b7477d473..30538a9a58 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md @@ -34,7 +34,8 @@ Offboard machine from Microsoft Defender ATP. [!include[Machine actions note](../../includes/machineactionsnote.md)] >[!Note] -> This does not support offboarding macOS Devices. +> This API is supported on Windows 10, version 1703 and later, or Windows Server 2019 and later. +> This API is not supported on MacOS or Linux devices. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) From a5a1ab0a3fd2c272f1144687fb66769c2ab0ab82 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 1 Jun 2020 17:29:15 +0500 Subject: [PATCH 14/39] Update control-usb-devices-using-intune.md --- .../device-control/control-usb-devices-using-intune.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index 74a43afb5e..74fccc75e7 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -111,7 +111,7 @@ For example: If you want to prevent the installation of a device class or certain devices, you can use the prevent device installation policies: 1. Enable **Prevent installation of devices that match any of these device IDs**. -2. Enable **Prevent installation of devices that match these device setup classes**. +2. Enable **Prevent installation of devices using drivers that match these device setup classes**. > [!Note] > The prevent device installation policies take precedence over the allow device installation policies. @@ -145,6 +145,13 @@ Get-WMIObject -Class Win32_DiskDrive | Select-Object -Property * ``` +The **Prevent installation of devices using drivers that match these device setup classes** policy allows you to specify device setup classes that Windows is prevented from installing. + +To prevent installation of particular classes of devices: + +1. Find the GUID of the device setup class from [System-Defined Device Setup Classes Available to Vendors](https://docs.microsoft.com/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors) +2. Enable **Prevent installation of devices using drivers that match these device setup classes** and add the class GUID to the list. + ### Block installation and usage of removable storage 1. Sign in to the [Microsoft Azure portal](https://portal.azure.com/). From 53e4aaa7a2d80600028d160dbc897658d1a52064 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 1 Jun 2020 17:34:41 +0500 Subject: [PATCH 15/39] Update control-usb-devices-using-intune.md --- .../device-control/control-usb-devices-using-intune.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index 74fccc75e7..db7936986b 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -151,6 +151,7 @@ To prevent installation of particular classes of devices: 1. Find the GUID of the device setup class from [System-Defined Device Setup Classes Available to Vendors](https://docs.microsoft.com/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors) 2. Enable **Prevent installation of devices using drivers that match these device setup classes** and add the class GUID to the list. +![Add device setup class to prevent list](images/Add-device-setup-class-to-prevent-list.png) ### Block installation and usage of removable storage From 3791baff736c292bc1b369d5e9e8e5b0ae63a55f Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 1 Jun 2020 17:34:43 +0500 Subject: [PATCH 16/39] Add files via upload --- .../Add-device-setup-class-to-prevent-list.png | Bin 0 -> 65391 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/device-control/images/Add-device-setup-class-to-prevent-list.png diff --git a/windows/security/threat-protection/device-control/images/Add-device-setup-class-to-prevent-list.png b/windows/security/threat-protection/device-control/images/Add-device-setup-class-to-prevent-list.png new file mode 100644 index 0000000000000000000000000000000000000000..043da380169b19191babe0f7b460847a6b656b19 GIT binary patch literal 65391 zcmd43byQrzw>8)a2^QR4gS!VO5Q1Cq;K4mWa19#V-GaNjySoH;cX#W#o&4TgZ|0ks z_04~C*J5?|wW>O|?m7GHvx`7^SusR-Ja`ZYgeW2Y=?e(-<|hdB+6(qIu*Y`}3RG5#p?5d^9TfA^&K7WfVKU0mG`1VZY9{JrY4&Nl#oz;7fzeN=MN zK6*xUQ~r~B8h%P5$3rOEx8Jhae-`oPP4voFbB@T`FJ|k$KSESPQ)iD6YYzfzUP}b* zRd<3Pz;71|^pZe?=14rT)orfkI@fB!;I`-O3nm@spM20j z$Gz3-zptxPqJIz-72RO^_*w-Ru~05G9uZNT1aKG>LRD)qe=#8E5tUgc5l!jb$xQX0 z<^?#Z9~OPf^A&Ig^UDYOgJ~FIx9<;ErVp+=!?=STBkI5joWDAN!(Qj_dURDll)rHh z^l(5R1I%t+U~l`K-)m+%Xpt+xcnz;ufCC_Aj||XoQ0p7ARY~Ai|A+rvJp@BQ@BIoS z#Mt4A3N+_sGsx9;KVmn=?>Lz)5ltnR+lJ1)@#ohYxL<8=R)S$cAl&!P2sZ)fZI5HC zgz+$L)}3c(FvTI_7lP4wX|4kl@$is`3Bq^-egyv*P0@0@nJ!Qq6L1}jp&`TJJuD71 zPUXnR?|+fUksyPH0(l`s@j>&JgL`(h?_$NLn9jQ;(DP(dS@m8&3s-^j+B}`to!jn@ z4};^C-r@ecu|};04GqmYDNb+)HHf@8hdHPzrJofz_Bq5F;q!ff4tJyLZJJK=-A2G@ z+LIhu$u#9rC!|W?>5r?Vbv~zTvuTQe{?mT-`2&6)_K4F>%_dc0+)D{Pq~9T!-zpNM z_kVrPVvTk0j{?7}f*<{`wW-5pWK%wzZxVw)@Jmrc(=jsU0=Dd+v_bI!Os8`0PSyA5 z`7rgO^Rn@$iz(F^y!A$N%PQF$ zW5wtz3B^gN@%k3oTgqZSPkx>F3>QC2e}jt64^@Kdw^#y@Xrg5YHmk)O$$=>-WON?d z5i)hEZF}R%_&D7Yyes{(c}TV5QeKNpHk{mb;4?)k`6_@dMC5 zl60VdvMrA@*_n#ONj&>qo>s$;L+f^6i$QM1RhE_e=hLt@hqbljHt^VOSli8ubr>>u z=gu_Uo;mrFsj2zyTBJ;Ohn7<^(pqN?zaQk$&M>8n=g5F zsdrt(D}3BnC%o3JPXQN#sRH0|Yfol3qd`$me*3|#D%ob6o#k799qyODa4hidsmJYS z=X)^&iGlG*Y!ADeoJ;V5h4DlG$=nIK2$UTEb@DsLboUp0CV>~9^kdhbIE`x;mpaZ* zFi^&dj7%eMWD^PikMe1CzL}wvMlz4`1OzbJ*vbfDs zqPlumF>EKr#$xSHMiSXrk4ATlT6^IvY*|U;VemTDbz$1*TYAmczN>`Iygh8`d!1(o z*Ev0XECT_Bub*Cz60xg^fv?lkR>%+{;vyqF^E67=KWmZtCA&TlS5%PVw09okju6e&>O!#24@&4u8LzVOvx~`Q0HXwx?$|Q>=41fXOHVGG=lztNHn=mjD160b%-rz>{8D~*^AkI5 z^|FijNeHWo`$_3BPN#YFOBwiEaALMJ+dj(g_fiVIiUIc(u}TJNvP~HJ5_E<^^Jarum%#d$WU#po=YQUYMo;=$=4H|8Z&C(nr=Mhy1*O6G4a7XWyfjfuZJyvra+WApkEE`Q3?VitT8CBo+g&+g%OV?YjTb`guKh1e-vn+2#S6YV_&lw(a4M zwd1MtwvMOAR>86l)N>n0NG4m?Ld&l*!8*Sd@oz(RyE^8A__iO_Yf6HY7fT` z%aC!ajIfD$+-)vMtu2@U*8?IFpLwr)H>y0xJQ`&G5mUXl3-u1>%s@!pYj}PHCskoYH<&4L> z)vBGl3VHneT5mlpgvHEvrE1+;n@3s9siWWHI1UjD#EvoiM{)RrvJVi$VU%9IEw{-9 zo@|CUnT`QrI%gAY&&v(z^=0e%{P-nWkesGEOggQ!0lzbqp5Vke!EYmyZ8YnE0oCGyJPg6NY5MC z0i*G^h4!qtzD6?a>ldTb{@R{e&0z0k4s3OJJp)*)HZ_vp5-aZlhToQgI~+7j(jyKyB;Yvqem5-YPacqZ$n8>AXmVT!D{x2|s)s%!PDRSgPt)Nt zEsIMEjImv7L3?~4+$}`imo;Ra>-ESj_)M8;b{l<7BVG19Bs#k`hpiL@8_EVk=Y|E~ z-ftmDbPdDSao-)u+-T!@Jd!H)u-_XFkZpUp;k9n#J@>8)Yx!{1dl;Q3tzDUYP)Jwy z(CEFC*;zUYTV|?=~}3xaILya z$100YPoDVPc8BXJ@441enOwNrFnp8!Rw7s}Mexx(BhR5i<>{tuh%xF^3U*UjYH{9^ z1N{0v6M?1(gXzI$bv3dznB}J^BUAKO= zUo8yHYB9A$UJ=w7RqCfP9h%gQJo$)W3wv>=Mx2#OI!B!!;p-8X2$Bw@|>XUzAU(UVv0tW!z zFPfTs_6JHq+qu$-tj-q(@V&p_2yk5!{{!PrwY$xwD8aiEK5Z_hXL5OC(n%M_o~*g8 z*3vJ_k09t7jH=dU$kqe6ZIn^5mZgntbI;2P>LxQ6WBLi!86AzveSAs7AKgieJ1 z$H}L;Fu>kknhLd}wwGBjkKtfUfnwg|Dggauw$x5@sc_G~xd>wb*D~7%`TP4Dph0f3 z8JPZZmB(f@{2L@qB7pRnWlr5Vl>&+hrV?=ZUZ_4Tzy3D$|I+UNeJ9VfKLHo&rd+f` zA^%dHluP4NZ;pMT4|8H^al+2LWCCs;;)MgW0m8{E)@-;qu3N3mWI9)8_U_YxZ3m)_ z1_=P+A>&znI6h_+Gr}Z%WDagCM$r+h8@xbZX`(8iw3Q z2~I|ZECE5~Sjc5sjwKc8boWRtpVSA_6hGmQzwgn>63SnMo!(`!wWX{B8KEvcdNsC< z?iyDIINJ6j{lYj`_g<5gxwFGAS0miC_fAH}&f5zT8uE1Szkpc$rbh*5I0IK91@oP~ zK~v`Np`8AE1G5(aH2%a&(kz3D+sn!p$gn^I6MecB!LsA4adBmz$yD#3!$-eH4J5Xn zHHtz7i0RQ-6tj5V{78fh64)?EJ|61UxidYqA=mPP>#mw54?T^wHORNW_$)V{=xQ9? zIZ(PbZ6vurwKrB+T07Yepgi4hJ=+*7TeEYjxZd!6uCqjuU)FiR3&-#yzZ!G#qJrQX15V4nM$mX!3>ruX{g zjQ(WM<%lR?6+=}WqO1Awu&_b9$4^B9cdEvU$lP<}O(v!IsnasLM`D^jA17}%i(}k8 z(`d1I`HS zClrwa;+b;3^7t4@aym_MMUJLaS6HD%Q5tm z6Ve#MorfZ>|52N)?;qe;BdMab$-Gexap zaaj65E!o}tsIlJc&#sjY1q8#?%y>|>zTTmZl1U`;IP3QoyLO;`&c9KrFOBctc>k4O zMs2FDLk(5G_RXQfgWo!@MO1QXwZ`?yhKXwjo#2Mv&ih2mp8|EvsqM{c1s@N!f7;%= zhDaRL{g(P`l6GUlBewMWVf$II<@3d2Yr}ck=qN+Us_FAXs*ZN!_m3hXU4yZ7j;AXv zw^y~E;A`)sq?{{)>0rr4ZjwiG8nf_2N?bpM{**am z$XSbd-yzC}+FOD3=wMZSxB=if_rG}VpDl>88b-hShyiGhT1(Dv-zAVG1WwuVFYE zhrA2zA4G|LWcb z&I-r0?B2IyUc-ib5IUvx7gxnt!z#O){$KezNb0zT*#Z-he$+zT&A+bS2@(6aKLpV+3fNf<1os#R3F!9a zt*}udw0VB^z&E%XP9IGXaNe0FPIG;E8yQV`WL4oRg4w3SUv4)t`V&!s#cyiB0EJV1 zf%0@&qx?S6?Y5^i72i2d7zfvX$RjDqh1297r4hq*HqekCE=cB^9)Wo$N4=lBTj}|q ztNBaEA&N$Q*IFJfG&91Y%(~T&UtUp}BBVt)@W3rz55Uf3?Z=}=Rckyi#|{BgF~kyK z)y5?DT>I0jlj}q5F?k6y4Lp%|keRsY8+g%XHQIEyVJBO@cc=u8VSuR}ZZkM}Qa8-= zoD$@7dzd&Cl=z7A_8a&zH#ofY<|G~a7+ZAmCne1y+SFiP$(mR&=T$}1B0D#pTE%sv z0Jqj;|5;3@ch68!QJ!VYSK;z-!RaxzR?A;9ID~k3@p4%hyfsV489w|T+5I2bhvU?( z9t(2id;OR=T1qXu5VxmtE3PgO@v+XE9)VG>qvaMRVdwW4_wlu|X3#jAbH{5|yEQCP z?b%zb5h$6rMQ6X3{es6g2r3`H%JMPLBDT8o8{a&}W<(JxpU1OyYO?>i!B|DpfNLZ> z=Ikn_pFE|SWYe$aL8uY(?IW(KjeUq2@)#xi^9BoLfo1FLJCJkVw%v=Ajmo1J74M8wMXAad`WT3+k`SWXb^ zD}Qv*fb+!w6)J>}I+-{XeR@6=K^I`ZE^fP%KQF$=@X}(;fkBiszLjivG!67X0^C))1E&e97M`If{! zpE$PR3tTrf9z@$qt^RHkC2pqi1rXR{H~!wQ3(QMGrm;7FJ(aFS=4!ChgeW!#JA2#Z z=)JM$o}A*#lU&*J_6d56wKR|O1dzD`$mSM&wc>i!wvYW(3XZL+_zSeC<;x+TpWi<7 z%#9CZobvwwkB?WOBi<)JKEAB#Xx+RhQ?#|_K82by@t)5tT7%=?jd|=Ode~t7Z5u#o zI9G?dtlPRX#p>3r_dC9D=>7o#s~(TXg5XQRHh_p&ao&Bp-fi=Nz&+4!lnwyWBVcKuY`EZn)>uru*%(nCCVN=4H?4Yh_wfK_$v^}?j8UJTyL!sUz4g;n?y=C{KQx6918`; zRQaYA8Cq!F_UZ0Cn6Xiu$V=#AT(y;Du21mA#u@b5`Q?5W>Kk)C%llVWzyph*0Qx0g zPXhf;j_3jYFBuH6BK92u3(ttR^mC`5^=6+Nx9XZ+m>FUTN6S*!{S3Npy9VJXQ7d*-B(NDLZMNidh zLv}v!kN!8j7MIL+|Ddoa@iF#S=3Y6knNlrCq=5NQ1e+}cJB*O(u;tw{aYpav#Op&fMqMDkq-5GTmLK)f;4%^K9s;1g< z?ydKv6Z@P7qc24%`0a7`j*<&Nlh0#kQ0At7NcFz@fjwB9Rnnx63vpG|ETvyDLYI%0 zzwXB63|fWZRwO6d3)*Ju)QqgbJ?O`xCU7^~tVmXl_UP2xo$#;9o7>lg5lRFPXwK7$ z;mh=v|EF(^%sP!96O!Q!v3R$_gHYw_>I6ri*k{!r`Jh};w>_uU5=U-vl;3T6OBOHQ z?M!45>M(mK-6F<)<1<=v0~hJkv*9f=7#)_K9M-;LriQL>Y?3^(FqnLqax642U6R;c z!EpT3;wJY#89XG(2hAsf7A_h}9eZ-uiA`X7D=B}pvmERcX(C-L5Sf;YJg5~PjI?}N zCQP5FX@9D}LM?5&+@o`stH$KI^O79er&g45Y+r3d&kLz!0SU@$vQV5Ool`xwdtA1y z6djZn#rHb=S7kfSwNbWbv8wa%2*{n(Z<6V9-dp&j#M=F-w8mc+7^A_(#`gTG)f=h# zC1iC(I!f^cLM+y4%6vxQ%Ed!>@~z^>~Ue(%cE7R=r!AK<1DdUcUnK`g5gN z?SGjLM2++LOctqamc9HBI(jQJxi@odj3Iwy3@xAAUG6zz5cUzncSdSW7VM>F=C%Ex%XLT9_DP{(5Aq<}(Euw?4x3k7gfP*EsgGxK0dH`dg2n8D2^TF)`o}+; zF0k)TLazK<6o^sVR(|jfNFXfNG=+^a6TO>BtbRW~~!zcL(^WpDw zA(_=hrRQ_rqXQ0W+LyWMlSGd0G}=HBKnk2dyn_F~PkjH^EIA^iqjoTJu=b;~0b1Ft zfeQ(4a`q(SRV<~SS#kK#6>J3_PHv7VKK*xYvus3I(}7<2*hpFy$X|6Aa~jPNlqk?Z)QCv zb>TV^}pGjr(+ORcBHDjo5Zw}wSjDRTR&mXvQ6kKx=kmOFx-@LJN)e*J6 z$1{Kb*6~wsQy_*vVIO%G2~2{(U&5e0fohipN9Tl^Uv~_y>h&MBH5N5^o~e9(Md$#k zTaMS>O)X8eRr7lht;i?8LL3!GA6iIYaBlvF;?0=ZeQ@~mDcEK|r^;vqh^$TN-<+FH zc#PLo+gwJr1{_bA9o!5zym?R5nDsgdZ8(Qm93RUqMMDN_eV!8ZjVR|otA5eaKs`i5 zDXQVN=Qz}%6X#T9-EMs+k`E@KPQb>7t&yqftXHRV-Z<20vqTT#zMxSQWxaDT= zmtzmDSy7MgsG4bWWg+~SkNh%6cVpi9KlTm8kn8Stssn|CCB1IwWBYX^JF^zTc z%$DbD&6?18TOEA{5~fCm^WL$JwvYkO=z?h+b6=Ge#+(a*;3q#IAOmwjH^ug6 zWPO{_Y}DNgK>HJbGtT9Z3D@Vrt>7rJ6;E&n1^u%$xLIs0#ks#C7o&{HlKzy4k|$&| zA$49oSvRq3`EwO_B7C=Ew}~1$hYuT;&!^cB)@D-{Ls3|Cnxy7OmVEMEhM6s)4AQR6 zqF=|ZJ}vC~DojYa)PLdG`5~s?O1sRejYwG=?~h*Mt~~SfrK0a``YUuTj;@(bzr4hs zH_`sB&V*Kqe5FIx9V5_x#6%Ie$8M)KKOV~muTe^oqNItt)}i?oEN^i!SI287WPGFh zQ6@LvLnuh%p|+`xi&?NgAoed-Z^q7onN6M!h{@dukAel=PPRq(ZU^xTgPgtV4{~!( zp80)X9%;WO-@PyK?W9cWV=cMMpq+6gA+2=JPf#tSLn~nMDR)v$FBWF4FR7YEkMS#> zsE&=ncZV_EQQ;{g+rh^jZEr3_XTHqj$b=h~iTfGE&v=LMVZy8g!z>BcqD_w> zJu$y@Dyp`FP_st4TQxixRP@D)RUAINGX?cWzZKb4yf&Ulk8eHfP@YGFZCr3nyQ5oe`5vGNts(|X~9-kaRSTN%g9sn)S$c~pM)G!y(m5is8G`z@;j{-?5l*P45 zn7L3Z9OKpN%I!tfP_Tkyi=ugwemce{cWQFhfA-vx?IeSTcFx8w2(-Nv7s-||E9R9y zsq4*&v@t2y+qt%3!mQX;`_f`PR-~tpFbTYv*Cv|r+&*-J$mQEKMxn4JT?Yy!mEsEq z5m@x_RsJ=#$<eGgMoLID3!ex08?M?fDBL{>KzgA_Cd)YAX zF<0Jod?e~vxs5z#Qr==xgMl!Dz_u0RB$c%^&&&AVc(wnP&x~Vh;kStso92+9zqD-o zhqwQzNeH+6Z~NaNivI^;+l-C6^$wZu%nMT8?k8|ub+41AS%ci1nU(~4h%L;1Nxt

ym7D}rCP$0Z&J zJEVYuvMv6JL+?3iW)T&V$65dIOftR0FanoPiHM53n#*d^Jr9f+HVU{nb z4z_pw8ZAzqMa|O_yij8f$^9s#;>L9(6~p*oSRqtNJk!h(zd?~cnw?%ynZg8dqOs%> z$;^oN7!M}AyR0*BkxN!ZMN&MOa}hl-4_LZ^^v>~q`xcx+p)-GVAI#W%)(I)UmZm-t z==Z5os#vqSv~e1Hw;)8B6m4msm*DT5yLd=5+;kJb4Y>a!aehVL}{9zzYU z`2mBjSFOG#5Qs;di9_3o!Wx)@r<31Qsk<$r3A_tad5W5A=`1HWWWS{qTJTca!N&9P zmIn{`e^`u`wErquXl{rSXC}eC@GrL5AzS({M`zO6ldGdKd(f*3tZ2^0myGkV!(^+c zV520CuAAkkXSSvpI8z*qS6zQ#4DBS9K)C6EA-0$+Uw>Q$zhsIA^YHMz9Iw8FzI;it zr3PQ^PkliONze~~!HOM?fWg85$5^+N%2~)R87XOWjQ1X-2GbN-cL`lrLuZ9jg<`Vc zX5Xh%_>uXLxU&{UUx+NmSz8!#(3|AGcO|jhgDdU<>L&?)-^#H$agd+aW_wrWz)81V zKmjHNz*kMd+v;6v7cEnZR$R2LmlwE~kx?tXMp-_Va=|y8wZ9VOv$amtf_sw|q4)E7 zX=^LynfAKNuOqNrcm7H`peVgDo zA@t7)-Coud%d9C2qV%hk2;)~ab5$-9k2Q6z>nIMaODGg26>ab3%<9@>Cmz4(#|Jnz zEo^x$*5){$*CdlGC7<+e>c0fkHJR6J_9?1}yOc5=UkjTAR1>$jU+#U&H2d>0IV#QV zy#&I{%nT=>)sji(WKgf%>HE13 zVB1igwr|F9vQPj)Nv2ojSMFF^8?TKLks5)_k@kv-|HpTke|c8-p}KRKV5Px`*Yu_v zo^co_+6tpBgK>?}NOtyLR@BO!8qB({8mUkM0b8s2miUz1oiia5au~&FzH~8tCgLHJ zyZbV+(6Or+nUp`_C_mh?v9aT*Txl9nWg%+Gksjwa%?1gdgzC&cdeuy-m8&_=2XZLn z;BcF|n;y0#2G%+R$iI@?s+9www_|ERq4-AQSJ*w%t!eQs(5CybqDnT}qe`t=fG!G+4f>l{(uYgkWkNr2s`p$|__ zJ&$WR$sc8$kocb=~jz)_pSJemk8|@a4Bno-5NgSm;ICA_NaMo{6ud zmy@K5E^qW|M3e5iSbZ!<+-*zaDdvLV-XEhTvE7s>-`cY$v(_m$yp7t7l&c}7QR$=H z*tU}>>$R1KEq{gfvQ2O=Q8+8!ijLu9x!ic&i*FqR!?S0hsv6H%u3oLT=>MuUhe3<= z%pvH$>K#LUg7$2^TUN__#Kt%WVV|0=QA3np+$;ludXpx6SLDDS0l=Bz?(|^m#1x>i z9fsWnuRe6Ybdx$0_;>%*KA+}K&J8ZEhMnn37n9VR)ify*ub7yhoHTVJkB@5D_HSql zCreIn-V{Wvr~TsuZ%i#@aQIf>H3E;}iHU*A8DB~Be1z?(S;j%5*TK~<8J(Nz*;)b& z1PVk#48O#oPB#Q!ycK~>s%I$?-t76;MGa|Kr<29LMLsG(7=#V#*fV|}q$>l)C-8C} z4n9zAi-M6gn&ueQnfN`r7<=qj>L~af^>dPSp8StW{XW)Y8cs`@fDqc03BOb$QE}k~ z1J%NVd2&|P9-u(hdRRLc>OF-QVzPX-Z!c$&Y<*0~UK{GPJeV`SZIAp8OYsv9H4xx* zt5IL6E$HERQuS@euiV<{pK>ua{%VQdtSr-cKz76&nhK%dsB2msSSOvFHalYwwuc$q z4pPjf9CSp?`7z5MNR)JQ$(3yvMK@z|nUSq0<4m9Xi7`7fmH)8wP#-z-&61Pcf_AQC zLKg{3gIwh=VSMchGF^1j-S9C~`_Cl}>ylJs-pppdc!*U1Cylh0d>ej&9PFuH;kVm+g2=};}H%^a*;n8+l_X~I1BEJyw6OQ?bp*^Y>?N_Hr zz{^LXSg_&Y;}=;=1c~5Nzd+Jjub@bA40Nz*kBc$OSl)oPUVALt0PxA`*7dLt^COFz zjLgVpxS$6hdUZbXzu2cA=+{S_I$YpHsIDE%r+7M~s03cL{dZ+mn>@5F$y9Se$(pjf zwZ=vLb{Wkb!ex+Rdq4N+_&YtdgP3y1C+AkJH=usTjYjm4Lxy(X{_5)U!-;Hdm#L=_ z(FSpF+wuab6u5~wewpQm2)KE7&Dz3`CjrB4sos4)O33=g1q}fa$EFxO_-L0LkMMuE z)b_4{7C_vhh>a-z0P~)KawUtj0mM&afxESdEHUfm^WGt*wv-K|D9?32Y$DI6b6hr~ zCFk8#i2NYa&-XqP$r<+Ib#pWTDZS5|qseKUsDMsyQ2}+{H-2h#D#dq`@vYUawflxZ)|&o}7zAw5X#zt=#y zjC9{oZOM%-OAx#`wfL{I@qB|idfx!9v^tS7k~btP%|&dl0flhWd%ueCYgQKnu#>d$$B$PdCliOU(W zmkx%nAxt_5bf(`&Xv`pPV;fy?FHbaDv~hh@RhbqZw7vZl?(R!-Etj67LK}}*W+HQj zEQ#nC&lT6W36CNqDypMwVr|$gLO3hs0%a@xF9iaTyvMwhG=vXJyhW;nIW)OgnUZjAS|xyj+eE`(4gQLSZQ?|C5w z?q*OVvn1-6vC=xBuO#%Fw0~IPx6ju41y<-vnsGU77UpPF)kHgoil?Nb?s8ss_!QCb6_O-|rLvTmx&s_kk*?rUZ*$Rs8EkRg&kv zLt4I733cl~=p$)s@P3{3-pPN_qVp+Nk_wZO#Gi@bnwfv$sz^1q|9vw^@w#z1O1WuK z#e~SE50#08mC*Q@U21wZn!fDQv86`%<|H-2e-dbnpbqUhUA`+H9eh`Pu=xtIT*?QV zi>-lE#yDd{{efFq>!#)WyU`(I|3z}Xyt<0{Jzd^TNbdiQ62mk;xjVCBr}iVyL0C|# ze&sJeElw3>rM~El>v4;s>M9j0F*Z!|kc#i-=*}&nFlL{K;+ag<&}*=iHnb}C@NSX1 zCVMZeO35b{R7InO7vJ}#(blvSDrXN?w=C+;bZbce$&4V=)lZ(#`_X$Oo!5*yhw{h% z)gSKj`rtwCksD4v->$&w(1~?>@^N(2QbHUcAy|V;CPp)c3srHTM~pOi88qLk(-=##4aW5G-5SK zxQXtS@T1J^2}0*7$q!mFLiH3r-fNl}c=5MG;ghWEj7FwsbC_J>{CgX9ha1UXHtGZ_ z1Z~8L0!VFstMb{88TFFUF?e5}iFtjQ%g0)v{bKQ>w)zL&N`H=lRfFEiX;wd_(aN11 zRH-CK8X0Vm>YU5ZaFCDe{Ni2GHd?goiiLQCV~xDMmXJMZ`G^DB-yJ}6x zcWtwo5IssIhmr3x<<5X zVr{M=S6?+;XGCOJARVbi4;s#76sfC_C#3qy@Aqk9d^|$>HFF`~Sv%D2s%IM?;0Awx zzu1yUgzp1lfFne~3nZ5pYU=}3>GX_@X*~7^K-HKHP=yTuBHs<^wX=b+P+%89?;^;HlVsZ(bksxmR_ZhWb*`G_dCRk8}R<}JB&a8%4bhj?C+gXP{ zB7Q6Q`4phe^Ru!xSAmT2UoetO7hu?iTnpKJN&dI;AnqBPF7{x6F|dNYDVg|X&Ze9{ ziO&-@@E>Xg)UVht|bKp1^M|Vv!z-!H8q%+m{;+WF;!-NXnBejW9m&rRwI5p z{~Z3WBCXJy9$k$(tCsU#e3}X%Y?gUG9|j;33)mlEJm;|c>BYzyH#Iia1Bw0L&1(xd zpQ-h3BUV*gBJk$MAyU7>bc*uf@f@h@sQC0beY0BfVY*IF$Y}nXbm;=7p8{w`xBA>pWD&t3%(f6_E4QyF5VI+V*f9Y=`Ossk*S}wOe^@VvG}u z)VApyG}LnwDo7gjCffDH)*RU@7K4rox$u63*~W26K1-)iL2e(RKX>avy9m8K0sCvV z$b~gmGq|)@fxMYTor4#1d;T~TAxf1nl`a2|C{PD>?(T0Ou7@igwfR9BKtT=txF;s~ z0OYq{$nZjg2!a=_nnGV%fjCQi-!Jw_)=VBW^OcsY#&XC|8!gUyb0dZ7AfyY5l^D`) z7VP7S+)Qg_tn;?1^eih!7k*$`bBdu+(cwE=$<%lyr7Puz%yJUelN%@gM+7!7td5E& z1$^{xoZ{Tvo%23oLA#w{W5LIHYmduhpcIhw!G`QP=W18rmU}R->OFam;yR9~{H5`w zXt6sl*9EiwuApdp~yTc|V~VjJTV@uZRA1}2omXURpiCg@|BPCn@}bIsO@ zq~Ig=Bm460SzJWEDnM;@tiJ^)%f2nT#V_pJTjE3e2AT3o{gXL}$3C7kon8!`g1Mzy zEB7z4wE*-CxP}!i-h1wWFy7Ixx}$5wi(3{tkzT9c>Moo!Lr(=Z9>dj0J27^5WAKk} z<^iB_SWuQ{@r5adjr7r>HJ!B7d&Q0bE&nh36t?7R=v5u!`(FC9s&7Z=uc6A(2jRmB z^?aPJiTU4>F4r^hP?JMu^vYcQ_|3IPPJB*a&Z zp4Srf{bnEl)U+FPI`@N3r>(A!$91Q36`Qwh;Af!L_Rojx7spgpXxDbE{hanTdgRqp zNka49F-q)_{gdc7@;ad|Jvooc3VaIB$AiW}AuAfK?@1 z1JSEm^kWZb)}}x`WT#rpAWg!0^CzA|Chx-HTxXu-`NJ2Q6#$CVM?kez0qhMA!GRRs z%qM-VogZa%SXxu^or4ZDlxp+qR$a}r)>zZ{xTaJ?Awep%6n3uo$%wRT%n5Kdjae*{ zg;*8kL%oGT2TrWjL`i~QXEcI1dcSujlsI)AzA9;Yv!H#}kKf2xE}y)qqlMNb`Am4y zeI=Cn=gc4H>#F2ZY9_Ei!Sul)@If& zJRiZ*#Gnc_7lmVIRI(q_Z98@reQSY1(;TJ8G02V%nn4l}sYamO*l_Srt_)1A0@O9) z{6333uFDDtBE}&^qF=84`=I`#;!f)UeygvAonwrY% zaP+$^X2$X(L}VmH+A-4stSJM#r?VS*+#C0W3z{qy9EnbM5S0<1FdvxkY%SNs02P?0 zj<}B69RXeeedH%8z9KYJeC|0Fb;Iv9fiv)l@koi2(XXwnP59PM8TpBvEwSIMDQZC@ z*mdUa>M8K{=u3ZDoFr1sdUx1(#O;b@Hq2u0-xgjv%TpB+41H zg(>iH>6~%b1!+Xo6c4{yt&2KQ!|Eh1tD(tJl=`kXIqKkRR#i?;mF7xpUZww>+>VqQ zdFp$ltDsxha!gQUELMk0J`1Kqh#VrZ^&AoG_xM`u9~UbSLq-=n3gh-t=b%!ne$^x| zud~Bv>clqNsth4%uMLj1m9*>T1^^+$#c|I7 z|0yYZvJqq=}?5#~H=~TkhvSvOTh-EOZmvWBZrZ(5Tqo3ZnQ;lC@uFIMc zUpzwX&!-k_$I42Gvl^@X)n@(Y?^+nnRh!t`a_Zr)5r)SH=-P&3>Tob-eF?3`v6br+ zNStljwc`j;7#=(qQJEPTq=|2Im7Ldp!kn~$J)9wPWgYMjte9aC?taDfv;}ay+ZCPB zasujqS0hXVHGgAZl_~(d(z+Ad*P{vX)s5bl_dOyPfwZNewX0U_){%bEAL=Tkr{~%cezvNu-)_Wk^ zW);p}zMP;exGL&6i86JmGfLe&ex7QQF}B^a@gl%|;E_JiS4K{3Pp z5J1cD*L3F_!AyfOfl1NuuBWYgmq0OkV58}#wa!tLCFgIo{o0SSYN8!znyngRMy`t6o-H4KC)}g^ z{QPV_TiSBJlN?X4E(~#L7k~ZPXDH)wj!F;$h?(<0MIMFkJ6wB*YObA_a7i7giS z&%%U>MKxOc@rv%O$)6g%SwCm@O8UO^jy<>x&>qe*Gor*(jcm|YwWeLv7Z*|UmUG+{ zs+MFD#A~o)C32S{*>B*n3B)DH`*&lZeOIuKPQ9U~&|FA$fLUCNQDPHcuoZ8S3%~ST zXvih<7*#ez`$rrUytU}^Es$O0YlSt5p(skS1R}9a6^ErwO3f7gIvXW-Em3+$^y>S- zj)jGVT-nq{)2UpbD&_{Ph)rWRMFXJmc8dGW{NZd_ye(%Rk5$5s?ubBQn|0_W2}+dG z+nPjLrAI`%3Ey6vGJU_r748NO?%g&|=e4Ok{+eh^|FTk$zHFs= zo$5oJ;!I6;iF5uiIl9ozoVECUMK63Bh_-GH7^eqC%sh1!ia_K*bf#+l%Sz-xNC{!t zyu!M3A;htYZhG<7ist0hBW50bhg`+LiSk}{A6&HHQX4C;O!Z_6{-x2R?L`8vAmwu` zQ}`)#(>(OgqICP~lKTl$grWC^KZcw*66R!xWUFtK)i0+(Oo{dMG0v1mI`6+Cx_YcE za)n=rbB0LOcwDM&o5pWWgD3l26Ea(T{`~tUYT{v}?iL8uie|y93E8w_ThVSL|Ffb&-5sM&`G3h*Ahk1g zR15|aB0Mu~lD}eE<}WE9XJKELW8m`5iA9%u@c=jcRXJP+PC8?{!_05x7nM24Fd%oT z!K!F580lh`5V|pbu1MDUvX>$S3Pgvn}l(fPN&%QCtQqd;@qscvuam z@P0_Yd*K?8+5xErz6bu16N(BIWp2#Lp&2&{hWFco$&VL1EA&Y(gEdI0XjWoUQpOFg zMRsYdXpt;z$bMISk(>ynX%AC+&X^5cwTUMF2bl1CJQ7Y*B**ar_&LJpB8L4cP znNg<8+6;A2fp^-kS9S``(160GAd@!R`VR}bE>z!*GoJQj)RKY(jp^QR>S0Y%gn5U~ z-6#o9>4U{DJY}7KWf*w*F04=jxQ0Li&9&mR39Pt|fZ?G&aK0Sj+WrVxnKZmg=|Fo? z5;%33h9c&U5B+sStbtSIRCAcEj$u{pIH;2vWX`;B*N|Ze%`3+J2g>$#bE7+G`3nlf z4jBzb1K1^wwrcbZCl1%C1d$FmpF-y_x3u*1?54E2S#o~p&^wXRipPeDyE?L~^cWn5 ze6_ocl!dDz$D&iE3Sj3yVdU~_uqfnA=(n^M%?Tx=51jsVuT3+FVj6{ah!pe4&~IWu zfM=25?A|;edgPp-bOLr|`0+)-!>i;^x!rOhU?jwSF5|3evIQjj%&ID&#>1_iSxpnT zsH{xtUKEDwi65ho!8yN=q7`l~agdJ!Acl+J+T*XTSMkzG`cWB{?-pgLS%Vu9w4kPN z`0iy&pE-NJNqZk2e!)6nxReMSnKCT0_5AxD~q!?bE0HtF{ zO90930NTeDV5W!k{ixF2D(mZ=fF<0!DR!eVG>VkKBD_GhpIubEoRtXFPSo-yY4Ox+ z;T#H3jb>jK!sG5K^Q=Vtbx-?0lp9$b_2NreN~Hd_F9(V*Sz`i^#eC!Eo$r`{;tO#k zjKEQF33I82N#7^8<)RT2U0#^mb5L=O68$$z4Mx!@p`S@T==QzquM&|V&lS|m2~Zk{I8mS4_vT1FwylnHi*X!Dc+#ug~>2;UzlMEmDEPUx+cJ!TM#X(Q32X zs*mw;Bz;8gbkVfT+LGOo!iD^U{^xzN!}kIF)}MpAUj^#_OR(E<3?kf73IT4pdHwqj z987$toRmVf>L#yv=0Ko5R8$O~*x1;S6z)r2AmKhcD<5XfAo!clS6MieQSVy!CvcW5 z%yDkbPn*Rs_!VSeK{QxO~8Lks0k%j<@h?16SMvE17p147qH& z!1J09G7-Pa6;SDIe!3W<87934{)@#rKtH6j==TColiOzF6AgTOzY~Bp4FIL5&`$fM zELHlQ>44Q8|iLAN$D=BJ4fI5_kDNWJ>}T&MHWoSn ze}I1t0?QK&A^jAIf4PHofPa3{-uyQ)&>uJk{`0>UQzAcnSJ~!P&_{xN*awP_JCaF~ zo7YN7NiZg4s^&9CI$u2~GOL&)H7%pRYZP}R+Yi6|GsL-P{6SI8UAIb=$J{Of2RME& z-n3@`%v@~`pnK}Nq%p6^N*UgPj0W*4N@5c&MRQ?Ycrn3HTZiTgT6`t>E= zZbE1H`UTs9YqNhxqCH`JFLfRdwEioa;dKdwWQ8MbmI@D21-g}~z5C|tUk-pB^KBko z8-*f*%gfX4D0tYH_5;A;VhHSNFdH9K9aQk*kEOGIOB8%|N4k}A1)0}P6XT;E6+}KT znrA7+cEogqy1x$Mnjd5j55tZc%r<5g$oM$bWR@el2TKWnlV6fsm`ab8!G@tQO2pXQp`YGWl4 zP=Bc(71^Qpig6>N$Y2X(tl8LF%QXwGZQ&(r>MOYGET|^pFX4F2m#Ha6 zkJ8~pjAa6}4@qA{8LBreQ!YXn9odhs>l8f4iqg&XJjY0lJya!TvGqH#9ytViunmrK ze2RKvw2gGtQRt&_;OjLuje;_@Rn5`fO z?B>?|X9z+m_y>+bnJN}e)0!)QNgcOn@4Zj-8 zyRw=s?#s`^T0D@Ee{)PH6cH* z)Nqm$k@{fnfm47{qrC{8xWI7`@W?nNFG02Hf@*VY`KHR3Ycp0*ECLqyvMExy@n%kD zw*XWth0g|95nO2$Q&;qT)T4?c}tXgdQ+3XJm^ZOnD*R~8dbL&_G|*zyzMVL zT3`Ib<{s|GS+C>pXP9l~WcGxVcuh5egd>Axjy1d2tM|<{>G3*sbVspC*q)-n@Ps?b z*vzxbU`h7(IUYB8cZaw@Do z;DJn*uYsD=p=soSRs#StrVUG;@dgvN3k?Y@Y%|Ataao4t?Tvcw$Ymjn^a=aJ@`~L` zWqh%Q;cC+L`5|lhzBHh=Gs!TDG$-N$qpkOpLiDOC_rDj$e>6_$xt3!Z1PtwYFp!Jc z8#_ou@qvXi9q($pU>ZifMuVH9L+2h(eeuzK1W4YF5@N6-U+XqCtf9=@)zo+ZLT zUiL-@;47tOOYN3vdRn3uuOL|oD@h}|Z;xNoaiQrTLc#ZytoF(=cYl-W>n z^(8q=ONP@>_h51R>~8hTx%+PLnp;3i%ZTqU3@GD@Ta1WxIH?$a5!|!;rl2j*cS=`3oRi29McS67*ZnY(9?+pEQm3&qnpwf$)NKT$`XlaiPW|=2RH2&0R9JS^CiPa@N87upY zGED{@04p-rs(0=pHJ^owkF7|4bws@LeqE^&G86g@AD>po;Dz?IgAQMkhTunN#?1# z9nWYJeE;;;Fa#Pp(%iRJS$b-kau)-)uIplZDnUPu?!p0X`Q}LIe3;jG@kYW{)1#t` z58D+J!T_Pyzj`n7Fr}Ih1+Mou;YpXJWesNm>C8m-oA;gp{tLmv#7!OON$la(WJ;(z z57CmKd?__$*Dq_fLgJ)bQwDuDCuQ&1oEIpRT2f9LrliE~Up1=rO*ofvJ4YKCO3*nPAXq-F%)g8!yd@a3;T{MR~Z$u7#|CQp%OBr|X@wjn#uLG)7oIK5P;+iO* zu)$n2j*a%uQix`l=*_A)0rykse3N3SK`yq|@k*jHh& z`(~Y#VHuBbtL1tA$>Ul~FQn_Xg(otEfcfN0msy~Ykl5&&zS|}u$V}47RBV7ZCLTBP z5E?0&ciE-lP*g+QCw)mlz`f7k!m?}$ zo-;~}gErRC^RfSJPjJ82kXbjFZ_ud*_=Yze(z}2duyMTU29ui%bmu7uu&Fw|kL37& zv@=sugA+Tr5mj0hv0!)?qyq-6khlnjmVkiT0F*uVxPsY!P(1Vy29x92$in@$+;A4zQ?vEC=%1ZcXrS;uAE#?RD;H@HJT{Hz*p`X~_^{ z8n;NxK$)ykj;V6Dzzr&yoqt)FuIVp8f%q8v5yI^04Us9(;mtSMZ>LVz5wFjDXwvbY zHpqM+WYTyhB6z!%iV~G{E$UczSyH-e)~PeOX~B%i8iCh4mQO1|OiaYe6DSr8`skRo zn_EdXGR|tL7+&ay(36QW-2f8N{=~$8UZIb0U;cDtb+@EYSyb1LA!1{g&%Ak;Ea5&_ ziKw5`C1%o~dst-W^3AJe>vT%Utgk`F78}dNv?6urTb;f@b7IM=!)TrUMt1-%vxwS7 z?0JGjODv1yFU$>`=CB~yo5CU8RcQX72oK@kU6@f&F#_$aopzxbCl28t1ba3SI^G3; zM#DBCR0nIDY&r4p#RuN%Q58{R9Mk_GAA@}JoB|*{_b7D#Fd|uTj-E5~rlneB``NsU z7OIxtjtP-L;d?%tiUbgENb*R-9qwAy&vh_}zJ>I(du?jdxDkn(A`sv)aiwuQ(8x7a zzrd}Ig@)}o91de)uOaGekdesMeSdaIXDXS<{ITG!^9tgFZ26bbmC#T|8`jWz&rTl| z#>DDHq(Wn_w;7p@h@?U))ZO&`Yp-8q-UWR2GFuF;60im>M=CtOe5l@O>0g3 zkfV74Ummd%U2aE6>5@ty!h)Fu;?ffw0wU<+k5&G|?&P*^$_#_Qtx;g)b}H@T(mN8E z3|;08JKH)Qr!&nOHPM>!I+6&XTsTWKp5Iqz4NV!H6E1Hq`r_|ne4Y+3469A5vmzb7 zpPb!lZGS~=l4Jk8v(ocj;lv{MoejGTvdu;}hkyfB?~wc~XHMux{ShEe$xpZ++k+SZ z0NRj{OjyJE8Zf(Xj2{l(31NA1w7u|fRe~M{nh+eXBfsgi2@`DC+jVL@GU>~n*Hlf~ z8dbqxDGyt*+K?`Zi&!%lGFO6t^CXX>M(c#JGQ|_61@xNN5y#U)j(>Zgx5V6(alpS? z!ktsx?bzuj(*(sA=TaI7h@dbWr$6s6{0c~fx%c1rV>x)|b6SWD0gj0AdxSbP000X3 z=U<=?{Q7T}Or&zQyDr6rpPRR$X~tH-jb$%CKiO4&?nk7A)s*;U=G?Fo~CO<2 z#J#DaCHS~NK5oCVS5DfDu4lc5J%KUbrfp8O3H$Q7XEMyDfIe39@3fSwP2GS;&ux9V zB0C!f3pu%bWvfy6ataS7-S7veb&+OoC)`||(cyWE!zJ!tlEiIy3He#VgPn2-tYb>=yd@=C+5{HH*LM*ao1+#K#A-O>3lZogamZEpl>b1X;F~OzkkmsLIkhMewr0Ng)#yy=m+{ zw2N^sh{kAmxS~a2WwcTEJcLZ6{4=pMd|N8mvGy38Su_L+I^hd#HT)6bjPCZ9STzmM zuS5OmG8v<}ZZ7e=+AZ%>%tu5vKN@wNkCnQ6;g@?TpMDm~yNVA_-8ky}+7LFm1W0c3 zPKm-02##33vKe6v75)ZjLf#7Dcr#0i;Y&ArAC~Om@S5I&OPvPfPlrd&(EO3%D^}N< zU=ESqJS~@capi}wqA*?3Pnq^Ih2*3_t3Sunq^biPkFcAzvz8!DJJMo$3flMXkGjVt z@Fs5nU6r85JBOur2gB!dWmnA@$BbtK?QnBKseq9D?*TyYuKljNz2{!qpC#n24+QMw zM`n)raA&-L}&)uJQjQrosN3#en_CDc2P-@BTN{N*zvKbj9p={UMH+Ug zLj@u|8o5gGU$+)(JF&)HBhR^IEs}Rc{9>_Vx-AVSQb-5~!#iK~5PU5nZ)qIv4{&7; zdVuOk$#grAp-fBwL3&R$_0aO1e%!PeN%-Zb%7=e0M3&i?y_binwcVg-R|neXy(hZC zQuoI!Jk-fn;}Ddtyiny8jY=Cxm9YA{B2m%L6DxturuZdc7ZswF+UIdMCl--13)l_2 zpGef!V%wsdy>$40*)GVl+?+Tl6P+#ifI(e%ue6H{OZ&(*JEvk2BkDrpkP(h~pluuK zJhi|TosyNxG}m|)x?YHN=B|a}%!1}Go#P646GV(4)nO;N*Q)qj#37l4D>Ts{O0+aF z-QW}EIfPyl^-rD3tgNhL2@sLgfc2^S36M_#x+!;{Y;^Yk(y5dK1~T*(V2pO!`S8iT z{A@cx0Rt0LA&dJO7^9^zn~s<~(~BBGhA6n$m|%D3F6EX{3~7HYp4fE{ll3vNWYy|1 zWbgow&}^t)Te5V9yjti1-)kY1467@aF9{-qO|G<1Y%PxlLh=Urw!E%mi@nnTm7Z-zMQ!MnRTWkqT|3MBR1#nL*d?=PXz(o7X%#4Un(w_M3@1} z0Ejo$_~!vJqx5aEWaSWJBjBg){nyiy^dN4=4w>U%H?PH#Kmiv9_1NUb#ag{hyX9I* z;SM)pg{-u>)CXJ4hAcSIZw-HZC-abvpGPSci9{=987Ib!&upSW{paP-Q9KGdAYJC) zFvrnb%6c=iX^-@2s<&r*J1tx;SF~s1*DA0^ooxZU1nhZO(aFW2(yb`rHZnT8w`wjA z<(Bchy_ku?a1`5L&FUM3MxtF*u!7fW?VY7Uy;^_kyTBdF25YT{bcu6{Zq9a+-hVZc zsh%jlPYfJmKqdKOy$aUl1=kX}Y+lQm{4mt6+5r5zC{f5EzH6Wy{_*WPZ&T!dapuYT zNAqIaJ!GoMZ9I>u6*D0`fCb;g9;djxK;hWJt87uWxu>gj1Q(PFiWm9VplqJB=u$w} zIw&=!oCJb4Mfw>Jmc%T-Gxt;~k(ZHju0ZHjqJynf_&c$={b9P~P0lUDp+^3Sv_F1_ zbj111GTgX`<8a!5`>VKpyjZn#@`FREWc9B|^x84TXP8KTDyQH1SPkK0%>mMd zwy1FCiA8w}=p&txVM>%L`uw?x1s^LW&2f2>=a%dMjxp`pil`n~0~0s21D3i}%xAf& z)3y$F^i|I}Nr5dFzE~x;|bM?&xPzA%}^CJq@yy z?VdYVAINn;zm1xap*Ffv8O;IfN>;5BRlbL0U`-`V-2o9S$G4~h2aeRc8;lEXWZ#+%OEkFM(Wcw zdoEcogb)>V0AtrXuhFz2hggQQ4`c46{?`u8ugVFD0b>$+z8H@MU`&FWGfeycsVDx} zHf80^cNGVs);K_zabF4&^%A@6G zNB82_>xW>6*==9~eYqrj;ty0~Pl2oKegG^|aLPZ2r}9xxV0=oD;cqqF>S`xJ4%?iO ziIOzG?XG9Yd)BUAJEs_d4R8^?6~i8hal_yZ1=So_h<*BwlLe`?51vd!zX8rgKM<+Vj?0U%&^_X;M~ArAh*PC%pOc< zB=){s=25;3p${k*@i*Pf@H`_=-p_1NzO-1)1d_gZjTgvGp5blX9GhD;%4<+lZ~;CK zx?h~WC)wt>*J9(B?>DEBM=&gJ7^O%DxX`DIr#Y$uvYgRsST!$v_VYcqQF>S&(cn}- zofooIKP_2@=6V_p?$!DYaQt<)RR#vET6N@dUp$~P2PKb9M6KP8i}Z*S_B40YG>b|K z;hM@Tx#N#Y4ToG%Bre&~yNfrEOy8brh}@)nA9X<Knb zM2QkN_LjE)UOjg}^{?1I@egB@YE=Cn!sgPI_&qA;(KI}C?HFf3p*zVDkiw3Ip@y%) zqQ}5+B=(2ionrdeGa~{Pj8y)xhyClVfItp7S``5zY&O|~fzPqKidG(oS=hJxfS6#u9h`4Xhw}vNJ8`SS*m)gNsYg7D47&g8}Spl0%fxCmj+Bk zGLK>PvsA+=bxue!2ig&fjKfq)<^=;e215XO7j|HQmP4e{N_Am-&BRT0*fBv_MExQK z$`lpQYvh7^4IU*ophAF~jlbSpE8i6lynrsdf8_7x(N8~oMH?BuI|AWNfab4WSB8tH z%VQsvgTUX~e8HQ==pV~$=^i0CD!l1`2Rl|p+`maQYRAYgS^U;iCU-v>@ zG9>aF+{yCvp~aq3j%xxeR%wQk&}C&hUurF$I~y7$RJPwpaOcgpcTRG`X2)~b0=mcbKgho|0>_;`{uMNUL zs6^ovOs`c0AdIjC#%2%OvWzm-ix`qCq};Y`|5#N^)P`WO$o^VCm_)$VkCgxy+1_Bm zyA;Q5N=w91UUAfb>8nbwLuYT1c#ydBS>y!MmNsA&pKBM)2e2bV?5*s}c6`jIzjLF4S1 zI6b-JD59e;p%^=pqbAWGSL*8OA496`mUXfW5c&3BWhY2bKvI~S_w``tljRKpUzQLL z`#-XVknLzhHa~A}@~0k!fq9`(HM()|{M)!@P81*3gD)uXeE|NUg$9%FDysAB4%2`t zSj6Cc+5+Yizxbs+3%qQE?6NaBwI>*#3!K_Asf}-)Zl}5};PXV@;fvv=Z?saL$EAPR zAlh~f-~+oz5kQNFkvh&PMy44V$CCFHS)|;JE18U*xN!LKx^={@=Q$H2b&X+ig~Z zgA0@p7YH|5bf+zprk1-&dbZkeUaP}2wc4UG;n!d35P5Ld=` zL@sk@8zl>nc|O;d>tErTnbHvj4c;~AmnDn=Atn$IbZzR1qm-<$m(Ri2QDHKn^lYb% zhNo|UR7s*Yz}d~mPy>|EP;j_LJ~#dOpuw#9+?+Ke_&0lMlh`k1y)P$>l{J^#7W5vbr;LW5br%P=g@E z(wm#hp7)s|wpj{Ukh|K{0<~WqxNxwgm#nXO_1PgIBGK$kVF#}%^vU050N(Gl7UqE* zwlrHht8a9HUZ}bD--UDT3E;QO7u}$w9W;mH&?Qu@Awap{|T37 zT={Ui{o|}#hTpDty@8mN@g~%FKln5HW1?HHzL~o1RcC^TiG!@vq3WyXdb+`a{yw_q z6l6d6)1aT+E;`naRy(H?hL|{QBkh>9^h^+b0smx3r&^Kd4fm`Exh-fqG{wFKlC2=R zLxB`xe$Ido5Q5nO@E8!WP~cXRk@~}bQUD=L5dUYz533+K_#Jelsswxa7T2Ie&S_N`Yl$jNM3iN#w8XS3NoKd9?7Gg` zG(%uWlS4_c?U`_QLZ%kVIB?Ik!`|-APVCs69sG8L;#!yswHEP`rC)W*Gg<_agU^ch zHY$e80a^2{^1;ZFwEAUBd~3deF{^y*OUaJKU#225Of|g28Qj`Lk|h z({uGbq5R!}KRI8NvzlRnd#_XH@hjYo){=Ztbywz9C&)bc^DI~W-%%d(u#E-1Dlx`c zQ1vVEJN&M?-@(Y@2(GSqE8Z0>{4~_7=3WGFMPKcIaE0EJK+}4&<9TBMG%^9d*Bv3I z(!`6d^UlIy_R~`sD&_N8>huL)x{U4PV1afpCulKT>G^2o2gBnUho0VuyiLnai>=KM z)Dm4p!i3G^K?Q;xVWh_i{w81fHj$?zp3}~q>Em4!yNA4{HSawewHwOC7yl&u6{A#| zS7t&Taf^*{ri17k`AW>UEw;P{A76#^$cEPKBuhw@Y4!KgKm3xLJ#YtGDs=x}mWuE{ zmWpnMPD{7f?<#D`PvjMWkYv`UW*k#sBL7v?&?P56;$}mXDP}`*;U=r7JoZWl_NnK=!3yLM55vb;M!+2OVHfxcr? z(X%uuaFgq~SKZ6;P0qS*+ZBefufHe~OB}=uxzyk-z#wdD zsdUHWlk-?8k>h#)E`}jm+9n7u9n8q~=07M}Br6kIzLWPq^W) z$mu-E()BYp!BhI^Mobm=($U#B7*>vurSP^I?+T$)2Tp`NHqza=|F{x*qs#F6@)*sR zCTP1%OMa2gi^*Sk7txjJeAg;=>n1-PXtz^QFDj%Y{3oIa*;(K>pFZ?MAEBP@6YaRY zOHIc3HS5dyCuJomDNbXZHh+N|hr1r=o7Hn{Pkg`rI_kK_xDdkj8;XFkrvZ+tSoi%{ zDn6cNjAKNE^H1_^TMkm9X5UQ_V{bQR@Cu8Dg^J+KrB>KB( z!n3Vg7$jf24r_|lXA8xDn}FXAqdyoI!R`;S@!KifJQIkN&azK(HrrU1S4?f`9HL9n zme4F})!ptdIu%Zu7am~4Y&c~I6LoITQy~7EM~^kB^XM8=KVezo(w?xza`@b_tZ@ko zq+E41e>tZzR^MWs80!3)rdKB?7_;6#3F6pxA!^BxL0@nH;ri-?7jsmqv!ng>O-K-S z%%#86TO9;g^|q8mRakw}DqRowjf?Fj6T4%$lKSTznVsLNe{qTBW3tS>J4xVXKKqCD zGY{Yh7Y{syC{K?e;TyP~=gB$7jz2g^LB{O6eFa}` z(gH4QzJvbAh&h? zruG>bF4(+j1g@oV@ z6{Nw58Z=^3KuD$rN*Y$%*`f7=oc01v#*P?<*MRAx$Jp{4z1S|Yr9UNkn+MHRbC{On zLMOc1f9UxZb9BTEC~b?rPmB7V;TK5Ww=BLl^I4mZXJ^q>vX9%p`_Js!_4-XwDdvXm zVFS>CMsxhK@)IcvOF~ibxU$+S+_pI(LU$Jf%)D03Hx~kUVr?8EC=do~Jyk>TNoAv* zjkLeu&=+BJ^<|93PZxKK7iGJ5%)VWW*2z7~p25!p@dfFNReyu1%2uW8M7{aGT}aPa zuPkick^ehXaSwlNN{5yq*oH*~nZf8i?_O_ExmVlT*_|zQ0{7L^QUYGy!-=-8D+Yli zp{3{wvF8XLrI=q!rxLOWZoE|!8hTkf4jknY8&u(asiMG!VEPmt82cpeU z?7sm%26h@aN1fbV@{1XPYr2Be5c+da6R!Fbs;)$(wYX=C`v^1FO@Q4G?&Ox^oAs)S zh`J4glC!;|i+PpfyEoMn%;l{6M{R*Vz|4II=XP58!_*|(p9uyLAe==?V=z$^L-Ve;Aah)8XUI_jKM4Z(;W|Z)KML zF-u34!a10zZ$7P}8g&b|$aA1rdV>ZVpI9nVs^Gza*N7$R4pWQ3P87+ofbYIPjm6xA znl(C0%4ntUImW*_*cb0^VNfK5-KXp&c-UqHOXua=B(8vW4rlcV^(sW1!DXJ0yMZar zAV??s@=I!!)RBYGMZ}Ab?#t65H1y)ehOaStT@U%u$DVVHoQ}s0ATINvuSqtYb)Uw8 z3(?O$#JiySaR1VY?iT~erC>)b3>%B3Ce3jI)$^z%#s1jUbH2qj8r+p*6c&P?Kk*EG z<=RQHB31Hpjvkjpwxd$*g(Y{wGNp1|Zo(zM$fHl)fx*9Tq#oL zM%$DiTixAAVh1Lpx;MHj%%(;=)ua6VHd}v^p7Jw&eQKt!eSPIGKeL!e1B_)K1N}Y1 zXm(5U;N7|F^M2U<%h|l<(cCBlpX1J&ku+H&$URtr@WUEQ_Hr#D>Hzo4_Dmi5>VNzA#opo&Pv_2Iw9Vg!{z($VQ1Qh(LRnf93q7T zfvq@+5&lUw)Z`0I{qM7?W^j(01$WU^;bdty&M4xLj3?Ff*c0Vd{1@Fx6EyWX`oYQ! z-jBgP_D^~b_u4O6y5g1aYQ8O0rdiIKmY~8LOoIjWE_#-t=Q&1}tbzF)n2PN7;1_ur z8Yv%RWp|=Ucc? zITgTiJF)9%uk{+gRY#wTNru$z5o)u_9jKfzCY_A^z@DaIn(4f(>IUzTvClfFSx4u7 z{W}F5BG#E%K}ax=QgF;v)v(O|$V1M0go#kV;`LZeg2p#$-O;}T^y;oSioDA4+yQJr6 zCX(Y8qi(;#Hm_x->_)OikOgb(l!(+XJ zdUG5Hl%>2HdQDI}VCX(xdf8#~D`kvu!L?pYY1Dq8UR}kvjH%#5e9hJ#Ixo07H!f}- z3C~r-0UBKRT`xSlBpJ0F>!$8oFx`@sgtxYCImU2(p5J&({M|xmkQDM9!eljNsiwrI)4uIyS!SPtc;+*dnsKj6xIXTUe7SH`A)S}EQ9tHuZCu^LhG<#_j}Trr6-D1KpGC7W}*LLUGfQ=I*;90AYDAHk;^7k8CaWAXP};4N8^ zx=Yru!5p}w7LfbP_B(!ZEE3}RB^ADOp5DtVJ{VP;Q&`>WEkv+dQdqD4Y#MN*19bao znBnmSV7u7T3`_y^do!5bQ>m9m^MEf%&Ns#$@;A0J()5UI2jbC1Q6(;cF%itXMzdYb z#q8Hr7&L#U)d~%=_}h~A>E)t~*ySstt+NU=z{;p?+SDRSWpqpJ6i><+2@5qT zRP$R%>}k@Ql`vJvMiNElqA|u>$7xx1GkRsWFM)T2}C!orPq@0pror3Fz&mnfSj;U$c2y&f*@1 z!liK&!%7r2*}Fg8)H#0Nyz$A;;!7iib6TKyJh`8RYG{-FG|9XOC#_aVA2Bc|-TtJo=Gcp*8c}96S!o)zdGRS|FAB?%Mc6O8SSa%EN_jv(~Abh86L3!?)N~ zh+2H(i|Cm7>_$(ms>g{=Uwqvv0#RwKzSc_)`%VH$Hc8xH6N~PEy_yWlNc}+11SHxF z-EUFNJVGZu9bf>fTf+43Rm;>sEByk#wvJbE!}xwn ze_bY#XBMGo{h)C$R3q{`OPDDs>78Yq-KNg7R*S=qYv*MaU{4R1MgGdUh}l2s`+V7T zpV0-@y8zL9eC~ikCKH(9$p83AB*jddy&VcpG?@{63=hvyzJaH4Q2uPzA{SGQsPAQ+ zw)R_$^>_z*K^hHzc-)*G+uw3Y#&=BUZyVir?cYr|=x3G*WNE&T47LfCLcX zWU|7%7p(ASjiU)G6BaF~uGqlyF?qrF^pvYg$*Ia=!>`f|?4Go)>5#Yp6);iLw1Nm87HyBWg~hDN6Ky(nY1h1XBzwscNB%G zzM@T8R?9k-UPvyF+hwvOI63TYaloPKI$Ng`O=H?qbJ$BWC#_YL4yjbNrf*fQe~Qvt zi&9onrL|YfXVtXsntea6S%g;r=mfhO@%j72G3s|Znpy9iGFL~Yi@FzkmblS^gh1H3 zQBuLhD*1We^BQefs6nnuzn(ZLr0SH*LuH_})Oy2~f<8c2+j<{r1NN{rbafpel*A9I z1YJ+ZwgOkV$XNqvjKDfH`7=!pDx{1=Er4== z1NpS_E%Eg^&9A^sR&cVFpdoYZDX^8*?mU)6$TyDhJ-BFYb?W~j?v_jx{DeU48j2rvr zK}DAEQ5W84v=rXob6Z~>J};C}dpyYbPkKliFOe}ZM@0iV^1sIuH#|xS{qfbA`+<)ZPS}lg2;3HmXDV8=1i4aCcyrX zk5|lw!)u}0?3W2Ed-G9Ix-ji_5CikpLI}YLrZ^g?OZ4OsVM`T0g;5_>DS{@NIk$W0 zUA$|%3I+8o=0a}62FYD{NMf)Y7HQwDupw#{Lo0WGN{$k_254BCt|k(PtNHn$+#2_D zk9<&m@RvN z=Wp+FF@MVbSqJG?Ta7$rU}i2HwlEA+L;Y|erqaw_LiwQ-UFg0 zJMLJrys$S5+O|(XMi&quy?t2K_1w1cbTY55&*${(T{aNU?&oi20>~v&@w~TJ50iD6 zWq^##(8vxpUpvpDN2hwGW* z;n;kL1;U~q>RIHl1!R^=etV4Mi3reS5ii|LWLu06>ksPJ)~mfWlrAW^q{4J*~3GDqB3iP+aPaF{dU4IpMQM*7Ctg43CqP zChle%rawGw3_zG4Q-P^B>CbcwE*heEe!jQjNaJt7@L8T>@8ONtD?h+7<=S581_p9GT0H96yIZF$vO!h6Vmb;-aTvzc5;J3$uPN57e*)NhpV zdicOJrOZC0WLzn^j1tl)M65_dm!`bH68l3cx`?hZk5@#vQ5cV@w|Nc*5BhQRmc*ZaBZ^PM>TMY3m7 zrgt&`pO;ZhPICu-j6NlSB3;6L%xh zF#S~UX#flQg%KFncc%h%abERpm-^)TQuhy*tMNhRbckASh3vk_9)uJBhlByyl9 z>*Y_?4NvRt_Ko)KiX?Wh!orQQ;0k&5 zk@L*lZ7fRZlf?>cV{uJO!?4lRQJk6YLgshJVFTRB?Ln&ac#qSCI_$0%+lZ{jY|(@L zwTUE+7|MI#O3*R@q9ipGIF>)c7}5&>P!)oV8*2 zCUjn|O4J*-*V~OB8+#bfN|?D1HS83R|S4=Y1V(8!SV*gMhXw zyX?_6_R~Vu?II&x6U!BgsulfZO6>S#ClERqBT~Ly5Zr>DJly;V0>X~S_YQ4)U*{YM zLsr-6=td2mCN`a+a>q+QV_I6LIKM9`x4VjywAy$xnoX5PT1N1C3pE|uCFL8P@`?6^ zk(qqU=-ZKgd{@W!;t8Ph?uf%FikWr%DAgL}(MT;*V_eVAdIAF4{RF8sX2(gUuWdB_ zN>G*E=OO6GY1C5&j7Cf{a$?QUoUwo2ELzen9vD`PWONPTI$pCYN8-){Abr`WR9C6e+Uab5Rj>iELkzlMGSj)c(FMQYX-> z-TtY*-D45AkFn{gNrXoFz^@@LRjC#gbd%$bHMdliNbGwCF`S#oYim4+ zAFst|mfJYFUg$`*8~31>^9fE96)OK%(f;qgu_LoU6P8m%# zD9m$UZJ=MKVMTC37vvypc+U+xI-QPrxweLi$uTOc0JQ084bN{$QIl`Hr#0z@##S^| z9@0Pr5HJ}>&wKqT)Ho)mbghYdCy=LaUZakJiek21Z`G{HgG6-xck6uoI>IdzzUJ;L zMx~==SykGDyBpiVpXf<03nLYdL~KhK{eIrQ*!~?dd=CwNv?AYAzocf-TSG)2c1M}1EC^} zo6)Bb8U0pJNZNk9fWskQ*#aoV{+n_PE{D&;J<5*`ITpe$#S?>V!Xmh0z?LFy+>lCO zKyO#Fh-J*Owa`55yYtiMgcB$iS-U6@LcnlNXWWKF4Ca!hti*~$Gipxeko^x)C$gFM3KVP%*uMzt`7jfBKp#L7W~H0 z!%zE&Iv;0Cv@(0V9R%%~Ih2~;=nnOv5U^%~IWY_v(5Eui4I^x%`)5oHf4ZoT9z?mp z24o3e7fkZ+I$jYNnEjN&1ui8h8VJ)2)OQH-m&m|ZoPL*A%?H+*AvZpWOL

*}!deCcy-Y5Hl8_{s3)0Ll=-ciM1WF+7Ai(|61wAb z$LiuaZ8RuykFi8OX4AdeUV6<(C;LZCh4w76eKel~x6 z@1fddSrg$Fi+a>&H7GF0R$-;)T{MCB5}y0kD6 z`}|qs*_7Y23q&G=__|YA~XnktPv6~rY5t7gZ9e*o@ zC#7<@`)sP+UNCTfrdpF`Yi0kV!auqqaLg7(lR(N=$Q+4dh*WT}W##Q4;_lW(|BsuA z+D3K}{;o<-3xa%w#*Ha(>WiQKcxVoQm$wm~^Mjvie-${6Z1-V?ea^1sqJ^q!6h03; ze9eQ`2rskUPU{H6lJM@queiE}c(|r1ykDb|?s%QmMCvVEKi%s)U4?0TSY{CnK3PN|0JH(vQ<5-$lE+6 zHC_3Pdu&+DGne`WPmE;w-jd`3kYN#;2vc{G&`dJ!;dlB5v~y9o6Ndv6)tQ?9My2k_ zP}!=q@MYkD1_{Bu6p{39VwgGy<(=^b5aQq!Re!SYItlFp^Ki(Q5jBB@>0qXnb4A?2 z+^pP%l6W=BD+IZV8NRedxIk&*`Fl?ph_c{EHL2cv9#5&Np{S)4PEeu^ihHL{i z=|;`+R^-Z?hDP1pso;p+$yqU@mYyuk$x0KU38A(%AWD(#O3 zp$wd2r%}em?_1UPy)cLnJJ+gKd5gRZLcV?DWp6Tl*-4}FCjGFV;_eSM#(>t+g-_0qLex2UG%w$scqG#3&Lb)k>D+ zd3Wpui)+TvOc-5z4EhBPK{VuvFfqICw-!2LN3@!F6=)@0!9fCI03<*+B`73>+Wefd z#c&&OPrI7QSuyHVd|d7id~IfaFs(Ia6W;V0;zuJ0`78HTR?a6<%_|zqKNA2 zRrF!xy~F_=ob5h?ZwCK^v3HKHBWl}+(?)HRG>x4$Hcxn>rm=0?YV0<)ZQFJl+je8y z{!RKk@4G&%^{sFIJ=$|-&z^l>_XQ5DZ3n8GbNsa3OOdbmKKGtP0eO)fT07@Rdq_*z zJwN@`(JIH?NduN9fQ*#3->PKMP_@8y6Pe(kjNVI)!;JXqq$`P{LXl-z7S1Rf z1tk)i0|7OcMsWcKKxW7QWsen9q7?!8^&_KH#CL-Qi00?9cGa9Rxjk-_?xTR7!4jCf z7YYIiq|&cZS&s6CXW$VX&m0lecJmDC5&Md(#pIA_FgWLyoMoRD#3ANj1^8|nFu}x# zqUIOk9pl1;+0l2Le41g_7q!TDDi79GnEcOV$#~;x$dXmN`wF;k zt{E?+v^Z)f&1{$Ki3bzzCxq*6&!2-M%jqFEq3GVSq=|XKBsfO~z|Ocw3+}v!9&Yg5 zjVr_hOI1xxzy>&9XxKMOg?0R7fm`m`gUvr9r z1e)PYNTSp<7geZMs}hJl&1nE{`2+)O(zIi+Sl>8=E`C#s!A@)Lw}BgPFMa;MusqH* zV5uG+#291O;5`qK6W?dhzXdUGrs%xA=MNhsP{u=$ork!wn3hD~SS8d}z()SudkRsA zSD{l`WIS?{-F2dCRcmC6_u^wT2Ohk?&IO||kM@*C2bNw%P=I{o=#bT`CjITHt_3G( zpK5`ytAHZ0F0pLfdVbTa9i=Ra7q`Z>hX^Jf-EyAcxYw>P0C~d;A$#}Dd6FIG?bjiC z-~FfZ)*1cJDysKQ2Y+BJ@{MiW_!fx_4W%U#Fr;LZZ1(A&uj8F0)nm`%Y%djwSS*8W zndWO%zqV74)A8Yngm<54ZF27RkiXh5hY`^);kFU?@ny$iGl!jMK zG2kLmVXS6j@=GU!)lpe9yA6OQCS*<3GTQ)3p(%2#AC>J!F&#^Cxnnnql}yc335pjM zCOni4vR>BZo~MbDl^;aS&ru-@tW@tI@QTW<^;3S(<(+$aTi=_Mbu;qKKf`rUD{vxh zeK|IWsG_3 zVv1h6%QlM(fyV7KmSDTD2GYWsmcY~$(6Kwl(|t1yx*kMMFB)N4!rS3#*hI9D#1 zvC3TJqioI=G{BjmEoQ{CWMwaLc2H@qp2qggfelxJR70|2U^ac$Ixv=Lo&>|y8d=EU zW&ilnE0(q@6D(|(y2rc8I+bya76hE+)rG%I$5urTZy>VLBfwA;K?PAM*+205jtk!<%i_r{F=B z^Hx*RCPunjr8?$wEP|=QTqa$3xv;!MnDlnP z39Amt#A=NpkGYW8;@d*iYBg$FMam*vBrn~}qO~7p;TTiv4$*wc`3{N&*dpTRrr)VV zca?f^J5p9#atgSLanRbxH3^wovxy25W=(c_fBY0WHmz*y>BOCd!}n*4(9FpQE_aO` zHQH9@qX1tZj}jzSkL&`_TA7kp}8&?rY^aM zQOKq4ZLyaM`33`oD`Q19eQl)-JM|Pyc@LovcWGehR>;5ls~)&mh7FE(6LuAo(bHEL=uju9x=MJ6EvyUY z68T_)&$nL^!Ca(?U<~cQbA#GlF%yqE4CixIkWI)*;7S&fuxhgWb%>u|bpNFcy{#ic z45^MUrQ!#I0)n~HH=YzZbTi`!L~jzl!wC3ALm73K!t*mJ$BV0V*spgl@kKmCQ*W!p zm;GMtx7=gH&B|;qj!<{%50DW0>4R1898g*VxO}t9Z1@)!vW0Ysk{YHYFI!I-LH=tl zN(TRl#N<#loK9*Um1m&Qxl*f;dv3`hycv!%;YqIQ)iqG$L@qlJjz(2wkw$Ovc|+Q; z_8l!wHjR(}StoL@k@{c3XF9}%!?qM?UR(Jt5A{*5@5*1M(15}24D z(M8OHv-Qqur8=MaIul3@np&;yms}7r*N1}8_kDYGomP_b3znmu$H6q}eE}{OMB=yO z-Hx)R+r24;6(zMuG%|etqWt@?p6qZePSfUwJ0Ng;5BRCN-5bMYFKC%^m6YrI}`wkY=cqsvJu0V6;-J7|XepqA+#`y-FT|ocf zr>?B}gf^5@w zzycHX#pG+RIva`Tyz8D|p9$7ciHwPFf&4Fx0O0$-lVXX$lQtZz_GK}&C7_{W`Lwzi zpJWx6sWQb!jU90Zd;vt`ZwLKnVOHQ4^Du+kc*_8%hz$ZTZ9y4zfDsia%b~L`T z(wkL0AGNT2V#R6f_cn>8uL_+#SUqNP9hJPQQ&UWrnI4GJUN(l`zVSoF=?>f;p zn*8VVm_jg$N-JjV39FHLIe~bEm6M;}75?50u1SJ`06yHwgBs&t9Sbd6{m%kgn;LYn z3v5XKbNIYDB0~GPLasl!oF7=*)(&|jI=QF3IrmBNQE+^LCVrw%_@+}GRXo=Y)GbCM zPk(61B;sDz8**x~{(XhsTMP~=`5O=9sCIp2BFzsSy$Mie4mRB|2z(fSvYWLm5|2Ikiq<+elc(bE>WfY(V_9A);ZBoAmYD+0W)}Oki zoX)mAsuz)iYMk(gP~j|F_{Y9`B@(}dBDcrH!&{ynokJOj+5oncDs2}1`b$q}mGVYy z>uj?&-bRb{8P0owP5T$$uuRWmDuVLmO};!jSn7M2X?_czBG$X{`G#X}(DQ=o&e2&J zX;U?qe?Kc5@h0M@SNyv+y<$$Ct=!w3YxNJP)@l>2Q5fXZl0}Z=-+qtVF!Pxs+cUrdh3DXXZjAPjG~rM>#CjCF z!Ou-10aLSWN-P8HRjyzXvH!TLG0sI{@RCukbS7<#`uDvBD9)#qHt&w5jn+}FSbI0( z94W(!G0t;2Ip|vqR^2c)8gvIToAIZS&s6B%o}g`yHs2}glvnfv_8%o1H(0Ns(VAF} zHq|i})yCny@HqAKfr?g4EQ(8M+R8JN?7TncpyxMfB$b&Ps7Uuh5)DYvbc$)?&g!P) z6l2u#^_!J#Y@LKtoAL^8IN%mlxn^YAj@8Pg)Ulz`GGhY*kqw(W@1!FuD|4!6^U*~R zY!UV3gh^F$mqD`gzNUWNWmA;7NtrtZrQ>lI@-VVMd=AT|>*?08KdN{U%>MlspFBfetcptP z5TDqouBe0y5usz;Mn$2;;F&!CuFlnC^UE4Sot1>M7fB$H%E)4eX&*YodV(5FRcBOE zY1u^BWn|C{3q+cHURz~rEwkv#62N(Qx-o9_G4Y!NS7e6c-CAH8lh}uCz$K}0_c?Cn zC*EwYf~3NGh56qqLsL{ri_jy;@G9(MRjlY>GX{kQ0}^U6=8u376L-v8Whze~7j)-o zqG{4&3}ok=O5!r3Q^!@0x^uv?@QY{?@liKfW_lDAbkT6S-#o2Q4T>x!W!p=UgCq~* znroRdqvZX}>ke{YpqEN89Bhxyeo^r4RKNPzr1}!TEjg>`Y`re#8vJQt_{(*ej( zix99tmTI&hE}(bLCWK;+ku@Udu?NlkS#b2uSXd zFbCB?usb;YdQ}pV#WK8{<ial_QkUvwxv6Ml#x!=k{-bEroNFP8^7$!;{t z%7Z#F^9Fw*{nsgEjoSERiT)c4er3LB_lOhA;j-}Yy7lo*DEV!*Gs`yvZ47?Q5ch*gmLT)T%(w9|B7fT13E$i}{ zBG_2wcNlf>c2d^WP+Ml#4TZ}K3XorRHl%*QRQ=y!et3`<1s8v!A2uzVT!D88TEC7p z^$T>#Eim+95GU%=t(V5&7?*w1cFF=;g2ft>Xkkc*pS{QRYi*V*VCTOuN+b}QzX2t| z`P@bb&fps_4X_|~2mGM{1DsdDH#%F(56G>MLWTV%0OWp;YuDWOa(t7@jL5H@zO~28 z82@j|_#aIFWAf;?*k%M2X9z(I;5qVk=%oPBt7nds^c69(5!BMFP9HvD{r4qcE^+)< zgbzHVPyQp4d;84)Z(D(XZzlQ%1N2F9`XvAY-GzEvRefQBNx68x{DUy;U18?bI$qRA zS4>4nAz%6vgqnz0ln-+Th3pjeq2I*f-aZcj@t5QqOtOucTSBE#Y^5opRF73E!I(kd zu!K*!2^PL(qaZ%pN3EXK(^W&xr=aj8c|fH{FH+2oibccJEsTxd*5_n;1?d8%`R~iV z-D=b6elh4#`3&wu6VhC)G%dtx(6BYDgLL`#I>bd3svdpc3;)P_FL%Wh{UP}93eGl$ zVb|H>;2exH&@2tpZK3lvjaTRwWhz`+npH|_)Y!V5{7+zl?X)O%pJHU7|C0r&8EX(O zG*8yoc^l*2$+?N7AnF2gQ&_qSf?^Tsg-m?J_)+#Z`$x^xTpT^y;aOZw@xH-)9HfRV9 za)&HDM5}NFfHCnaF z#_cd-jGOA`!0yR-%OxGdCULI+GFo{=9t1{^skWTDRyT7|? zFd$~gfcBgGK_aFjqq@7^>^~i`?uxdEQ;i( zNC2<@Xf>|TJ4Y3m?SyS+=7J0KCNENK38?B&iAojK?Dbf6frJy)T2Y#u_xUP@i-~>3e-Y4LSE@y0 zHbkc0Q5q7IdccNJr{?7GD`tpEY5II>0~Q8tcpJa}cSUpy#M!i51ALgad(vlAfMbON z1gqa2TY0)3%~$gIe?DGoZ_mu+eG-M@Yd-_dPZ0W^?}!iSxjjOy)^sLMBAI`&XEiSi zXcT7oEfbSESjwE#(?yzu9hUr|EMy;I+*17*Sm|ySQv+vQBT@q`K@A;N1a0W|vr`Tu zHU9V_k_p3Uk7+5szh0#%FKWwCi}J92i#E}MQf?`CN7-0Xgsa+|F9DC1%;^Z--x2Sk zw1>!QU90(6(-W(UgL^)aG+SW0YmnhlWUxrBIGQmRdyq67TP)G9RU*>r7KfF)+hDI7 z&rdi>StYK+2Sj6|zfY_Yryuzb=WMdS_!Ih5q4zMj$rK1TB~(EJQ7$1%l~W^;31KlB zAG?(^FAhW4T>unf+T)TDaSn-RK^Q=qf+F#4YNQQA=(A9utpuHanZWLDWW)gXAPJa9 zT646V`cqf8793KnigXy+kN;V45w(HUI-L8Vfb(sRP+2x^qf_-yMv20cPQq>L+r(1c ztjU2)gkm=ueW?}Y0&4bo;eGX|0lK%Lul0z;si%1Y^Nch|NINk$6IUG^S8^=k*k&5uW zJAs1r%tT|bHB&AYd9eB7nD>zpK>w*M_)3KrGuRm$9weTTZP2?TZ#r1_RWSanRE~tg z2(^s*Qzh_EV7Vqrj|%Hn07NTI{N0H3r!BHO&7qjm~<>SX{g@=>U=!)&6-P z@m&zpJJt21k&#Nte6_`Sp~~O__?LT80JFu{!}gcMznJiAu#h3GOOJdldSA9aGD(#D zqfH4Ym4A(KHYd~sf{S3q`BU^3kS|N@N26IPg9DJ&4c%M&f5yek*J2C)h*O9uGKJ0& ztm_%Qp{xv;b)gjohBFeHb9n!(N^6;5UwP(>~bylEE?)m5Bz zdPb^44~-WtzXHPI0BrRp7RKQnSuMA2;`1d%xIWh?lUuLtWXC?1j49CefI5iXW*R#r zC(uTi`)}Xut*{>l;+%g~dYPRp&+=c6b;Lg+*t(2*!7+Fv`k<|wec)FZrj{O)o`g*6(<>Of_kfmJt|{l?fdKG%qKR3s+lZn&M+f>WT%ji z{#Ws!6wVY%h}?Ff08WP%E@2W7((Ihcx<+P}gK>PWE$&&wf$JbYf;)OIDeB%0N>u$} zpSOrq1kcCHMl(&Q%5%5DB*l@E(lvuRtNQkcU<39>e-eQ7`Ts>ne=;WE%QQyt?qP5k zi#ENO-t4?5oKU2=#I3+8{_&xTzjid-Z`p-%XYD94U~hyG1*3!$9#v*jBk;ZAL}Tvu~xL4#yg z-5Eo`c>(jylTr_s+u72jl5`v3d%@fCV2tQ*$1x}MCp(^RYOJPOwFEQ{4W$DT17$az zLt(<;JtQE3ZzD>b>5Gp%&ikY-x%vDOMskJ2rLym|#aGxn_SrZ~zr>k?t`c155^_1E z5UWcvi+&$}+VZy@)I~seGu$;cn{W-}&`u0+BVSpY>HO!fn-6E+c@v3}3K|I`kA{l{ zClVJ3)OZL7t;&2u0Nl{29zHK}F*byj)f~|C0X~|&$Zu*^zL*kq4fNndImNDknrb7Z zAk3pe%*s!H>STNP4dXM9dUOTg8=Z$dX^19?eSxxf;ZXaHRP`<=fQx-o#pZ)F4xkxW z(S122MQ(hIEOb1^*Dp{oTPpi;{=+fRB!Q{pP!Og3ooRN8#m5!e$*y!#!Z@tjDxteW z{1{{JtSC{lA)NBgin@LhKBeIBc;&MxqApr=pPpggf(+WfIkQ5Nc0@i4ym&gy^xCNG zHrHN@LSPraVEBDF%4&nrFbJ| zmk@3i34O*gVqP9=iM%7Oeu1Z-44;OV&Y^i_8!*q7uPWu48_y-9`vLu|fFlNzvoI^Ec$sk6H+(yx{G;X9>gCNn(23YBtzUHk!hH7g{{l%%K=a0XZcU{?e_C+awdJG82?A-mynviUH2QWI6=f z`W-(kMg=NTs3I|s0rB-7=Zj|L6Xh{a1UCfMct?9gk-mQH3$1-l2L;1pxbl2Rk7s52 zK(Q`cq-P~3Go_jMSp-{vZLS91we2+7--nq|1BeR-m^hZr*;@cbgw^tiTC*U52fj?} z&^Z)J*n7fOuO;`l)x~uC;g??wzgv+F%e@2^UAsBI$t=y`o)OP$t7+`Ee5PGsD6jrJ z7V-|_Q|uqiqkb_CMH=S(tGVT*`}p|NH`vz-(lJpqg`TXHquRYlhZgSlAsWNqhAWY5DoWd`qBJ0LLtE7a5o7m`El^#>M5^Xi zr-8n^uYfjuFX=KI(ZS^OD(TDPuCkcUp$c-ONqJ3$oWo@8Qx!lG;^?)_Fphp$zMh=u zwC`>56%gp;Z;r9&ZV0IV6{=EHun!OhYbt$u*>H|U)Ru_C`I%1aJ|q~Ra#8c8k(i_+ z`xy{RC74=>vBex;B==tkKRone`2>C$KC}NoQCW1Ba}8~me}pTbTE4d6K&cZqm!g1* z&O&nJYd4DM7fM8~J0RaB)DxN|+o6om$~Z5SaTdv&faX;>)-a;h6GU}SBA<+0t{XVhd=e28wTHR$nhQ=)on!CjuKax&a!6@v(U%-}T5au`MO z?0+Yclux(6TkR0nqK_^|z~)lm8F;CjG1YrME7m&z>%CDwnj!0miFnRf62Zh;5uog| z*>H0jS>*eCft8<2w^GMvm^|FTJSv6Ieqr5i+#Wc4LA>~3O4yKuRXyLRw-hn(;D&{U z>Bi?it!h$&l$NXlUc=usg`(1%zVXw}=@%N_!CRIEgkAS6dy}8~!TlM&0$Ei`_$-!> zWhH}iAYkGB`5v+JAfC@ql2%EC?*G4Ev+jS z)p8cH3<-NAVU^uN2vdQ}xc>Yb?PdjFF_Y2Lt!G)%R8SAiB zG?7S}tapa}8`LJqt8eF4^&YO%rSuCm;6`P4f#+wR>dqSb;J}r_niI6Y!{0G>sZlu=mCvgVpU6F z@P!_?C%ilURl1hrtH*~KZSH-WsDNda z4~^ZRFICXI{?v1Z zhc}f5;5m7^)o>VPRSoUw#TC0*4;!|Tz-2Id!+2;yk|cXuzDa)Qi`v zQD4;;Y`0ibq5Zu@ty5v}HWkfBquY(a+tKx_=T#6t<`Uic5k9I;Hk*-CoO?|itm$S+ zQ)GD$dvJlv4a-PNC>@7}Ek@zyadrmvit(_6*RXZ;bfUaR-)DR;Xt2*IKB~)!Q=vEu z*Z0OlRIB9KTo&-N3H^Ji|CX+d7aTe!?g;2P0d5$AhV#{wwoSdP*~bI&Z4>71dvRoo zSsRor?e0Tur&IwB(Z4==1}C^vYfNnk1}KYnKGjDj=H~s#uC;J4s4M0OdiSd?G%IX)SY+X)5%! zLX?lQvB|oNGVR#;EsqYc`#v<=OvwMaF{UjtY0@dlQCu;}nF;RbmGdp_o-Hfp_+uPw za}#R##{LPp!x{OO{ZG2VMCT?=cJK zUo2%O^ju=cvu(<*tR-;Jrx*-%axau`U)T$=A%MM6NwU6CQb}%edDyl3eA{-N=2r_7 zC~K3ggGE$M!6s;*F`9*!Ye-|UYYddN(sk@- zjys_K{1YYG@zau|HhsNQP%>HV%za&tMz$c0iUInT5nk7y?h*!GRZ~+Aig_oOeFqbt zGEGO@9HeOq$?ZZG`r;RH-GnXyMYOUSQ1tevYGU!sCCq$eQE(rzRbC&aL^xZhP?<}{P7`K#WJi0$<)W{j0%ZdFS!1onK6HRmu zjmAyN-?4zV%f#j4>jaw#5A9@qftc_#v0u?SU>t(IFM#L?EuL+VBg974AitH_bQ%oD zm=J&qgZ_ipG3KKzc+tXadgidq_h%`jTBBO8Z)wW-A?gQS|AzL8vIZ1~)j4_%91Rnr zJX!AVneIWdaWHAed+*0GVUdjgCB=szbdS&hNXnZ98hswQ%01J_&4ZT1aW*4R9mcwi zE&RQabhZD622c?bU8iB@%I%L*H^)`FmgRaSh0Jgdp)CPU#|=EO6XWXk_!N;tpADR| zjYTMtiSQ(8fsu3bvf5DyK-_t=^EFB|Tf_a=?`qnJ($-scGJ}^k%ff+CAE~N+t`!qg z{wEgJHu>sAv&dchHtSN|44(!7%Oj$zZ#B}Pm1kJdX|&^73Ba7|rFz?UQ*|HS!x0CI z;&j`w$f6vZkke2Wh2uo#v3QdN1KaG%rE`-nCZ}P&MF}rJbLrU+QUs9jGIo!mSLPe0 zsMT?v!KV1=$FGmesjyUpU|5kKqW9P{n__Pm8zM(B^V-JMiplqXQK-luK&O)H5>GO8 z{7)xJ9oakt$13!l>5Ptc*Ys6?MeyV^1Af?j)}fq1NbdZfl6z32&ZrHt#~0Ot-h=|Z zNxcxye>Y0~Umy-oFi}1Yb_kJatT*IKQto2-#+KJG>pN61`&XaOe$`K$^Vf4)o+pjF zgC**f&X+p|LvaId1Q)4sMD5Al4xmQ_Asp%?=DqBuP!aO`UvoRd`pp*W!yB=sC#)z7 zNFj8!Q-l-j$25Kq;VagXM*Dq^TavyA9+`1Jm=YyV-X%mCv~=UjEQm>t`G%EuN&|YI zN|B)cJM=c7VE_ChtAqs@P$QPlW`dJa$?!S*J8r$YHezxtbVN!WrkXkW?a2Apg;SLbPG$oLq#0wZf6~^ zfEWJ>U@}OS^e|Xr&O5a`T2=5Wrdp~n5H)$f5&ME_DPPB2shzEF(9C^+>DJgT+ja{A zs_3yQfZvqlpor`#;dJTi5blW?&=tzfO(YIWm@U#q-ivwxEpEq+r{=&2rpj{d9l z_2rRu&F!*GqnVt*76dE6cf&fjapY|+ak-7;tZYf4mgja8?rt9{F-EaWzs0oDO>J<( zzj^6+h++i^_^{8#5W0Zl0}nV;i^yvjMy&t#U&vwl@w&2VxvS5gSotxG6LJZ}JG8Xb zWcs^X|JK?m!uL$6OomsTCnIb)h1t}2F3Fb1lAypj3B8}rmW1m`{Iw(O#bm~5l{G(n zag>1k%MJF83IQzvyU>^92fbpj{#sjT9-Vt<6gKSn_40#5JZNF|n_v;h9Xa z@DfWMUa&>nr_B{NvP6{5uq^q0zfn#;DD7kxiy*=5O68;BM9>AlU&dN#tstvbIN`>% zS?J7-Xk2ZsxzptVV`869hn0yp!EEIo+3?;^@zVv-#ix-cGKjCPR@3=LehW{9 z)`>LZV*U2REm4JVYNVv7*km(`m=>4BVyhp7t(DVynNqC2f``tq;AA3+mEOgcXC&A^ zZ#LSWKHSi0ByNU!MBc=_R_goiX<2gCbGB8SFhc(AQGEwQ5}R3Bo$7^iu{dAoJJa$> zV~R!c!o5zckG-%N&HxYX1?uGIf=YKI!ssq9t@8{dx_P}}E8XUayDN|98_719ZtWr7 zpU+g2qr`scmgNLCVa2HX1i4b>`n9qANq2@nJ{@A2BS>aPoF(u|n^%-nD|(2JO6epR zi`Qs8WyGHyJNo5m$gWpOe!9uY-r^QUQ9zV(`M?;$JTU*nRO##yL=ZBBgAcbr8Mj)j zBh7XC!_2lNcTkzD*DCQ><@>i2guOXUY)vI|pXUiD{GfM>1)b)(wbefB!^w-KR30v7 zbC}MdktbNJsK(XIaa}&0;{mi8C@B}%!6hy@iGr#KS?C@X2Pn+>%*prkKKoa zd0=gRXYd|IlKn4gTG-j~>CZof_hU7WTB{2)w6;;IeH>>hI}i`^lC3v3xRBD48AGE2 zO+a=D092H_mqxAppIxu|T~J`w6YYm20#;?4$b8B5bNwCXElsUH3-v<1;m z_IB4xC%m>KfI1>29yVwYo?>-;j5@!)*5aRp_1>u!VR9juA+!zUjGQA=GJ`a&j^mD4 z_;pI_JnHy*tkNa{k}8qt6;nX-?)%AUJhVqj1DPoZHCer1bhL;CgMk29wP!i9Bh5rb zqWZ%Pu^)B3@nQL=DLCCS!r`iEHA&$Erf`e(C1VUbaZkn>@=~m%Hrsk%qkaGAKjrqO zu!XHw8$5OP0PNbFk5X$%4Y6wf{oVY@N;5_Dd-}@vaiI{y@3fZw2Bg|a)w9lEPdg89 zQgd(qIJzBi0|#Bq=Wxo(?L<%(o9MDe@$*F1>@j@uz6S|;A5k4WImG6pLgU04lIoAH ze`J}trJPP!UkUyjaZU~o8H|Ums-Mdlz{+Gee+3_4PdtTv zc&C&|7+(=2gj2DM33H*z+hA34Tjg9IA*FB3oy4-!UdWIRw52#k3x2lDH2^j?uk~>w zoTbfiqNL9_qPFS|$;q*CKfxBiqtWhZK@OM8)`f8W7f!f+=W-r6=R zqwRR*4B@;~hLt*leuo3=12vg;v-T zxGDlL^_HQzewxKnor)*LgKCYj%q%2*kkVsuN-D1gv68ft5t39rkA=YiSu^=qQvH&O zo3PIp9j9u$9;hVHDz&YEQfKJ35_#s2G~T2BN>LD`vki~?u-MjDo1pYcu7W8d88ajL z{qCKSkE9m63ERiG3cZn=*Mc0W4r;=8O??Ilvhi9BxiP4^&gTz=L2aN4jjz8_BFGN4 zU6avoc%Fjv{5&PZu&17}>U*`E=Npcj6DGVXKS|t$z>HiDn9KRqrVlOpZFa4n&;4ibL%A6<}zAdzTgfDO6_rgjaa zUfk?gM~_`8h14Rj!b(h%0L%R|L|(B}>g$T>Z1}ESt;?6#XxOIPCXkG53OiZPV2Us) zu^&pEe)WRhiskaI{&iMp-m}GS{PN(m)(;GC>(f4MqUDFI6MOOrm4t((CM3&~B5}NN zR*>S+=gJ@`g8@86@N6^+(a?<3dRBdtxkF+DfjY~?aj>TM+1$-E%;)g^%B?a>eX#U5 zE=cy+;!?(1RZfwjKtE^f4GrEXli`!0Mr{4Mz(KkEcC_z9c15WowvTmb3_JUOG8PYe z!J3kSytOpx&(f=AYUl07Aic2*uE2d0D2NOM#2?w&*@hx>_Iiv7Es@|R&+~|d7c!CG zwyIwR$t04vk~a)xm-~L2gYy8_n1bjB8+k$v1(uG&&ix8p(&|PMTX0#>60Ri`OTAnp z_pHCKfO&_sP3lj~w9uhk)3bhYf8qwT#LcWWf!!=(_WtQaN_-KntL>2L2BS?q_Vm>G zfE;3u&1sBJhoY$ihRehkQe!Vf!)GtW%f#!gUyxe@m!jck7VzsO%!hbuC+{(itED#Q z76A((d>)Udy@_mp#II$grOyXS?GG12be{J^T7zmGbROry>90?_Ks;&Bn8!`E>+OmA z!+t&r3d)W~RzizAu*+`-{6sx1)F>ls%)%kG{UcewJ3rQ1b+a$72G6rHu~%ncAaXY# z<2tXDsYt9=sKGo+s!tzErLVL(SlET%6Y0E)|D_h8aA4LO+p9G@>1%a3EfoxR{8}nD zw_UWrIm}k`O5%DY-}!mSI*ZiSWgDez_TE1+5rL$=U+fWa!E6`P9jjh6JsQAqLGe*W4nup4e*OOpubaTy(^Nc*oH@ii1t=6}vv)I^fTU z4F@h?iPmE}Z1m8YpL(oO`M}h2t#4Db9BshZF)J0iDSKCLncp>B)W zpe{Q@sprB^<(mS(fAT3*ABkv%>-wykQ5_7Cr*!e{PwwAomWwbtjOjB3D6h&d*cUD@ zM|#vT9JrCGKJrEvhKRz_tRjk!Q>rT_CB^?U3eMa?$W|p@aY;$d2I~%7p)Ih34tWdC z>Ot=BdT*l8CD%hzUdbX3lRY>S+YU7zY<28;+wA}mv8c&|UjL#3O3Y>9Wqqks`@w;( z%?^$W@Y z2fMMTrKak*PeEo2)a#qmU6X){-`vo!ms|Mar5LJWgeh6#5~S-uCP++DD<`vxHJZj{ z7KAZhYc|&m6o~*g<#C9vy+*{~zMAI|%CjB6@FYESlGBk;Vg-n|vF187oz|g~<>Q9p z>B2)o=3yZ!qWf{QhwLk^-FW7kc+8-+&7{-SRMz5!EF6zLlV_XS9nIjD8Y+F5Rs3B*4Lf7LoUn2XKd}H$uzdE z6ey{((;YqBX-ljaXe#XE*Jn3t0=cIWvxe|_Rs`{@h_kFCv(1>*mAnbc5V`wY<9gvy z0Fl~m(glFC=Jg*m=NFy0lBK_v!_Ru<2I4z2o#2Yi?uB1H{B2p)-?ps&bU3lg=s6m$ z_Hk*Xn2b2TwBoxk8t&KlhpWJ=Uv{bsv_vT8zv_t~Sk%otMKKY;1+V$l4!JeAV zTzOaBhL1$Z+2jcl$vmlFBqln%VN<#HR24KD?>Acr*kg}Ml?Uvot-75d&*9mTuVovq zi#FM+lf?$EzD52G%ZjEmr_fs{G9Llk+La9HgA>Gmx{~j5HNJzeM)H2QlFiK}qcNR6 zZ#7zY>QfqiJB(Pq*B9I|eV^92v!OiBK}BI}J8E-qs25Kfhj>V+Cx$ZhfGl%RiKg{= z#|#`z#J!}RXaO&XQMKTr3uy~(PbrqjrFF~I-uz>*QY!x{(Uu!n_+7F%%R3gyeec+G z9?N79udrUSi(^>)<%$^RrvewI@J|=r>Su=gE}4>H7!;xbO;nyh2jnZ%l_q<`5{DT{ zi)T}dqmWgi_~f+d^uCwX^s(f=7_USzGm*ZI=~H` zWRJ5n%qM4V+TwiF`T+sa9nkUXWWqM1eneq~LIXBa~i3gQEDAL!L^{e*iZL02jYmVvNe?1TjI|tNfzR%?XI^^ z@9vh zUHs|RRN>vIa2lUglC;JXuf0SZdKW#BZxIk+FQ=w16`BtwDPNmv3+O=+%LHU1?XFWZ zetI8UiX9BvE0)}1gUmhMvc*K&eCo(i9G}}&uf9M?1EqY1tIzG1y+nGYElAq~Ij~`P z%zgCZpLK>-6H0e=b8Sh_JJArRu0$HOqF6s}wSk4mcoyqH2Q&Rf)tb(TV^6WwQDVVV zEntv|Px~Tu#A|0QjRJg4>}y+Bit#gy0YwH3?0Ti?-Na}O)21`zlN7^rvH3(jadh4r zpY>s*Shr9EdC`k?YU^g*$;RXjs1qgJk}oxp< zn<-2?kmB}N|e%LbLiEfv9Ujx%rWiucg~;jNyTJ;Fa#6$%mp zl?Vp1LTaUNL>FVDI$GJ-RsGb_`r8h(;zi9_r)6e)`>WK;mefloDeT2~8U%znJ%Hap zI1~WGeNhNSqlX|z0RTG)j(C18C~XL7MqPSswW6ium}04Jr?xp$cd)ETke&3_EcQ*i z{)uolejUft26wp;e`?YhdUT6MEziuMvuv8|e7E2e(R&EH(l~~BV52Ztm^_hL5nh*& zoIg9mz=baNT~t*P+Mz@>;V3VVyq>OnJ!OInnK_~4-dCYLio!%@;kQ^Zi%1U6_0Hv0 z_t+Gi!mI^@OuX);D;dkk6f4n6P~>2hoe^z8MK**>pt8 zb+3k4ryNN{4xT4P@Kly#RI}tjc@Tn`<;vK8dfFY2$EpA86gP1Cpix04GLCA`e}h5pBc%w1;@W?TzNV?E^Z-2AAP=yNP;+i=@InAC7QR3 z#T0x;$u@8MSTjoPcaqp*gOI0c#Rqm#`9ONiM_0&G)aGI57?WUPcRhJNQDnIxXn*B2 zziBSzrbw4MpYocc9lZ45 z_-PI1mT}kN2pFi`)~rV2Grb3diyovtKQjp`vZsPqi?il-Vg*t zUF`1B>oa#V9xi((U5-^+(bX7Khq!^EtkzaBN#F$V5EdC%LBG*54=I{qG>Ro0Eo5xd zk7Ja7H{fa6KA2c4roe1Rw5KE?IvMCn+C?B&>B?fs9cNy-m&7IV-s>P@|MsA@w|0Un zR)&4JoKHYqiFhN3kG!_UVGB>8XT&#gAk!pTHK){%GiQ1008x_lmNsOy?qksBumfH#`UNXW`xSL#b&Ng;|K@Riix!u7zK2;5KMvCncpEUUE*V>Gs_%YND9DB|I@oZclC?#lEzy zmby{hlFt2u-Mk<%bs07uI}hXpydsZy&oM3GO6C}obGv9`?{EtV_Hc{(|?J;B|J zVh{b4$}yqOD^*f)txvZhG+;-P?>>+)MI#|;1YWlgFbavb_${7&UtM7^z{B+zPET}M z{?mqfPXVJ$*Pu>GDwVmeK(;ela`cE-QstT_KAHzCX&5d4{3jkX*(6L{o_5BzbR59F zJ)KaXgY>W*%)yx7AM;I$^|TzWga|U6kPo%9 zm?bF@pNmGAPkhxfb=J4GHDMBPN-U=qA$zQo&gGv6v%DebtCoYqzq#}>Y4q3bMa$LR zOSkQg^MhXqrt_o!+)=*P`V4^Ai~0~Bty(@qg=I$x#UzHO_ngDYH9U-W@G+% z8;y#|h2@pxyw?oml-QZ8WkDvrxIl6XV_Xa-T)d=nOO=T~lGIB)hY5Q}!8*Ui*M2+Ss4>LEIA(5xgeT(9N>x9?R?@sB^x zJ8!6QnY21>(LFF1?Z+iIVMr_ebU2ChDoE&HG|Yg=Mj z@(g+8`3tdg`Q6iq|8nap%zNYK5-0J_e+yik=D3tbJv}CbSPm=+lKb27ZfZ+7k&iC^~cTBM|!`{SmiS>n=b{!Svh!Yg* z1WoH`mXWyqrJ_+KuI*#_5(=7d4TfPPkE%HOIAKsFQ@^h{T9Swb{n!=rLt?A;IvPU8 zLBot$=%6}K2;(iWrU1QS$P>a#vhHh$%da>be&Y{4P-Ll6)av4^DuS%0aXB4YvbIh| zHy^ue>pK_vYR57r4#a^E$0Yrg1T^Pqgv^svKZ5c)JomEn-*W1_Y3h4T%$?bSQ*J3` zFjqVmb>JJlfru07H#Y*$IuZbXA+gLvp2ob=Pu%Wreb#%|AL@85~a+qRWMR(n}A8x!ea z$U46*Rjn`xQy5f!$tWrsuB|-~KgY%fnEBYZFqF*BDq=JgZ8SW5P5Awb@|DJ&r1Jz) z%77r-<`|Oq{E2ayA^e#__By-8oCwyoB+6GVCN5mB{v=`5WmGEFBb7fudaa%3E*k7n z;=QJ}Pc)p-@;N`_KvN%EKYs zk8d+d3)_7sDZA(iXCPg5CUf8$`y_Ue56#>B7;eqaTV$IjGBh)vjz@?`Bk4H(T8O zGq5f51vi0i3~37B5UJEG&d1#(uV@bl95#94It>MhQautV_B3%XihscMP@AzE-#DIe@Ay+ir!9+G&6acuMbo#WT{r3eGO0DkuUU+OT-oNyzYmaW3E@8# zm|KBA1VE~KFg)R|2X;=*?LaJgM^)7O04SzjG>b=sa<=Y?<`-=GbmUCc?zr0j1-Lsa zAJ7|~v;B?`Hx5p?cxF55j5>0(!B-G~oHdfTVn!jY!o~zC96>zEd(CQ%kjtEl&2Y`z z_FnHOGbAk;-^FsOZz|>Qc}ft zX4U&1cDZDEKl#$^(b}AfdOm-CJ%N!l8yXn7UrGSoKhsq+^RbO*hpf@}kG@x~KF88E zeEN&@J;&tki7y&@KBq4{WRPv1Js+{03HwRkm`G&5Ik;b+d!v+@{5g@PWy?jHMe&F;8ylF!&&$wJuGpS!C5mn&fgY>uoOMuw%v=t5u zkpe%Uhq8DMTR-UY_TJXimw1zZF`ffGxg^)F3|!o z=7eIAfyH;-{$elpv;4>RqsUorcNzK|X|d8sgUdILvSdW+Yg=>UFM=EeH+Mzv|0QZv zp69&VOlEm#JV3F-z&K_VzB0TvNwuaiVLn|IQMjtVyTxr`NQrRHK9|K0a*fH+8;mb% z>?L1b!E(|o)h897UNHFKxkpx>BBFMJJwpK>jo)?eJHf%#jILs)qmQA@>XiD`ZR63B4F&n&@{{k_rUSb=uH&2a}PFd~CfCMMcI* zH0v@#;?BlgfuwZ?O^vH;u2Wzk9K2b*AeD4-l+{{5)&FdT$-A+^Lp37v#RG&Kr3iZf zT5#jfw_@aviIW!pVeLoDLawYFM8FA)d^?o!Yhc(_6Gm!uClAI6PiaS}-;8;#JlocQ zc0cwmey*~d6GQ{%Mn$#yx{R)O>Ia7LqFHUnUhQkWl-UVbtkt43{lgd3(?y!NhuM~u zB(VENRk^$Ba?d>?Y2eDVabldqLZ*pi1O^9}r!epq>1n-@zHgwDmGar@MnN*tvJJ!W z55Y4QYp3QOma<0evvy5gWg}xZ1ve_|J)9&`q1o9LB_VIoo}QN*3U)vQh<5Q8%)QJs zT!?GU@QAl0poX0~Mx=#$^L7TvTSwqp^T_Ng8NGAkf(`Lm@wzD3HU21kTIv(kj-unQ zr&iXUTIxr}_XzJ}55x!Gc~gRE(4Wl%qofenRAUeJm> zBqN+{dy70L>v57Lx0%jUZC^TJWcXDpqSJ=3uNy0HG0_;ZY`%;jcICNUiYU>cpW=}R z-by4738RdVa#B(fwSc)$?-yWUdn5fZUdi+&5Rzt{7*6i@mEd%l4G;5HkEs?Q0-gRk zB=6j7IGP;q)bvzv&(a$D2uuDl3pu?B$s;D$>O*FTd(5ux;h`uDCdrv+Hv$50_?ds~fKlBp2 zWun*m4bW2Me+>bFxYP^C@J%eQw?g%LKWPge8)*zF=PD}0eL>!Q^P!RFnSm+5DP8E}-`Sq@*8 zGlsj+Gq&3W`0%&FjhBRlPb>c+9t5hdAM-(8&BIjU&eI6FuzQ8|-1q%x*|dHNyniu_ zS|vXjl^T8iNbyb#ezWnFhS0cG)fq=@(6SgaXV+K1Qq$%aq42&na@FRTjRzrOLspW$ zeKpDga%bV1q%nSo$Re@8oYJ@V4}FER65(G|C}TR)^A+nGb5!>!bjFYxM=xr{pdBFz z{50IOP07sN8;f%PwQ~}=T~9%!`iH}>`v+o9 za#W-)&N-N>T@v+T+~$Ivh;t%lEq`;VgDD}C%X`Pf3Jn6)7UVsghBqi1+@?B?6!OJB z)6+BiwUX#JoXmQp`TawVyr(K7ZcF?my!ecoZvDHS$OVCd)ZUL3jj#aOElmpGz!De4 z+-dW2PqB5c+{4rhKWQxMbab9Shy_eOmVDX2_lqHfCY9(jDwM+|CHAy&&1unU+6Ltz zT5Y`c)u*Dvb5vj02ZBlOquS3-Rvg!4zA1HR;=&Wx+HS@~m!?%1yQm@W|7FEm$ghHM6WxYs!|ZCew#xgwWQoq)}1HPBVhDF018 zIV4gSK0aMCOE-#nM%2p?>pd5<22{EcVaF~NM6`krklU_Fu&#kW?c~&vyi9BrIorA2*`uyg?qLpz93IoRAMZ1{ z%!!<|#h6aSg6Ec8kV%y>^N`YTcrh`*w!DJNv)pu6o9F^a8d-LY`_aU`!zbMkL$Znw zJEQZurCP$=JNo)b7X5z0W-^C!tNTP{)}iL@uvtIeS*DN~o|2BrDE%k98uce+GxX?p zr1P&FT?RHJM`j!Ca?62Wj6fo-1KEQq2uVmGI3Ts<_)bgbc(_|%U2qOI)!C)Pgy;4+ z0SQorT?N~+cd3`h19e+hGI0*KnbW=kABCWV57JVFmC(|o``8Uy3Zq1bVVUTgiFZjv z9JvMkZ#$y&_k3mj%f+C*Daf&|J9Sr5s)&!=sUk^qS7br=5BK`5`Hj;zJg4L)I7$Mb z2DPC%iTsY#d4L-Q8I|NUOxiPWbV(vlsp;i4j&V^j$SV7mFpk*sRMm38Vn)nla?ipR zu#a{On%};tA#fEitsUrYp>#!q#XJSWbsIp1nX>FHbyWZG#Stt6F)I%KN+VW2{}#V8OXH6;^r;U!ekLP-SP#8%ermqrC1h0-^X1gX z*uvZWF}sRUZBNyVzVXRexBg3$F++#Qn1mOxx+mv<-f@#E-l}aa7kEUhVqf^EYql$e z)gs+k?(2|19KWW`{PdQJ1M}!JI{-}UP&HurpB1T6(Z%OTFt{^c2n9t$>g1rq>SN(Oe?OH|R`w%hE zg*tI+pd9Aw$za?xqHA-Xp3*y}02uyvaob9tc#$tzbHCK*v5Otfi<))tBws$>HcsL_ zr9(J{8NXyb+{+nH^3!xk5;yrtwaFt^i`M%X`!YfJT^hrG9o z<>C!pFu=J?tdG>bxj?nO1xQ=Jt_-W9;#B7szX!maH9dO6S*(m-HC3D*%8PYE`PUfY zCUdRX^de!_3o`2+uj@0reHXX5n_Bgt0e1xX5pSxRPWkfXsPYEV$)xxvfy!Y@D_KRx zn}{dtB@Mu$w66`-7s-d`r9AS9>28`U#}@j(4TMYw<=fDv6+E``YY-qybX_k{q}Lgl z_2IQ#U|zZF`1nz}2*i0w@8k9}EbV*y>_#ydm$W?cvn?AU+?TL_6(Tm9p*#ENPBW(2 zXc&j`LGf5NQQmgla#q31@x1q8$L~!b1P#(uvbR95vU2Sn8ZY{s4ivH}DT^%8o^((; zyw@AE&+;B0*MdX3=(rnCL}F}WCz-FBQ=B_-&H00tizQ^4FBbIeBIRascZ^3`>EHjnRWq;uh-O0`RWXR2 z;Uo6-O#iZ@ZBuo((tTJ4QtUV~eAZp2eyKh>9`0pDCM8v}=$u-q>ZWCGxp5xdxmBo4 z89_u;Bxd;i-q$u505;&hz@gP_^t7JJ-M94f5S$(;E`+?+^+BksSRHF>D^q_uvnub(YjVG%X=D6-ProzaEVZME|nJcSkfe3bv%99?k^L;#1A$7QcmlUQ1(GA$Xa zHg87lXnPUZ{#-O*@*tTNWHeEZz2=PE<(0ezcJIA|Qh%X49A1#>8Mc197USxjiaZ&0 zj`?h>I~T4+)GuEkSK>$>N$z5l6MF1bC-%@ro^bMA1LYMT>JH6A<|2CWa;;5xywvBP zfq>PabdMNtHbziCF7t3*nxt^U{klb4=6Ch7S%td&H8x8|uMAN#+Flthd5A-Kf!2XG zKP)A5>ClI>SrQ4i)Z?vDZ6gz`B|;{5WWHiFHpK9>;CMky$e&)1Eb%wX1WG&hN;P7O zeTfiEdQVlq-Uw(xuWs9%^{_6m+>Gwc&3LT15)oK+-_Hyh_-@U7ftf;HFxLqiJdahC zjl6^8EQi}TtaF~}5*A2*WcVbVQs29prMvD&Lrf_wWoC|e*5xELeYgmy?z@KmQn*Y+}bnN%@LSO7QCroHDg82XHU4DcqlO9>wXRO@VMceqD z_yWV#V^>8ouHN?%IHJF)adzBy9k+b9^a*eNz~c)NoDNN>NMc*hBT5r62bqS=P@d7Oj=V_6 z(F8R`82aI)o*Cyl7UhGb?VHJQ5!dlkWMKM@%@74W#y_^J)Sj{PHtQpLy{|w(-GVXV zf5Yun9mbK0s?eXH`hKiGI%b@EgCCshg}#{t%DHt|oQ9Pzs(}kIi3dn*W|)C9HN)n~ z{Bc00(>V~YL5v__as0Ez)J#d3e336OEE!F7;p|*zRpntigqxI@(|+N1G}Sc~jtL*I#S8UyKVcqt!-^c2Zn4a2xCB_2(Kd zT{IoRD|t;J&nnX9X#XW;8_G8vxqoEHZoglP`%-N&CN>&_Q+d&I^oy~gwD-{SY(!2h zEK=S>PbBO^{N>YK_?n>rEuL%Vm|}dHJ9JT#87+zjHB5a@V0c1FYwl5PMD*5*@d zof%yaeERbD=Uk_Ktnm{F8nRE8C=YhO&4oj(hh$9YOEuq62dI+|L~G8Bb^G`nrY7_m zLbHnmN+=AP^jjsUFhgpt&FoeRO*5MYA+5b)0g|Z|C=IuNXq~icK1R`Kr-Bn1J@GPM zMIs^giI>d6jP6NflH(5-qwR?j!JBfw-JcH1X{N1_>A9(ypo(4PVahU8Y2`n1?&9DP zN6S`Nxnb}Q2ufDw-<&)S(ev>$ZLJ~Qo2cM_MEq0l6WRkCqZeZ{q(2Vm()_gZEsgl0 z8_T3I`tnDVa#KiJ72n6NDLE`pvcrRee#y&*o--ZCvVgX5?R%`#?{>Ru4Dqo=R2sw- zmOu_8CIQ+f>r+9>DA_E9e@E!bbNx|x!?tC&!H!P6n`Zf^&xuB_a^0zL@Ulw#7LaL);jwG&Zo2)i~Vw%$mLslS!lmA$r}9@yJ*eDTvX!SLyUSy^f2M(1C2M< zT?%J17nq@E-DVwQr7r3NGM-YSYlC80SxaC>_Jd}xGJi$2La5TP?*d`t_q+2(?H&)V zoP?yEL9e!pztZqEhdm3kuII)QX{JNGaFw+;S*z}?ltrpy{POO*KbsKWpANxf#S-a# zt*(T&y`BEDlPxbnv(fSWIxW`1U>)mNpbT?WvJ5x+(R?2buJ9`6MVgnL2{{-Fewv8* zV8wIwKhQ$KILgne0~YihTjoQD#J1_i!av{bjKW(92xKShtUc5k(EABlo=IDRZ7k@; zbD`IRpqqZ5goZ({%1R>v#87(?RJrj@($I?0;WbR-T{EY$k9&~RP*yQd`4j5uS-Lt@ zp7N%YX5yfvwOL~6`ocw*3KLdS3=QZSDkIzSaoGC z2q9$AC6lKP4=@xraX?_ff*mE?Kj0PJ;3}6RA(TM^P`U~am8mul!BTRzG?a~r*pvt1 z16Y(nZ)~jjzKi(5KedfI2{J-Qzcy=(BxDJaq6r4EDD-7bMU-(5!0 zT7IcL!wDUi^hnMj#1P@xegK91Xb&q{duV@b6_2cH^lahfAYmiJ9~bWjpjU3C`@cGG zdW%X*1}=TSo8sa-vGT%d(F6fTrWT6sK`FC@%B&vfuw-B$&aaNQ(db` ztLS`p$s4riQxlCCKskB;D=PyCaN>=KOLm!bnH)y(SGk%1pW;^niiCJzS9BL2-JVX0 z&<}M64}EVSH_TqQ+W~*q<^XBg| zL^2*U;r|WyGWY%C*j@D##lX@-a)Tgw-<`o&j5th^xCy>a10Rp@f!9#S0CUd zGn;qD1%e2MjNM`0BGpQ*+XSeK3EeKWavRL{`V9qMgh!mIdYT)_0suAb{GfEokca5j z2Wj233G%|??2;?Tzqj21ZYxl5BhOLfrAz%o-^-o(1HBJRU%Ep?F;iof#Lw8)?jGUC zA?tWXk*hq~f4@BK-!H#LjY&+foYEbz`UmYky#sSuN;mFr|FX1@u4s<^!r|O`j==IBiMI;=%k!tx^;KM z8P5Ryq%}UkF#2&^l$l?{J%L#En2x*PO0oLszC*y1?o~O^%j}a7-sAwgK@He7#~~&; z#)~=y6oGSw0w9Y8HrxL-CHY@uH2?qQ|IcLbzn4y*Q6|7Tj)RjEj`J!JJ~%j?$98FO zLt428Id~~LxHmOJz8x#rZftD)5n~GoD1`xkZTk}aQWzZ`xN_>-Rt{lv9r)p69Gf{_V;IR)7 zZmnHy1^?3fpQ3#M{iN5$sV}5L0bt}V0tWk zc=+lUzWhi54ro5Q?d|oN{2xjGrS`X==dUwx-Rb72NxyL<9??Q-%iQ1tJ7UF;Mg}2bt#5q@%v?UWPYn__sJI&{o56WPlTJ&VK4kRnh8Sc#LGJh#}=4M zk)kcTy5nD9xYmmV?H*(cBn#8aI;o~NCiWbKZ^tT^MBOK1NjSccIPxH3Vro0K(!7W5 zNVya}7QZ^ang9gPZf}6nj##+qLG$`a(S$fQm1fOseL?R46KO~*Uv>@LEND+U409>2#k5so^(p%a$_gw$=Q`Q2z*OUG0$sc+mi7A3Rx#jg zb{gqP7ICXid@DH|_dU|tX?FKAX?L+{&yF&pO$Hl(yAxEaY+EWGam;@(`73w#NV#z- zrv=+Yw?EKLyHwUDzcr~c1~^gzJ7d}Z^5xexKA*mdVPLZ+nBN|2Ky4KERBq)goR0RA znIjRhltn9ndl`|7cm3H-d2-bY!6q)0gLkO27*d|xV+aX8@ew-KJiz57!w2UcE_W*U zyAKLpIBPF1)^USIB2HNsni3?c$AB(w|L5f0K8O$5w$Q7MXnEQ7;Af`WUb{b3gr5RM zwv68h@k1t_?U|S>MvP$S`q_HKIDQK!p*k@d()rWh65*K^8X)`A3SX~78_^6Ma=L6x zQ{fIw`gtlrM@m%JCEVK9KW+U-R`$lxOm7B_?vv?^u+y_Eab}uVV#W9P>SQw=rT9 zQYI{KQ3Ar>NV?#scXqIf2au=RJi(j%-U_fk;?c#YH#`7+`z)!xUDzYFofKFsv~9>c|C&zMAzLCIF{jbKKUoC*?)JT z!%vL;#$!7Dduvff*S}!4V4A2->U`yth2{AW6NfwHSGi$(#y1ItSJ>w77q81tE2rb- zjJTIXyD5`n|CUoXT>4sQP-ikHm(zCcR1m(FnPz~= z^zF3seEkdfeRF=suod{kv%mO^@dik^+^XZUpSNNffA%LQGn#Q|PPym8mNB_Si-dFCnll>sj zd@PU=p0Au9ZepEgxu+l6#@A<+Nv?1eCf@W0W0~$AeVdOv1`HQ1S_4Ku-58;qj{Rw= z2(-L_KpCn}`3}YlXrlprncCIV|QqMuD>3xh*|2N_KIxz6r>H&Qb zvsO;X>&aH2dKNkl=g}^!aSh<4^?5lP@M;AMdovMxTf2W}?p=$bkIGM-^^%zouxRcE z^lLegy#`U>s(UpHtBj6mHNg4FAP~SATg(6`Cv;dEpii~){v}Lc>+oo6`09LE^V0F? zJAq*8#fPW4(g)*22Xl6y$IAM07Z^RDC2e7nC@{8xGiwpxmaQWdJKO+E+MiYDQuQRF z3=v40!E;fPRhXn}byI$#K5ju5uln~gtEp^2bG~@|Veun$?F(`5mKbdx)deo7cDVIU z?8XQERB>ZpQE_p{1vtVCa!f36l4}dxTS2MAd;VsZtXM}OeAks#jUrJmF7Lb~<>PsC zgL3-mVMSVLI2R@n$}yT*2XvPW|7guiZ!p~KmA~8rfRvF{$f3%(2MWtzemx+Kj`uXn zl{gp5y-zT6E}Cl>BFtZ+{Iddb^!V!1$me#UqD|_OgCCI7v^!g4OB&{XT3xPMrMJB$ zd!=M{Uw3yNc%I*l9WM_BZF*$I26s1Fp$SDf<->`K$2;NexRvUb96MfVnWTMofFshT h Date: Tue, 2 Jun 2020 00:29:07 +1000 Subject: [PATCH 17/39] Corrected "Allow Secure Boot for integrity validation" @Dansimp & @rafal Sosnowski The warning for this setting "Allow Secure Boot for integrity validation" is set to the opposite of what our Group Policy setting explain text says. See GPO text here: https://gpsearch.azurewebsites.net/#8154. I believe we should align with the existing GPO documentation. --- .../bitlocker/bitlocker-group-policy-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index 09d6973301..436ef15fe7 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -1882,7 +1882,7 @@ This policy controls how BitLocker-enabled system volumes are handled in conjunc Secure Boot ensures that the computer's preboot environment loads only firmware that is digitally signed by authorized software publishers. Secure Boot also provides more flexibility for managing preboot configurations than BitLocker integrity checks prior to Windows Server 2012 and Windows 8. When this policy is enabled and the hardware is capable of using Secure Boot for BitLocker scenarios, the **Use enhanced Boot Configuration Data validation profile** Group Policy setting is ignored, and Secure Boot verifies BCD settings according to the Secure Boot policy setting, which is configured separately from BitLocker. ->**Warning:** Enabling this policy might result in BitLocker recovery when manufacturer-specific firmware is updated. If you disable this policy, suspend BitLocker prior to applying firmware updates. +>**Warning:** Disabling this policy might result in BitLocker recovery when manufacturer-specific firmware is updated. If you disable this policy, suspend BitLocker prior to applying firmware updates. ### Provide the unique identifiers for your organization From aa516acf272dc5ce4d5d35857978a328e6b77ae0 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 1 Jun 2020 19:57:34 +0500 Subject: [PATCH 18/39] Update windows/security/threat-protection/device-control/control-usb-devices-using-intune.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../device-control/control-usb-devices-using-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index db7936986b..b8f2f1dbc6 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -149,7 +149,7 @@ The **Prevent installation of devices using drivers that match these device setu To prevent installation of particular classes of devices: -1. Find the GUID of the device setup class from [System-Defined Device Setup Classes Available to Vendors](https://docs.microsoft.com/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors) +1. Find the GUID of the device setup class from [System-Defined Device Setup Classes Available to Vendors](https://docs.microsoft.com/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors). 2. Enable **Prevent installation of devices using drivers that match these device setup classes** and add the class GUID to the list. ![Add device setup class to prevent list](images/Add-device-setup-class-to-prevent-list.png) From 0ee608d1f2e8a752fcd18647fb28fda82aeb9ca7 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Mon, 1 Jun 2020 09:32:49 -0700 Subject: [PATCH 19/39] removing a topic that's on hold for now--never connected to TOC --- .../update/define-update-strategy.md | 59 ------------------- 1 file changed, 59 deletions(-) delete mode 100644 windows/deployment/update/define-update-strategy.md diff --git a/windows/deployment/update/define-update-strategy.md b/windows/deployment/update/define-update-strategy.md deleted file mode 100644 index d8fd47ee87..0000000000 --- a/windows/deployment/update/define-update-strategy.md +++ /dev/null @@ -1,59 +0,0 @@ ---- -title: Define update strategy -ms.reviewer: -manager: laurawi -description: -keywords: updates, calendar, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools -ms.prod: w10 -ms.mktglfcycl: manage -audience: itpro -author: jaimeo -ms.localizationpriority: medium -ms.audience: itpro -author: jaimeo -ms.topic: article -ms.collection: M365-modern-desktop ---- - -# Define update strategy - -Traditionally, organizations treated the deployment of operating system updates (especially feature updates) as a discrete project that had a beginning, a middle, and an end. A release was "built" (usually in the form of an image) and then distributed to users and their devices. - -Today, more organizations are treating deployment as a continual process of updates which roll out across the organization in waves. In this approach, an update is plugged into this process and while it runs, you monitor for anomalies, errors, or user impact and respond as issues arise--withouth interrupting the entire process. Microsoft has been evolving its Windows 10 release cycles, update mechanisms, and relevant tools to support this model. Feature updates are released twice per year, around March and September. All releases of Windows 10 have 18 months of servicing for all editions. Fall releases of the Enterprise and Education editions have an additional 12 months of servicing for specific Windows 10 releases, for a total of 30 months from initial release. - -Though we encourage you to deploy every available release and maintain a fast cadence for some portion of your environment, we also recognize that you might have a large number of devices, and a need for little or no disruption, an so you might choose to update annually. The 18/30 month lifecycle cadence lets you to allow some portion of you environment to move faster while a majority can move less quickly. - - - -## Calendar approaches - -You can use a calendar approach for either a faster 18-month or twice-per-year cadence or a 30-month or annual cadence. Depending on company size, installing Windows 10 feature updates less often than once annually risks devices going out of service and becoming vulnerable to security threats, because they will stop receiving the monthly security updates. - - -### Annual - -Here's a calendar showing an example schedule that applies one Windows 10 feature update per calendar year, aligned with Microsoft Endpoint Configuration Manager and Microsoft 365 Apps release cycles: - -![annual calendar](images/annual-calendar.png) - -This approach provides approximately twelve months of use from each feature update before the next update is due to be installed. By aligning to the Windows 10, version 20H2 feature update, each release will be serviced for 30 months from the time of availability, giving you more flexibility when applying future feature updates. - -This cadence might be most suitable for you if any of these conditions apply: - -- You are just starting your journey with the Windows 10 servicing process. If you are unfamiliar with new processes that support Windows 10 servicing, moving from a once every 3-5 year project to a twice a year feature update process can be daunting. This approach gives you time to learn new approaches and tools to reduce effort and cost. -- You want to wait and see how successful other companies are at adopting a Windows 10 feature update. -- You want to go quickly with feature updates, and want the ability to skip a feature update while keeping Windows 10 serviced in case business priorities change. Aligning to the Windows 10 feature update released in the *second* half of each calendar year, you get additional servicing for Windows 10 (30 months of servicing compared to 18 months). - - -### Rapid - -This calendar shows an example schedule that installs each feature update as it is released, twice per year: - -![rapid calendar](images/rapid-calendar.png) - -This cadence might be best for you if these conditions apply: - -- You have a strong appetite for change. -- You want to continuously update supporting infrastructure and unlock new scenarios. -- Your organization has a large population of information workers that can use the latest features and functionality in Windows 10 and Office. -- You have experience with feature updates for Windows 10. \ No newline at end of file From 35215d8255fd0d4708a6b6ee462b5a17df30d555 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 1 Jun 2020 10:31:51 -0700 Subject: [PATCH 20/39] update why no data available --- .../microsoft-defender-atp/machines-view-overview.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md index e570e0634a..f243b53767 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md @@ -53,7 +53,13 @@ The risk level reflects the overall risk assessment of the machine based on a co ### Exposure level -The exposure level reflects the current exposure of the machine based on the cumulative impact of its pending security recommendations. +The exposure level reflects the current exposure of the machine based on the cumulative impact of its pending security recommendations. The possible levels are low, medium, and high. Low exposure means your machines are less vulnerable from exploitation. + +If the exposure level says "No data available," there are a few reasons why this may be the case: + +- Device stopped reporting for more than 30 days – in that case it is considered inactive, and the exposure isn't computed +- Device OS not supported - see [minimum requirements for Microsoft Defender ATP](minimum-requirements.md) +- Device with stale agent (very unlikely) ### OS Platform From 69d7fd4d3898ba31f2c5f600ab99f2518943874a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 1 Jun 2020 10:32:42 -0700 Subject: [PATCH 21/39] added detail about results location --- windows/deployment/upgrade/setupdiag.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 6bbeb71b89..74ac33ca80 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -41,6 +41,8 @@ With the release of Windows 10, version 2004, SetupDiag is included with Windows During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, SetupDiag.exe is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure. +When run by Windows Setup, results of the SetupDiag analysis can be found at **%WinDir%\Logs\SetupDiag\SetupDiagResults.xml** and in the registry under **HKLM\Setup\SetupDiag\Results**. + If the upgrade process proceeds normally, this directory is moved under **%SystemDrive%\Windows.Old** for cleanup. If this directory is deleted, SetupDiag.exe will also be removed. ## Using SetupDiag From a3da6e9ef13995045194e01c574cefd1f51c3c15 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 1 Jun 2020 10:52:03 -0700 Subject: [PATCH 22/39] tweaks --- windows/deployment/upgrade/setupdiag.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 74ac33ca80..55b5978287 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -39,11 +39,11 @@ SetupDiag works by examining Windows Setup log files. It attempts to parse these With the release of Windows 10, version 2004, SetupDiag is included with Windows Setup. -During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, SetupDiag.exe is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure. +During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, **setupdiag.exe** is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure. When run by Windows Setup, results of the SetupDiag analysis can be found at **%WinDir%\Logs\SetupDiag\SetupDiagResults.xml** and in the registry under **HKLM\Setup\SetupDiag\Results**. -If the upgrade process proceeds normally, this directory is moved under **%SystemDrive%\Windows.Old** for cleanup. If this directory is deleted, SetupDiag.exe will also be removed. +If the upgrade process proceeds normally, the **Sources** directory including **setupdiag.exe** is moved under **%SystemDrive%\Windows.Old** for cleanup. If the **Windows.old** directory is deleted later, **setupdiag.exe** will also be removed. ## Using SetupDiag From 7c6ced0cc46b0586aa5e31712e59a7ca72764b4e Mon Sep 17 00:00:00 2001 From: Ramu Konidena Date: Mon, 1 Jun 2020 13:22:28 -0500 Subject: [PATCH 23/39] Added a redirect from 'remove cache' article to FAQ --- .openpublishing.redirection.json | 5 + .../clear-ie-cache-from-command-line.md | 123 ------------------ 2 files changed, 5 insertions(+), 123 deletions(-) delete mode 100644 browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 0219414079..9eed385d57 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -14602,6 +14602,11 @@ "redirect_document_id": true }, { +"source_path": "browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md", +"redirect_url": "https://docs.microsoft.com/internet-explorer/kb-support/ie-edge-faqs", +"redirect_document_id": false +}, +{ "source_path": "windows/keep-secure/security-technologies.md", "redirect_url": "https://docs.microsoft.com/windows/windows-10/index", "redirect_document_id": true diff --git a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md deleted file mode 100644 index 7adcb24c17..0000000000 --- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md +++ /dev/null @@ -1,123 +0,0 @@ ---- -title: Clear the Internet Explorer cache from a command line -description: Introduces command-line commands and a sample batch file for clearing the IE cache. -audience: ITPro -manager: msmets -author: ramakoni1 -ms.author: ramakoni -ms.reviewer: ramakoni, DEV_Triage -ms.prod: internet-explorer -ms.technology: -ms.topic: kb-support -ms.custom: CI=111026 -ms.localizationpriority: Normal -# localization_priority: medium -# ms.translationtype: MT -ms.date: 01/23/2020 ---- -# How to clear Internet Explorer cache by using the command line - -This article outlines the procedure to clear the Internet Explorer cache by using the command line. - -## Command line commands to clear browser cache - -1. Delete history from the Low folder - `del /s /q C:\Users\\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah` - -2. Delete history - `RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 1` - -3. Delete cookies - `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2` - -4. Delete temporary internet files - `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8` - -5. Delete form data - `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16` - -6. Delete stored passwords - `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32` - -7. Delete all - `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255` - -8. Delete files and settings stored by add-ons - `InetCpl.cpl,ClearMyTracksByProcess 4351` - -If you upgraded from a previous version of Internet Explorer, you have to use the following commands to delete the files from older versions: -`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9` - -Command to reset Internet Explorer settings: -`Rundll32.exe inetcpl.cpl ResetIEtoDefaults` - -## Sample batch file to clear Internet Explorer cache files - -A sample batch file is available that you can use to clear Internet Explorer cache files and other items. You can download the file from [https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip](https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip). - -The batch file offers the following options: - -- Delete Non-trusted web History (low-level hidden cleanup) -- Delete History -- Delete Cookies -- Delete Temporary Internet Files -- Delete Form Data -- Delete Stored Passwords -- Delete All -- Delete All "Also delete files and settings stored by add-ons" -- Delete IE10 and IE9 Temporary Internet Files -- Resets IE Settings -- EXIT - -**Contents of the batch file** - -```dos -@echo off -# This sample script is not supported under any Microsoft standard support program or service. -# The sample script is provided AS IS without warranty of any kind. Microsoft further disclaims -# all implied warranties including, without limitation, any implied warranties of merchantability -# or of fitness for a particular purpose. The entire risk arising out of the use or performance of -# the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, -# or anyone else involved in the creation, production, or delivery of the scripts be liable for any -# damages whatsoever (including, without limitation, damages for loss of business profits, business -# interruption, loss of business information, or other pecuniary loss) arising out of the use of or -# inability to use the sample scripts or documentation, even if Microsoft has been advised of the -# possibility of such damages - -:home -cls -COLOR 00 -echo Delete IE History -echo Please select the task you wish to run. -echo Pick one: -echo. -echo 1. Delete History -echo 2. Delete Cookies -echo 3. Delete Temporary Internet Files -echo 4. Delete Form Data -echo 5. Delete Stored Passwords -echo 6. Delete All -echo 7. Delete All "Also delete files and settings stored by add-ons" -echo 8. Delete IE10 and 9 Temporary Internet Files -echo 9. Reset IE Settings -echo 00. EXIT -:choice -Echo Hit a number [1-10] and press enter. -set /P CH=[1-10] - -if "%CH%"=="1" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1 -if "%CH%"=="2" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2 -if "%CH%"=="3" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 -if "%CH%"=="4" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16 -if "%CH%"=="5" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32 -if "%CH%"=="6" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255 -if "%CH%"=="7" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351 -if "%CH%"=="8" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9 -if "%CH%"=="9" set x=rundll32.exe inetcpl.cpl ResetIEtoDefaults -if "%CH%"=="00" goto quit - -%x% - -goto Home -:quit -``` From b1650b4c455a7496111748a3545f6b309353f37c Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 13:46:50 -0700 Subject: [PATCH 24/39] Update why-use-microsoft-antivirus.md --- .../why-use-microsoft-antivirus.md | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md index bfca4b0430..8e58e09018 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md @@ -1,6 +1,6 @@ --- -title: "Why you should use Windows Defender Antivirus together with Microsoft Defender Advanced Threat Protection" -description: "For best results, use Windows Defender Antivirus together with your other Microsoft offerings." +title: "Why you should use Microsoft Defender Antivirus together with Microsoft Defender Advanced Threat Protection" +description: "For best results, use Microsoft Defender Antivirus together with your other Microsoft offerings." keywords: windows defender, antivirus, third party av search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -18,31 +18,31 @@ ms.reviewer: manager: dansimp --- -# Better together: Windows Defender Antivirus and Microsoft Defender Advanced Threat Protection +# Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection **Applies to:** -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) -Windows Defender Antivirus is the next-generation protection component of [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) (Microsoft Defender ATP). +Microsoft Defender Antivirus is the next-generation protection component of [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) (Microsoft Defender ATP). -Although you can use a non-Microsoft antivirus solution with Microsoft Defender ATP, there are advantages to using Windows Defender Antivirus together with Microsoft Defender ATP. Not only is Windows Defender Antivirus an excellent next-generation antivirus solution, but combined with other Microsoft Defender ATP capabilities, such as [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations), you get better protection that's coordinated across products and services. +Although you can use a non-Microsoft antivirus solution with Microsoft Defender ATP, there are advantages to using Microsoft Defender Antivirus together with Microsoft Defender ATP. Not only is Microsoft Defender Antivirus an excellent next-generation antivirus solution, but combined with other Microsoft Defender ATP capabilities, such as [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations), you get better protection that's coordinated across products and services. -## 11 reasons to use Windows Defender Antivirus together with Microsoft Defender ATP +## 11 reasons to use Microsoft Defender Antivirus together with Microsoft Defender ATP | |Advantage |Why it matters | |--|--|--| |1|Antivirus signal sharing |Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/). | -|2|Threat analytics and your configuration score |Windows Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [configuration score](../microsoft-defender-atp/configuration-score.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. | -|3|Performance |Microsoft Defender ATP is designed to work with Windows Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Windows Defender Antivirus](evaluate-windows-defender-antivirus.md) and [Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).| -|4|Details about blocked malware |More details and actions for blocked malware are available with Windows Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).| +|2|Threat analytics and your configuration score |Microsoft Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [configuration score](../microsoft-defender-atp/configuration-score.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. | +|3|Performance |Microsoft Defender ATP is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-windows-defender-antivirus.md) and [Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).| +|4|Details about blocked malware |More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).| |5|Network protection |Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](../microsoft-defender-atp/network-protection.md).| |6|File blocking |Your organization's security team can block specific files. [Stop and quarantine files in your network](../microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network).| |7|Attack Surface Reduction |Your organization's security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Reduce attack surfaces with attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction).| |8|Auditing events |Auditing event signals are available in [endpoint detection and response capabilities](../microsoft-defender-atp/overview-endpoint-detection-response.md). (These signals are not available with non-Microsoft antivirus solutions.) | |9|Geographic data |Compliant with ISO 270001 and data retention, geographic data is provided according to your organization's selected geographic sovereignty. See [Compliance offerings: ISO/IEC 27001:2013 Information Security Management Standards](https://docs.microsoft.com/microsoft-365/compliance/offering-iso-27001). | -|10|File recovery via OneDrive |If you are using Windows Defender Antivirus together with [Office 365](https://docs.microsoft.com/Office365/Enterprise), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).| -|11|Technical support |By using Microsoft Defender ATP together with Windows Defender Antivirus, you have one company to call for technical support. [Troubleshoot service issues](../microsoft-defender-atp/troubleshoot-mdatp.md) and [review event logs and error codes with Windows Defender Antivirus](troubleshoot-windows-defender-antivirus.md). | +|10|File recovery via OneDrive |If you are using Microsoft Defender Antivirus together with [Office 365](https://docs.microsoft.com/Office365/Enterprise), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).| +|11|Technical support |By using Microsoft Defender ATP together with Microsoft Defender Antivirus, you have one company to call for technical support. [Troubleshoot service issues](../microsoft-defender-atp/troubleshoot-mdatp.md) and [review event logs and error codes with Microsoft Defender Antivirus](troubleshoot-windows-defender-antivirus.md). | ## Learn more From ab283e90c617242f0dc643f80dfc580e7d78ab3f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 13:47:44 -0700 Subject: [PATCH 25/39] Update why-use-microsoft-antivirus.md --- .../windows-defender-antivirus/why-use-microsoft-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md index 8e58e09018..798ea0d362 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md @@ -34,7 +34,7 @@ Although you can use a non-Microsoft antivirus solution with Microsoft Defender |--|--|--| |1|Antivirus signal sharing |Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/). | |2|Threat analytics and your configuration score |Microsoft Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [configuration score](../microsoft-defender-atp/configuration-score.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. | -|3|Performance |Microsoft Defender ATP is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-windows-defender-antivirus.md) and [Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).| +|3|Performance |Microsoft Defender ATP is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-windows-defender-antivirus.md) and [evaluate Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).| |4|Details about blocked malware |More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).| |5|Network protection |Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](../microsoft-defender-atp/network-protection.md).| |6|File blocking |Your organization's security team can block specific files. [Stop and quarantine files in your network](../microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network).| From e0abe99907d534b901fa1c8175046b9eec3a28b7 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 13:52:26 -0700 Subject: [PATCH 26/39] Update why-use-microsoft-antivirus.md --- .../windows-defender-antivirus/why-use-microsoft-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md index 798ea0d362..db6798e3bb 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md @@ -38,7 +38,7 @@ Although you can use a non-Microsoft antivirus solution with Microsoft Defender |4|Details about blocked malware |More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).| |5|Network protection |Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](../microsoft-defender-atp/network-protection.md).| |6|File blocking |Your organization's security team can block specific files. [Stop and quarantine files in your network](../microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network).| -|7|Attack Surface Reduction |Your organization's security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Reduce attack surfaces with attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction).| +|7|Attack Surface Reduction |Your organization's security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Get an overview of attack surface reduction](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction).| |8|Auditing events |Auditing event signals are available in [endpoint detection and response capabilities](../microsoft-defender-atp/overview-endpoint-detection-response.md). (These signals are not available with non-Microsoft antivirus solutions.) | |9|Geographic data |Compliant with ISO 270001 and data retention, geographic data is provided according to your organization's selected geographic sovereignty. See [Compliance offerings: ISO/IEC 27001:2013 Information Security Management Standards](https://docs.microsoft.com/microsoft-365/compliance/offering-iso-27001). | |10|File recovery via OneDrive |If you are using Microsoft Defender Antivirus together with [Office 365](https://docs.microsoft.com/Office365/Enterprise), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).| From 8dfa5d5fa38c6ab552e7a08c57584f89e94d4a28 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 13:54:11 -0700 Subject: [PATCH 27/39] Update why-use-microsoft-antivirus.md --- .../windows-defender-antivirus/why-use-microsoft-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md index db6798e3bb..3f8cc95595 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md @@ -41,7 +41,7 @@ Although you can use a non-Microsoft antivirus solution with Microsoft Defender |7|Attack Surface Reduction |Your organization's security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Get an overview of attack surface reduction](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction).| |8|Auditing events |Auditing event signals are available in [endpoint detection and response capabilities](../microsoft-defender-atp/overview-endpoint-detection-response.md). (These signals are not available with non-Microsoft antivirus solutions.) | |9|Geographic data |Compliant with ISO 270001 and data retention, geographic data is provided according to your organization's selected geographic sovereignty. See [Compliance offerings: ISO/IEC 27001:2013 Information Security Management Standards](https://docs.microsoft.com/microsoft-365/compliance/offering-iso-27001). | -|10|File recovery via OneDrive |If you are using Microsoft Defender Antivirus together with [Office 365](https://docs.microsoft.com/Office365/Enterprise), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).| +|10|File recovery via OneDrive |If you are using Microsoft Defender Antivirus together with [Microsoft 365](https://docs.microsoft.com/microsoft-365/enterprise/microsoft-365-overview), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).| |11|Technical support |By using Microsoft Defender ATP together with Microsoft Defender Antivirus, you have one company to call for technical support. [Troubleshoot service issues](../microsoft-defender-atp/troubleshoot-mdatp.md) and [review event logs and error codes with Microsoft Defender Antivirus](troubleshoot-windows-defender-antivirus.md). | From cde54e4146bbe48c4172557a02a7d79143f48573 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:16:45 -0700 Subject: [PATCH 28/39] Update collect-diagnostic-data.md --- .../windows-defender-antivirus/collect-diagnostic-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index c3c1d2b052..4755f2a042 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -12,7 +12,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 09/03/2018 +ms.date: 06/01/2020 ms.reviewer: manager: dansimp --- From 8643fdc2d90088dfa00758b2b12fd45c588ad229 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:18:26 -0700 Subject: [PATCH 29/39] Update collect-diagnostic-data.md --- .../collect-diagnostic-data.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index c3c1d2b052..f56e156e57 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -1,6 +1,6 @@ --- -title: Collect diagnostic data of Windows Defender Windows Defender Antivirus -description: Use a tool to collect data to troubleshoot Windows Defender Antivirus +title: Collect diagnostic data of Windows Defender Microsoft Defender Antivirus +description: Use a tool to collect data to troubleshoot Microsoft Defender Antivirus keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -12,7 +12,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 09/03/2018 +ms.date: 06/01/2020 ms.reviewer: manager: dansimp --- @@ -58,7 +58,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di > [!NOTE] >If you have a problem with Update compliance, send an email using the Update Compliance support email template, and fill out the template with the following information: >``` -> I am encountering the following issue when using Windows Defender Antivirus in Update Compliance: +> I am encountering the following issue when using Microsoft Defender Antivirus in Update Compliance: > I have provided at least 2 support .cab files at the following location: > > @@ -93,5 +93,5 @@ When the SupportLogLocation parameter is used, a folder structure as below will ## See also -- [Troubleshoot Windows Defender Windows Defender Antivirus reporting](troubleshoot-reporting.md) +- [Troubleshoot Microsoft Defender Antivirus reporting](troubleshoot-reporting.md) From 4a93b236cad2900285ea9a7f4e1900a375d1e60a Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:19:53 -0700 Subject: [PATCH 30/39] Update command-line-arguments-windows-defender-antivirus.md --- ...ommand-line-arguments-windows-defender-antivirus.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md index dbacf4e3a3..dbb696e4b4 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md @@ -1,6 +1,6 @@ --- -title: Use the command line to manage Windows Defender Antivirus -description: Run Windows Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility. +title: Use the command line to manage Microsoft Defender Antivirus +description: Run Microsoft Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility. keywords: run windows defender scan, run antivirus scan from command line, run windows defender scan from command line, mpcmdrun, defender search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -16,13 +16,13 @@ ms.reviewer: ksarens manager: dansimp --- -# Configure and manage Windows Defender Antivirus with the mpcmdrun.exe command-line tool +# Configure and manage Microsoft Defender Antivirus with the mpcmdrun.exe command-line tool **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -You can perform various Windows Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Windows Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt. +You can perform various Microsoft Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Microsoft Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt. > [!NOTE] > You might need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. @@ -60,4 +60,4 @@ MpCmdRun.exe -Scan -ScanType 2 - [Reference topics for collecting diagnostic data](collect-diagnostic-data.md) - [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) -- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) +- [Microsoft Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) From e1366cecd06cd25c8fa1e7ea107163849f7d5537 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:24:38 -0700 Subject: [PATCH 31/39] Revert "Update command-line-arguments-windows-defender-antivirus.md" This reverts commit 4a93b236cad2900285ea9a7f4e1900a375d1e60a. --- ...ommand-line-arguments-windows-defender-antivirus.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md index dbb696e4b4..dbacf4e3a3 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md @@ -1,6 +1,6 @@ --- -title: Use the command line to manage Microsoft Defender Antivirus -description: Run Microsoft Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility. +title: Use the command line to manage Windows Defender Antivirus +description: Run Windows Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility. keywords: run windows defender scan, run antivirus scan from command line, run windows defender scan from command line, mpcmdrun, defender search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -16,13 +16,13 @@ ms.reviewer: ksarens manager: dansimp --- -# Configure and manage Microsoft Defender Antivirus with the mpcmdrun.exe command-line tool +# Configure and manage Windows Defender Antivirus with the mpcmdrun.exe command-line tool **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -You can perform various Microsoft Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Microsoft Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt. +You can perform various Windows Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Windows Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt. > [!NOTE] > You might need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. @@ -60,4 +60,4 @@ MpCmdRun.exe -Scan -ScanType 2 - [Reference topics for collecting diagnostic data](collect-diagnostic-data.md) - [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md) -- [Microsoft Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) +- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) From f28aba320092b0eb0f9be39175998f994c1c1698 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:34:01 -0700 Subject: [PATCH 32/39] Update troubleshoot-reporting.md --- .../troubleshoot-reporting.md | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md index 05e621e3b8..a5d643e874 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md +++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md @@ -23,9 +23,9 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) > [!IMPORTANT] -> On March 31, 2020, the Windows Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates. +> On March 31, 2020, the Windows Defender Antivirus reporting feature of Update Compliance was removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates. -You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx). +You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com), which is also referred to as the Microsoft Defender Advanced Threat Protection portal).To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx). To learn more about onboarding devices, see [Onboarding tools and methods for Windows 10 machines](../microsoft-defender-atp/configure-endpoints.md). When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you might encounter problems or issues. @@ -57,17 +57,12 @@ In order for devices to properly show up in Update Compliance, you have to meet > - If the endpoint is running Windows 10 version 1607 or earlier, [Windows 10 diagnostic data must be set to the Enhanced level](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization#enhanced-level). > - It has been 3 days since all requirements have been met -“You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the Microsoft Defender ATP portal (https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see Windows 10 product licensing options" +You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you must use the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com), which is also referred to as the Microsoft Defender Advanced Threat Protection portal). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx). To learn more about onboarding devices, see [Onboarding tools and methods for Windows 10 machines](../microsoft-defender-atp/configure-endpoints.md). If the above prerequisites have all been met, you might need to proceed to the next step to collect diagnostic information and send it to us. > [!div class="nextstepaction"] -> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data.md) - - - - - +> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data.md) ## Related topics From ee6e49d7d5ab47fee1d50d69c6c37acaf0f0fec8 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 1 Jun 2020 14:34:46 -0700 Subject: [PATCH 33/39] tweaks --- windows/deployment/upgrade/setupdiag.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 55b5978287..5b4b523f2f 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -41,7 +41,14 @@ With the release of Windows 10, version 2004, SetupDiag is included with Windows During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, **setupdiag.exe** is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure. -When run by Windows Setup, results of the SetupDiag analysis can be found at **%WinDir%\Logs\SetupDiag\SetupDiagResults.xml** and in the registry under **HKLM\Setup\SetupDiag\Results**. +When run by Windows Setup, the following [parameters](#parameters) are used: + +- /ZipLogs:False +- /Format:xml +- /Output:%windir%\logs\SetupDiag\SetupDiagResults.xml +- /RegPath:HKEY_LOCAL_MACHINE\SYSTEM\Setup\SetupDiag\Results + +The resulting SetupDiag analysis can be found at **%WinDir%\Logs\SetupDiag\SetupDiagResults.xml** and in the registry under **HKLM\Setup\SetupDiag\Results**. If the upgrade process proceeds normally, the **Sources** directory including **setupdiag.exe** is moved under **%SystemDrive%\Windows.Old** for cleanup. If the **Windows.old** directory is deleted later, **setupdiag.exe** will also be removed. From 5379d9c00a94ec43a59b0a86b6259ff254188973 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 1 Jun 2020 14:35:56 -0700 Subject: [PATCH 34/39] tweaks --- windows/deployment/upgrade/setupdiag.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 5b4b523f2f..ac5f6cd93a 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -37,7 +37,7 @@ SetupDiag works by examining Windows Setup log files. It attempts to parse these ## SetupDiag in Windows 10, version 2004 and later -With the release of Windows 10, version 2004, SetupDiag is included with Windows Setup. +With the release of Windows 10, version 2004, SetupDiag is included with [Windows Setup](https://docs.microsoft.com/windows-hardware/manufacture/desktop/deployment-troubleshooting-and-log-files#windows-setup-scenario). During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, **setupdiag.exe** is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure. From ec0ddfe7bd75daae25412eca40895539adc27b69 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:38:13 -0700 Subject: [PATCH 35/39] Update collect-diagnostic-data.md --- .../windows-defender-antivirus/collect-diagnostic-data.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index f56e156e57..eee2bb59a8 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -49,9 +49,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di 4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`. > [!NOTE] -> To redirect the cab file to a a different path or UNC share, use the below command: -> `mpcmdrun.exe -GetFiles -SupportLogLocation ` -> for more information see '[Redirect diagnostic data to a UNC share](#Redirect-diagnostic-data-to-a-UNC-share)' +> To redirect the cab file to a a different path or UNC share, use the following command: `mpcmdrun.exe -GetFiles -SupportLogLocation `
For more information see [Redirect diagnostic data to a UNC share](#Redirect-diagnostic-data-to-a-UNC-share). 5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us. From 55cd0f7a1d9d904fd71844213dcec77aa96c50ee Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 14:51:29 -0700 Subject: [PATCH 36/39] Update collect-diagnostic-data.md --- .../windows-defender-antivirus/collect-diagnostic-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index eee2bb59a8..06033c098b 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -49,7 +49,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di 4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`. > [!NOTE] -> To redirect the cab file to a a different path or UNC share, use the following command: `mpcmdrun.exe -GetFiles -SupportLogLocation `
For more information see [Redirect diagnostic data to a UNC share](#Redirect-diagnostic-data-to-a-UNC-share). +> To redirect the cab file to a a different path or UNC share, use the following command: `mpcmdrun.exe -GetFiles -SupportLogLocation `
For more information see [Redirect diagnostic data to a UNC share](#redirect-diagnostic-data-to-a-unc-share). 5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us. From 6a415ccdc7d6668cb656b1d407711dc7a877bff6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 1 Jun 2020 15:03:44 -0700 Subject: [PATCH 37/39] Update collect-diagnostic-data.md --- .../windows-defender-antivirus/collect-diagnostic-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index 06033c098b..708ec3f869 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -1,5 +1,5 @@ --- -title: Collect diagnostic data of Windows Defender Microsoft Defender Antivirus +title: Collect diagnostic data of Microsoft Defender Antivirus description: Use a tool to collect data to troubleshoot Microsoft Defender Antivirus keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av search.product: eADQiWindows 10XVcnh From f38fef35a576a6ca4536f679827c4a12cb2ff121 Mon Sep 17 00:00:00 2001 From: EfiKliger <45028856+EfiKliger@users.noreply.github.com> Date: Tue, 2 Jun 2020 11:51:23 +0300 Subject: [PATCH 38/39] updating filter type --- .../threat-protection/microsoft-defender-atp/get-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md index 33337c0f38..f150156c0e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md @@ -26,7 +26,7 @@ ms.topic: article ## API description Retrieves a collection of Alerts.
Supports [OData V4 queries](https://www.odata.org/documentation/). -
The OData's ```$filter``` query is supported on: ```alertCreationTime```, ```incidentId```, ```InvestigationId```, ```status```, ```severity``` and ```category``` properties. +
The OData's ```$filter``` query is supported on: ```alertCreationTime```, ```lastUpdateTime```, ```incidentId```,```InvestigationId```, ```status```, ```severity``` and ```category``` properties.
See examples at [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md) From 0c738efbd413263e459ff7b51eef04de315b2aa0 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 2 Jun 2020 09:50:56 -0700 Subject: [PATCH 39/39] machine --> device text updates --- .../configure-server-endpoints.md | 22 ++++++++--------- .../investigate-user.md | 24 +++++++++---------- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md index cc9b6af753..41bbae5df5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md @@ -1,7 +1,7 @@ --- title: Onboard servers to the Microsoft Defender ATP service description: Onboard servers so that they can send sensor data to the Microsoft Defender ATP sensor. -keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, machine management, configure Windows ATP servers, onboard Microsoft Defender Advanced Threat Protection servers +keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, device management, configure Windows ATP servers, onboard Microsoft Defender Advanced Threat Protection servers search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -78,7 +78,7 @@ You'll need to take the following steps if you choose to onboard servers through Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent). > [!TIP] -> After onboarding the machine, you can choose to run a detection test to verify that it is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP endpoint](run-detection-test.md). +> After onboarding the device, you can choose to run a detection test to verify that it is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP endpoint](run-detection-test.md). ### Configure and update System Center Endpoint Protection clients @@ -92,7 +92,7 @@ The following steps are required to enable this integration: ### Turn on Server monitoring from the Microsoft Defender Security Center portal -1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**. +1. In the navigation pane, select **Settings** > **Device management** > **Onboarding**. 2. Select Windows Server 2012 R2 and 2016 as the operating system. @@ -123,7 +123,7 @@ Once completed, you should see onboarded servers in the portal within an hour. ### Option 2: Onboard servers through Azure Security Center -1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**. +1. In the navigation pane, select **Settings** > **Device management** > **Onboarding**. 2. Select Windows Server 2008 R2 SP1, 2012 R2 and 2016 as the operating system. @@ -143,13 +143,13 @@ Supported tools include: - Group Policy - Microsoft Endpoint Configuration Manager - System Center Configuration Manager 2012 / 2012 R2 1511 / 1602 -- VDI onboarding scripts for non-persistent machines +- VDI onboarding scripts for non-persistent devices -For more information, see [Onboard Windows 10 machines](configure-endpoints.md). +For more information, see [Onboard Windows 10 devices](configure-endpoints.md). Support for Windows Server, provide deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well. -1. Configure Microsoft Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints.md). +1. Configure Microsoft Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 devices](configure-endpoints.md). 2. If you're running a third-party antimalware solution, you'll need to apply the following Windows Defender AV passive mode settings. Verify that it was configured correctly: @@ -194,7 +194,7 @@ The following capabilities are included in this integration: ## Offboard servers -You can offboard Windows Server (SAC), Windows Server 2019, and Windows Server 2019 Core edition in the same method available for Windows 10 client machines. +You can offboard Windows Server (SAC), Windows Server 2019, and Windows Server 2019 Core edition in the same method available for Windows 10 client devices. For other server versions, you have two options to offboard servers from the service: - Uninstall the MMA agent @@ -243,8 +243,8 @@ To offboard the server, you can use either of the following methods: ``` ## Related topics -- [Onboard Windows 10 machines](configure-endpoints.md) -- [Onboard non-Windows machines](configure-endpoints-non-windows.md) +- [Onboard Windows 10 devices](configure-endpoints.md) +- [Onboard non-Windows devices](configure-endpoints-non-windows.md) - [Configure proxy and Internet connectivity settings](configure-proxy-internet.md) -- [Run a detection test on a newly onboarded Microsoft Defender ATP machine](run-detection-test.md) +- [Run a detection test on a newly onboarded Microsoft Defender ATP device](run-detection-test.md) - [Troubleshooting Microsoft Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md index e086f41f6b..7f3d3a510f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md @@ -27,25 +27,25 @@ ms.date: 04/24/2018 ## Investigate user account entities -Identify user accounts with the most active alerts (displayed on dashboard as "Users at risk") and investigate cases of potential compromised credentials, or pivot on the associated user account when investigating an alert or machine to identify possible lateral movement between machines with that user account. +Identify user accounts with the most active alerts (displayed on dashboard as "Users at risk") and investigate cases of potential compromised credentials, or pivot on the associated user account when investigating an alert or device to identify possible lateral movement between devices with that user account. You can find user account information in the following views: - Dashboard - Alert queue -- Machine details page +- Device details page A clickable user account link is available in these views, that will take you to the user account details page where more details about the user account are shown. When you investigate a user account entity, you'll see: -- User account details, Azure Advanced Threat Protection (Azure ATP) alerts, and Logged on machines +- User account details, Azure Advanced Threat Protection (Azure ATP) alerts, and Logged on devices - Alerts related to this user -- Observed in organization (machines logged on to) +- Observed in organization (devices logged on to) ![Image of the user account entity details page](images/atp-user-details-view-azureatp.png) -The user account details, Azure ATP alerts, and logged on machines cards display various attributes about the user account. +The user account details, Azure ATP alerts, and logged on devices cards display various attributes about the user account. ### User details @@ -58,19 +58,19 @@ The **Azure Advanced Threat Protection** card will contain a link that will take >[!NOTE] >You'll need to enable the integration on both Azure ATP and Microsoft Defender ATP to use this feature. In Microsoft Defender ATP, you can enable this feature in advanced features. For more information on how to enable advanced features, see [Turn on advanced features](advanced-features.md). -### Logged on machines +### Logged on devices -The **Logged on machines** card shows a list of the machines that the user has logged on to. You can expand these to see details of the log-on events for each machine. +The **Logged on devices** card shows a list of the devices that the user has logged on to. You can expand these to see details of the log-on events for each device. ## Alerts related to this user -The **Alerts related to this user** section provides a list of alerts that are associated with the user account. This list is a filtered view of the [Alert queue](alerts-queue.md), and shows alerts where the user context is the selected user account, the date when the last activity was detected, a short description of the alert, the machine associated with the alert, the alert's severity, the alert's status in the queue, and who is assigned the alert. +The **Alerts related to this user** section provides a list of alerts that are associated with the user account. This list is a filtered view of the [Alert queue](alerts-queue.md), and shows alerts where the user context is the selected user account, the date when the last activity was detected, a short description of the alert, the device associated with the alert, the alert's severity, the alert's status in the queue, and who is assigned the alert. ## Observed in organization -The **Observed in organization** section allows you to specify a date range to see a list of machines where this user was observed logged on to, the most frequent and least frequent logged on user account for each of these machines, and total observed users on each machine. +The **Observed in organization** section allows you to specify a date range to see a list of devices where this user was observed logged on to, the most frequent and least frequent logged on user account for each of these devices, and total observed users on each device. -Selecting an item on the Observed in organization table will expand the item, revealing more details about the machine. Directly selecting a link within an item will send you to the corresponding page. +Selecting an item on the Observed in organization table will expand the item, revealing more details about the device. Directly selecting a link within an item will send you to the corresponding page. ![Image of observed in organization section](images/atp-observed-in-organization.png) @@ -80,7 +80,7 @@ Selecting an item on the Observed in organization table will expand the item, re 2. Enter the user account in the **Search** field. 3. Click the search icon or press **Enter**. -A list of users matching the query text is displayed. You'll see the user account's domain and name, when the user account was last seen, and the total number of machines it was observed logged on to in the last 30 days. +A list of users matching the query text is displayed. You'll see the user account's domain and name, when the user account was last seen, and the total number of devices it was observed logged on to in the last 30 days. You can filter the results by the following time periods: @@ -96,6 +96,6 @@ You can filter the results by the following time periods: - [Manage Microsoft Defender Advanced Threat Protection alerts](manage-alerts.md) - [Investigate Microsoft Defender Advanced Threat Protection alerts](investigate-alerts.md) - [Investigate a file associated with a Microsoft Defender ATP alert](investigate-files.md) -- [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) +- [Investigate devices in the Microsoft Defender ATP Devices list](investigate-machines.md) - [Investigate an IP address associated with a Microsoft Defender ATP alert](investigate-ip.md) - [Investigate a domain associated with a Microsoft Defender ATP alert](investigate-domain.md)