diff --git a/windows/keep-secure/event-5145.md b/windows/keep-secure/event-5145.md
index 2eb14cec90..5db87f7070 100644
--- a/windows/keep-secure/event-5145.md
+++ b/windows/keep-secure/event-5145.md
@@ -139,23 +139,23 @@ This event generates every time network share object (file or folder) was access
## Table of file access codes
-| Access | Hexadecimal Value | Description |
-|-----------------------------------------------------------|-------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| ReadData (or ListDirectory) | 0x1 | **ReadData -** For a file object, the right to read the corresponding file data. For a directory object, the right to read the corresponding directory data.
**ListDirectory -** For a directory, the right to list the contents of the directory. |
-| WriteData (or AddFile) | 0x2 | **WriteData -** For a file object, the right to write data to the file. For a directory object, the right to create a file in the directory (**FILE\_ADD\_FILE**).
**AddFile -** For a directory, the right to create a file in the directory. |
-| AppendData (or AddSubdirectory or CreatePipeInstance) | 0x4 | **AppendData -** For a file object, the right to append data to the file. (For local files, write operations will not overwrite existing data if this flag is specified without **FILE\_WRITE\_DATA**.) For a directory object, the right to create a subdirectory (**FILE\_ADD\_SUBDIRECTORY**).
**AddSubdirectory -** For a directory, the right to create a subdirectory.
**CreatePipeInstance -** For a named pipe, the right to create a pipe. |
-| ReadEA | 0x8 | The right to read extended file attributes. |
-| WriteEA | 0x10 | The right to write extended file attributes. |
-| Execute/Traverse | 0x20 | **Execute** - For a native code file, the right to execute the file. This access right given to scripts may cause the script to be executable, depending on the script interpreter.
**Traverse -** For a directory, the right to traverse the directory. By default, users are assigned the **BYPASS\_TRAVERSE\_CHECKING** [privilege](https://msdn.microsoft.com/en-us/library/windows/desktop/aa379306(v=vs.85).aspx), which ignores the **FILE\_TRAVERSE** [access right](https://msdn.microsoft.com/en-us/library/windows/desktop/aa374902(v=vs.85).aspx). See the remarks in [File Security and Access Rights](https://msdn.microsoft.com/en-us/library/windows/desktop/aa364399(v=vs.85).aspx) for more information. |
-| DeleteChild | 0x40 | For a directory, the right to delete a directory and all the files it contains, including read-only files. |
-| ReadAttributes | 0x80 | The right to read file attributes. |
-| WriteAttributes | 0x100 | The right to write file attributes. |
-| DELETE | 0x10000 | The right to delete the object. |
-| READ\_CONTROL | 0x20000 | The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL). |
-| WRITE\_DAC | 0x40000 | The right to modify the discretionary access control list (DACL) in the object's security descriptor. |
-| WRITE\_OWNER | 0x80000 | The right to change the owner in the object's security descriptor |
-| SYNCHRONIZE | 0x100000 | The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right. |
-| ACCESS\_SYS\_SEC | 0x1000000 | The ACCESS\_SYS\_SEC access right controls the ability to get or set the SACL in an object's security descriptor. |
+| Access | Hex Value,
Schema Value | Description |
+|-----------------------------------------------------------|-------------------------------|---------------|
+| ReadData (or ListDirectory) | 0x1,
%%4416 | **ReadData -** For a file object, the right to read the corresponding file data. For a directory object, the right to read the corresponding directory data.
**ListDirectory -** For a directory, the right to list the contents of the directory. |
+| WriteData (or AddFile) | 0x2,
%%4417 | **WriteData -** For a file object, the right to write data to the file. For a directory object, the right to create a file in the directory (**FILE\_ADD\_FILE**).
**AddFile -** For a directory, the right to create a file in the directory. |
+| AppendData (or AddSubdirectory or CreatePipeInstance) | 0x4,
%%4418 | **AppendData -** For a file object, the right to append data to the file. (For local files, write operations will not overwrite existing data if this flag is specified without **FILE\_WRITE\_DATA**.) For a directory object, the right to create a subdirectory (**FILE\_ADD\_SUBDIRECTORY**).
**AddSubdirectory -** For a directory, the right to create a subdirectory.
**CreatePipeInstance -** For a named pipe, the right to create a pipe. |
+| ReadEA | 0x8,
%%4419 | The right to read extended file attributes. |
+| WriteEA | 0x10,
%%4420 | The right to write extended file attributes. |
+| Execute/Traverse | 0x20,
%%4421 | **Execute** - For a native code file, the right to execute the file. This access right given to scripts may cause the script to be executable, depending on the script interpreter.
**Traverse -** For a directory, the right to traverse the directory. By default, users are assigned the **BYPASS\_TRAVERSE\_CHECKING** [privilege](https://msdn.microsoft.com/en-us/library/windows/desktop/aa379306(v=vs.85).aspx), which ignores the **FILE\_TRAVERSE** [access right](https://msdn.microsoft.com/en-us/library/windows/desktop/aa374902(v=vs.85).aspx). See the remarks in [File Security and Access Rights](https://msdn.microsoft.com/en-us/library/windows/desktop/aa364399(v=vs.85).aspx) for more information. |
+| DeleteChild | 0x40,
%%4422 | For a directory, the right to delete a directory and all the files it contains, including read-only files. |
+| ReadAttributes | 0x80,
%%4423 | The right to read file attributes. |
+| WriteAttributes | 0x100,
%%4424 | The right to write file attributes. |
+| DELETE | 0x10000,
%%1537 | The right to delete the object. |
+| READ\_CONTROL | 0x20000,
%%1538 | The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL). |
+| WRITE\_DAC | 0x40000,
%%1539 | The right to modify the discretionary access control list (DACL) in the object's security descriptor. |
+| WRITE\_OWNER | 0x80000,
%%1540 | The right to change the owner in the object's security descriptor |
+| SYNCHRONIZE | 0x100000,
%%1541 | The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right. |
+| ACCESS\_SYS\_SEC | 0x1000000,
%%1542 | The ACCESS\_SYS\_SEC access right controls the ability to get or set the SACL in an object's security descriptor. |
> Table 13. File access codes.