From bleepingcomputer.com
Microsoft issued a warning yesterday stating that removing Windows account security identifiers (SIDS) that do not have a “friendly” name from security permissions could cause problems in Windows and installed applications.
Starting with Windows 2012 and Windows 8, Microsoft introduced a new type of security identifier called capability SIDs that grants a Windows component or UWP app access to particular resources on a computer. These resources could be files, folders, Registry entries, or even devices.
When these types of SIDs are shown in a security access list, they will not be resolved to a friendly name such as TrustedInstaller or System. Instead they are shown as a long unfriendly and hard to remember series of numbers and characters as shown below.