Volatility 3 Framework 2.4.1 Offset Name Size 0x918b7008ec20 \Windows\System32\drivers\mpsdrv.sys 216 0x918b700970c0 \Sessions\1\AppContainerNamedObjects 216 0x918b70097a20 \Windows\System32\TextInputFramework.dll 216 0x918b706b03e0 \Windows 216 0x918b709830a0 \$Secure:$SII:$INDEX_ALLOCATION 216 0x918b70983210 \:$I30:$INDEX_ALLOCATION 216 0x918b70983940 \$Directory 216 0x918b70983c20 \$Mft 216 0x918b70984070 \$BitMap 216 0x918b709841e0 \$MftMirr 216 0x918b709847a0 \$LogFile 216 0x918b70984910 \$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000002 216 0x918b70984a80 \$Mft::$BITMAP 216 0x918b70984d60 \$Secure:$SDS:$DATA 216 0x918b70a03380 \Windows\System32\vertdll.dll 216 0x918b70a034f0 \$Extend\$RmMetadata\$TxfLog\$TxfLog.blf 216 0x918b70a03d90 \$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000001 216 0x918b70a041e0 \$Extend\$RmMetadata\$Repair:$Verify:$DATA 216 0x918b70a04350 \$Extend:$I30:$INDEX_ALLOCATION 216 0x918b70a044c0 \$Extend\$RmMetadata\$Repair:$Corrupt:$DATA 216 0x918b70a04630 \$Extend\$Deleted:$I30:$INDEX_ALLOCATION 216 0x918b70a047a0 \$Extend\$UsnJrnl:$J:$DATA 216 0x918b70a04910 \$Extend\$RmMetadata\$Repair 216 0x918b70a04a80 \Device\HarddiskVolume4\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b70a04bf0 \$Directory 216 0x918b70a620a0 \$Directory 216 0x918b70a62210 \$Extend\$RmMetadata\$Txf:$I30:$INDEX_ALLOCATION 216 0x918b70a62380 \Windows\System32\drivers\vmusbmouse.sys 216 0x918b70a624f0 \$NonCachedIo 216 0x918b70a62c20 \Windows\System32\drivers\dumpfve.sys 216 0x918b70a63350 \$Extend\$RmMetadata\$TxfLog\$Tops:$T:$DATA 216 0x918b70a634c0 \$Extend\$RmMetadata\$TxfLog\$Tops 216 0x918b70a63630 \:$I30:$INDEX_ALLOCATION 216 0x918b70a637a0 \Device\HarddiskVolume4\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b70a63910 \Device\HarddiskVolume4\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b70a63a80 TxfLog 216 0x918b70a63bf0 KtmLog 216 0x918b70a63ed0 \$Extend\$Reparse:$R:$INDEX_ALLOCATION 216 0x918b70a6d210 \Windows\System32\ntdll.dll 216 0x918b70a6d380 \Windows\SysWOW64\ntdll.dll 216 0x918b70a6d4f0 \$Directory 216 0x918b70a6d7d0 \Windows\System32\drivers\cdrom.sys 216 0x918b70a6dd90 \$Directory 216 0x918b70a6e070 \$Directory 216 0x918b70a6e1e0 \Windows\System32\drivers\lsi_sas.sys 216 0x918b70a6e4c0 \$Directory 216 0x918b70a6e630 \$Directory 216 0x918b70a6e910 \Windows\System32\drivers\Diskdump.sys 216 0x918b70a6ea80 \Windows\System32\drivers\crashdmp.sys 216 0x918b70a91220 \Windows\System32\drivers\dxgkrnl.sys 216 0x918b70a917e0 \Windows\System32\drivers\filecrypt.sys 216 0x918b70a91ac0 \Windows\System32\drivers\watchdog.sys 216 0x918b70a927b0 \Windows\System32\drivers\null.sys 216 0x918b70a92d70 \Windows\System32\drivers\hidusb.sys 216 0x918b70a93330 \Windows\System32\drivers\hidclass.sys 216 0x918b70a93780 \$Directory 216 0x918b70a93a60 \Windows\System32\drivers\hidparse.sys 216 0x918b70a93bd0 \Windows\System32\drivers\tbs.sys 216 0x918b70a93d40 \Windows\System32\drivers\beep.sys 216 0x918b70a94470 \Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_25ab9510fd18cfda\BasicDisplay.sys 216 0x918b70a945e0 \$Directory 216 0x918b70a94a30 \Windows\System32\drivers\mouhid.sys 216 0x918b70a94ba0 \Windows\System32\drivers\mouclass.sys 216 0x918b70a94d10 \Windows\System32\drivers\Vid.sys 216 0x918b70f065c0 \Windows\System32\drivers\monitor.sys 216 0x918b70fd7390 \Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_0a69be6a385b49f7\umbus.sys 216 0x918b70fd77e0 \Windows\System32\drivers\battc.sys 216 0x918b70fd7950 \Windows\System32\drivers\kdnic.sys 216 0x918b70fd7da0 \Windows\System32\drivers\intelppm.sys 216 0x918b70fd8080 \Windows\System32\drivers\e1i65x64.sys 216 0x918b70fd84d0 \Windows\System32\drivers\kbdclass.sys 216 0x918b70fd8640 \Windows\System32\drivers\vmmouse.sys 216 0x918b70fd87b0 \Windows\System32\drivers\winhvr.sys 216 0x918b70fd8d70 \Windows\System32\drivers\i8042prt.sys 216 0x918b70fd8ee0 \Windows\System32\drivers\vm3dmp.sys 216 0x918b70fd9330 \Windows\System32\drivers\vm3dmp_loader.sys 216 0x918b70fd98f0 \Windows\System32\drivers\vmgencounter.sys 216 0x918b70fd9bd0 \Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_160f98ccef202f85\CompositeBus.sys 216 0x918b70fd9d40 \Windows\System32\drivers\CmBatt.sys 216 0x918b70fda190 \Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_9ff437f462543a42\BasicRender.sys 216 0x918b70fda470 \Windows\System32\drivers\NdisVirtualBus.sys 216 0x918b70fdaa30 \Windows\System32\drivers\mssmbios.sys 216 0x918b70fdad10 \Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_9ebb9a8726114d22\swenum.sys 216 0x918b740020b0 \Windows\System32\drivers\afunix.sys 216 0x918b74002950 \Windows\System32\drivers\rdpbus.sys 216 0x918b74002c30 \Windows\System32\drivers\afd.sys 216 0x918b740031f0 \Windows\System32\drivers\vwififlt.sys 216 0x918b740034d0 \Windows\System32\drivers\ws2ifsl.sys 216 0x918b74003920 \Windows\System32\drivers\npfs.sys 216 0x918b74003c00 \Windows\System32\drivers\tdi.sys 216 0x918b74003d70 \Windows\System32\drivers\netbt.sys 216 0x918b74003ee0 \Windows\System32\drivers\ks.sys 216 0x918b740041c0 \Windows\System32\drivers\msfs.sys 216 0x918b74004bd0 \Windows\System32\drivers\tdx.sys 216 0x918b74004eb0 \Windows\System32\drivers\pacer.sys 216 0x918b740055e0 \Windows\System32\drivers\netbios.sys 216 0x918b74005750 \Windows\System32\drivers\rdbss.sys 216 0x918b74005d10 \Windows\System32\drivers\nsiproxy.sys 216 0x918b740cd220 \Windows\System32\smss.exe 216 0x918b740cd500 \Windows\System32\drivers\gpuenergydrv.sys 216 0x918b740ce1f0 \Windows\System32\drivers\dfsc.sys 216 0x918b740ce7b0 \Windows\System32\drivers\fastfat.sys 216 0x918b740ceee0 \Windows\System32\drivers\npsvctrig.sys 216 0x918b740cf330 \Windows\System32\drivers\bam.sys 216 0x918b740cf610 \Windows\System32\drivers\ahcache.sys 216 0x918b740d0e80 \$Directory 216 0x918b740d73e0 \Windows\System32\msvcrt.dll 216 0x918b740d7700 \Windows\System32\shell32.dll 216 0x918b740d7890 \Windows\System32\advapi32.dll 216 0x918b740d7a20 \Windows\System32\SHCore.dll 216 0x918b740d7bb0 \Windows\System32\wow64win.dll 216 0x918b740d7d40 \Windows\System32\wow64cpu.dll 216 0x918b740d7ed0 \Windows\System32\normaliz.dll 216 0x918b740d81f0 \Windows\System32\gdi32.dll 216 0x918b740d8510 \Windows\System32\comdlg32.dll 216 0x918b740d86a0 \Windows\System32\oleaut32.dll 216 0x918b740d8830 \Windows\System32\ws2_32.dll 216 0x918b740d89c0 \Windows\System32\nsi.dll 216 0x918b740d8b50 \Windows\System32\wow64.dll 216 0x918b740d8ce0 \Windows\System32\difxapi.dll 216 0x918b740d8e70 \Windows\System32\setupapi.dll 216 0x918b740f7510 \$Directory 216 0x918b740f7680 \$Directory 216 0x918b740f84e0 \$Directory 216 0x918b740f8d80 \$Directory 216 0x918b742f1250 \Windows\System32\cfgmgr32.dll 216 0x918b742f13e0 \Windows\System32\msctf.dll 216 0x918b742f1570 \Windows\System32\psapi.dll 216 0x918b742f1700 \Windows\System32\ole32.dll 216 0x918b742f1890 \Windows\System32\GdiPlus.dll 216 0x918b742f1a20 \Windows\System32\imagehlp.dll 216 0x918b742f1bb0 \Windows\System32\rpcrt4.dll 216 0x918b742f1d40 \Windows\System32\Wldap32.dll 216 0x918b742f1ed0 \Windows\System32\clbcatq.dll 216 0x918b742f21f0 \Windows\System32\coml2.dll 216 0x918b742f2380 \Windows\System32\imm32.dll 216 0x918b742f2510 \Windows\System32\KernelBase.dll 216 0x918b742f26a0 \Windows\System32\win32u.dll 216 0x918b742f2830 \Windows\System32\kernel32.dll 216 0x918b742f29c0 \Windows\System32\combase.dll 216 0x918b742f2ce0 \Windows\System32\windows.storage.dll 216 0x918b742f2e70 \Windows\System32\bcryptprimitives.dll 216 0x918b7433a0c0 \Windows\SysWOW64\msasn1.dll 216 0x918b7433a250 \Windows\SysWOW64\setupapi.dll 216 0x918b7433a3e0 \Windows\System32\comctl32.dll 216 0x918b7433a570 \Windows\System32\wintrust.dll 216 0x918b7433a700 \Windows\System32\ucrtbase.dll 216 0x918b7433a890 \Windows\System32\crypt32.dll 216 0x918b7433aa20 \Windows\System32\msasn1.dll 216 0x918b7433abb0 \Windows\System32\profapi.dll 216 0x918b7433ad40 \Windows\System32\bcrypt.dll 216 0x918b7433aed0 \Windows\SysWOW64\difxapi.dll 216 0x918b7433b1f0 \Windows\SysWOW64\coml2.dll 216 0x918b7433b380 \Windows\System32\powrprof.dll 216 0x918b7433b510 \Windows\System32\umpdc.dll 216 0x918b7433b6a0 \Windows\SysWOW64\powrprof.dll 216 0x918b7433b830 \Windows\SysWOW64\msvcrt.dll 216 0x918b7433b9c0 \Windows\SysWOW64\comdlg32.dll 216 0x918b7433b9f0 멈琳醋￿멈琳醋￿ 0 0x918b7433bb50 \Windows\System32\cryptsp.dll 216 0x918b7433bce0 \Windows\System32\gdi32full.dll 216 0x918b7433be70 \Windows\System32\kernel.appcore.dll 216 0x918b74343250 \Windows\SysWOW64\wintrust.dll 216 0x918b743433e0 \Windows\SysWOW64\shlwapi.dll 216 0x918b74343570 \Windows\SysWOW64\GdiPlus.dll 216 0x918b74343700 \Windows\SysWOW64\kernel.appcore.dll 216 0x918b74343890 \Windows\SysWOW64\cryptsp.dll 216 0x918b74343a20 \Windows\SysWOW64\windows.storage.dll 216 0x918b74343bb0 \Windows\SysWOW64\oleaut32.dll 216 0x918b74343d40 \Windows\SysWOW64\normaliz.dll 216 0x918b74343ed0 \Windows\SysWOW64\ucrtbase.dll 216 0x918b743441f0 \Windows\SysWOW64\umpdc.dll 216 0x918b74344380 \Windows\SysWOW64\msvcp_win.dll 216 0x918b74344510 \Windows\SysWOW64\win32u.dll 216 0x918b743446a0 \Windows\SysWOW64\imagehlp.dll 216 0x918b74344830 \Windows\SysWOW64\cfgmgr32.dll 216 0x918b743449c0 \Windows\SysWOW64\SHCore.dll 216 0x918b74344b50 \Windows\SysWOW64\kernel32.dll 216 0x918b74344ce0 \Windows\SysWOW64\gdi32full.dll 216 0x918b7436a260 \Windows\System32\sxssrv.dll 216 0x918b7436a3f0 \Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.32530.0_x64__8wekyb3d8bbwe\vcruntime140_app.dll 216 0x918b7436a580 \Windows\System32\dbghelp.dll 216 0x918b7436a710 \Sessions\0\AppContainerNamedObjects 216 0x918b7436a8a0 \Windows\System32\en-US\win32kbase.sys.mui 216 0x918b7436aa30 \Windows\System32\win32kfull.sys 216 0x918b7436abc0 \$Directory 216 0x918b7436ad50 \Windows\System32\win32kbase.sys 216 0x918b7436aee0 \Windows\System32\winsrv.dll 216 0x918b7436b200 \Windows\System32\csrss.exe 216 0x918b7436b390 \Windows\System32\csrsrv.dll 216 0x918b7436b520 \Windows\System32 216 0x918b7436b6b0 \Windows\System32\en-US\csrss.exe.mui 216 0x918b7436b9d0 \CMApi 216 0x918b7436bcf0 \Windows\System32\basesrv.dll 216 0x918b7436be80 \Windows\System32\en-US\winsrv.dll.mui 216 0x918b7436c1a0 \Windows\System32\locale.nls 216 0x918b7436c330 \Windows\System32\winsrvext.dll 216 0x918b7436c4c0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b7436c650 \Windows\System32\drivers\dxgmms2.sys 216 0x918b7436c970 \$Directory 216 0x918b7436cb00 \$Directory 216 0x918b7436ce20 \Windows\System32\wininit.exe 216 0x918b7436d140 \Windows\System32\csrss.exe 216 0x918b7436d2d0 \Windows\System32 216 0x918b7436d460 \Windows\System32\sspicli.dll 216 0x918b7436d780 \$Directory 216 0x918b7436d910 \Windows\System32 216 0x918b7436daa0 \Windows\System32\wininitext.dll 216 0x918b7436dc30 \Windows\System32\userenv.dll 216 0x918b743710d0 \EFI\Microsoft\Boot\BCD.LOG 216 0x918b74371260 \ProtectedPrefix 216 0x918b743713f0 \ProtectedPrefix\LocalService 216 0x918b74371580 \Windows\System32\config\SYSTEM 216 0x918b74371710 \Sessions 216 0x918b743718a0 \ProtectedPrefix\LocalService 216 0x918b74371a30 \Windows\System32\config\SYSTEM.LOG2 216 0x918b74371bc0 \Windows\System32\config\SECURITY 216 0x918b74371d50 \Windows\System32\config\SECURITY.LOG2 216 0x918b74371ee0 \Windows\SysWOW64\sspicli.dll 216 0x918b74372200 \ProtectedPrefix\Administrators 216 0x918b74372390 \Windows\SysWOW64\cryptbase.dll 216 0x918b743726b0 \$Directory 216 0x918b74372840 \Windows\System32\config\SYSTEM.LOG1 216 0x918b743729d0 \Windows\SysWOW64\iertutil.dll 216 0x918b74372b60 \Windows\System32\config\SECURITY.LOG1 216 0x918b74372cf0 \Windows\bootstat.dat 216 0x918b74372e80 \Windows\System32\config\SOFTWARE.LOG1 216 0x918b743734c0 \Windows\System32\config\DEFAULT 216 0x918b74373650 \EFI\Microsoft\Boot\BCD 216 0x918b743737e0 \ProtectedPrefix\NetWorkService 216 0x918b74373970 \ProtectedPrefix\NetWorkService 216 0x918b74373b00 \Windows\System32\config\SOFTWARE 216 0x918b74373c90 \Windows\System32\config\SOFTWARE.LOG2 216 0x918b74373e20 \ProtectedPrefix\Administrators 216 0x918b74374140 \ProtectedPrefix 216 0x918b743742d0 \Windows\System32\config\SAM 216 0x918b743745f0 \Windows\System32\config\DEFAULT.LOG1 216 0x918b74374780 \Windows\System32\win32k.sys 216 0x918b74374910 :$VMCB$ 216 0x918b74374aa0 \Windows\System32\config\SAM.LOG1 216 0x918b74374c30 \Windows\System32\config\DEFAULT.LOG2 216 0x918b74374dc0 \Windows\System32\config\SAM.LOG2 216 0x918b7438d370 \$Mft 216 0x918b7438d7c0 \$MftMirr 216 0x918b7438eec0 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl 216 0x918b7438f1a0 \$Secure:$SII:$INDEX_ALLOCATION 216 0x918b7438f5f0 \$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000001 216 0x918b7438f760 \$BitMap 216 0x918b7438f8d0 \$Extend\$RmMetadata\$Repair 216 0x918b7438fa40 \$Extend\$RmMetadata\$TxfLog\$TxfLog.blf 216 0x918b743905c0 \$Extend\$RmMetadata\$TxfLog\$Tops 216 0x918b74390730 \Device\HarddiskVolume1\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b743908a0 \$Extend:$I30:$INDEX_ALLOCATION 216 0x918b74390b80 \$Extend\$Deleted:$I30:$INDEX_ALLOCATION 216 0x918b74390cf0 \$Secure:$SDS:$DATA 216 0x918b743912b0 \$LogFile 216 0x918b74391420 \$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000002 216 0x918b74391590 \Device\HarddiskVolume1\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b74391870 \$Mft::$BITMAP 216 0x918b743919e0 \:$I30:$INDEX_ALLOCATION 216 0x918b74391e30 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTDefenderApiLogger.etl 216 0x918b74392110 \$Directory 216 0x918b74392280 \$Secure:$SDH:$INDEX_ALLOCATION 216 0x918b743923f0 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTDefenderAuditLogger.etl 216 0x918b74392560 \$Directory 216 0x918b74392840 \Windows\System32\LogFiles\WMI\LwtNetLog.etl 216 0x918b743929b0 \Windows\System32\LogFiles\WMI\NetCore.etl 216 0x918b74392b20 \Windows\System32\LogFiles\WMI\RadioMgr.etl 216 0x918b743930e0 \$Directory 216 0x918b74393250 \$Directory 216 0x918b743933c0 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl 216 0x918b74393530 \Device\HarddiskVolume1\$Extend\$RmMetadata\$TxfLog\$TxfLog 216 0x918b743936a0 KtmLog 216 0x918b74393810 \:$I30:$INDEX_ALLOCATION 216 0x918b74393980 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl 216 0x918b74393af0 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl 216 0x918b74393c60 \Windows\System32\LogFiles\WMI\Microsoft-Windows-Rdp-Graphics-RdpIdd-Trace.etl 216 0x918b74393dd0 \Windows\System32\LogFiles\WMI\NtfsLog.etl 216 0x918b743970c0 \Windows\SysWOW64\psapi.dll 216 0x918b74397250 \Windows\SysWOW64\comctl32.dll 216 0x918b743973e0 \Windows\SysWOW64\ws2_32.dll 216 0x918b74397570 \Windows\SysWOW64\advapi32.dll 216 0x918b74397700 \Windows\SysWOW64\shell32.dll 216 0x918b74397890 \Windows\SysWOW64\clbcatq.dll 216 0x918b74397a20 \Windows\SysWOW64\gdi32.dll 216 0x918b74397bb0 \Windows\SysWOW64\nsi.dll 216 0x918b74397d40 \Windows\SysWOW64\bcrypt.dll 216 0x918b74397ed0 \Windows\SysWOW64\ole32.dll 216 0x918b743981f0 \Windows\SysWOW64\Wldap32.dll 216 0x918b74398380 \Windows\SysWOW64\profapi.dll 216 0x918b74398510 \Windows\SysWOW64\sechost.dll 216 0x918b743986a0 \Windows\SysWOW64\combase.dll 216 0x918b74398830 \Windows\SysWOW64\imm32.dll 216 0x918b74398b50 \Windows\SysWOW64\crypt32.dll 216 0x918b74398ce0 \Windows\SysWOW64\bcryptprimitives.dll 216 0x918b74398e70 \Windows\SysWOW64\rpcrt4.dll 216 0x918b743f80c0 \$Directory 216 0x918b743f83a0 \Windows\System32\config\TxR\{fd9a35ab-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b743f87f0 \Windows\System32\config\TxR\{fd9a35ab-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b743f8c40 \SystemRoot\System32\Config\TxR\{fd9a35ab-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b743f8db0 \$Directory 216 0x918b743f9200 \SystemRoot\System32\Config\TxR\{fd9a35ab-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b743f94e0 \$Directory 216 0x918b743f9650 \Windows\System32\config\TxR\{fd9a35ab-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b743fa620 \$Directory 216 0x918b743faa70 \Windows\System32\LogFiles\WMI\Wifi.etl 216 0x918b743fabe0 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl 216 0x918b743fad50 \Windows\System32\WDI\LogFiles\WdiContextLog.etl.003 216 0x918b743fb1a0 \Windows\System32\drivers\udfs.sys 216 0x918b743fbbb0 \$ConvertToNonresident 216 0x918b743fc170 \$ConvertToNonresident 216 0x918b743fd590 \$ConvertToNonresident 216 0x918b74b150d0 \Windows\System32\en-US\user32.dll.mui 216 0x918b74b15260 \$Directory 216 0x918b74b153f0 \$Directory 216 0x918b74b15580 \Windows\System32\dab.dll 216 0x918b74b15a30 \CMApi 216 0x918b74b15bc0 \Windows\Prefetch\VMWARERESOLUTIONSET.EXE-F78A3A07.pf 216 0x918b74b15d50 \Windows\System32\KBDUS.DLL 216 0x918b74b16200 \Windows\System32\en-US\winlogon.exe.mui 216 0x918b74b16390 \Windows\System32\en-US\user32.dll.mui 216 0x918b74b169d0 \Windows\System32 216 0x918b74b16b60 \$Directory 216 0x918b74b16e80 \Windows\Fonts\constanb.ttf 216 0x918b74b171a0 \Windows\Fonts\ebrimabd.ttf 216 0x918b74b17330 \$Directory 216 0x918b74b174c0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db 216 0x918b74b17650 \Windows\System32 216 0x918b74b17970 \Windows\System32\winlogon.exe 216 0x918b74b17b00 \CMApi 216 0x918b74b17c90 \Windows\System32\cdd.dll 216 0x918b74b18140 \Windows\servicing\CbsMsg.dll 216 0x918b74b18460 \InitShutdown 216 0x918b74b185f0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b74b18780 \InitShutdown 216 0x918b74b18910 \InitShutdown 216 0x918b74b18c30 \wkssvc 216 0x918b74b18dc0 \Windows\System32\upshared.dll 216 0x918b74b3f0d0 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-4bb4d6f7cafc4e9292f972dca2dcde42-bd019ee8-e59c-4b0f-a02c-84e72157a3ef-7485.json 216 0x918b74b3f260 \Windows\System32\ncrypt.dll 216 0x918b74b3f3f0 \Windows\System32\joinutil.dll 216 0x918b74b3f580 \Windows\System32\winsta.dll 216 0x918b74b3f710 \Windows\System32\EventAggregation.dll 216 0x918b74b3f8a0 \CMApi 216 0x918b74b3fa30 \Windows\System32\services.exe 216 0x918b74b3fd50 \Windows\System32 216 0x918b74b3fee0 \Windows\System32\Windows.Storage.Compression.dll 216 0x918b74b40200 \$Directory 216 0x918b74b40390 \Windows\System32\sxs.dll 216 0x918b74b40520 \Windows 216 0x918b74b406b0 \Windows\System32\lsass.exe 216 0x918b74b40840 \Windows\System32\samsrv.dll 216 0x918b74b409d0 \Windows\System32\wuauclt.exe 216 0x918b74b40a00 ੘璴醋￿੘璴醋￿ 0 0x918b74b40b60 \Windows\System32\wldp.dll 216 0x918b74b40cf0 \Windows\System32\en-US\lsasrv.dll.mui 216 0x918b74b411a0 \Windows\System32\ntasn1.dll 216 0x918b74b41330 \$Directory 216 0x918b74b414c0 \Windows\System32\lsasrv.dll 216 0x918b74b41650 \Windows\System32\msprivs.dll 216 0x918b74b417e0 \Windows\System32\netprovfw.dll 216 0x918b74b41970 \Windows\System32\en-US\wdmaud.drv.mui 216 0x918b74b41b00 \Windows\Registration\R000000000006.clb 216 0x918b74b41c90 \Windows\System32\negoexts.dll 216 0x918b74b41e20 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms 216 0x918b74b42140 \Windows\System32\devobj.dll 216 0x918b74b422d0 \Windows\Globalization\Sorting\SortDefault.nls 216 0x918b74b42460 \Windows\System32\cryptbase.dll 216 0x918b74b425f0 \Windows\System32\kerberos.dll 216 0x918b74b42910 \Windows\System32\cryptdll.dll 216 0x918b74b42aa0 \Windows\System32\FirewallAPI.dll 216 0x918b74b42c30 \Windows\System32\KerbClientShared.dll 216 0x918b74b42dc0 \Windows\System32\mswsock.dll 216 0x918b74bc1270 \Windows\System32\cloudAP.dll 216 0x918b74bc1400 \Windows\System32\IPHLPAPI.DLL 216 0x918b74bc1720 \lsass 216 0x918b74bc18b0 \Windows\System32\efslsaext.dll 216 0x918b74bc1a40 \Windows\System32\dpapi.dll 216 0x918b74bc1bd0 \lsass 216 0x918b74bc1d60 \lsass 216 0x918b74bc1ef0 \Windows\System32\TSpkg.dll 216 0x918b74bc2080 \Windows\System32\schannel.dll 216 0x918b74bc2210 \Windows\System32\dpapisrv.dll 216 0x918b74bc23a0 \Windows\System32\sspisrv.dll 216 0x918b74bc2530 \Windows\System32\NtlmShared.dll 216 0x918b74bc29e0 \Windows\System32\pku2u.dll 216 0x918b74bc2b70 \Windows\System32\MicrosoftAccountCloudAP.dll 216 0x918b74bc2d00 \Windows\System32\netutils.dll 216 0x918b74bc2e90 \Windows\System32\wdigest.dll 216 0x918b74bc31b0 \Windows\System32\gmsaclient.dll 216 0x918b74bc3340 \Windows\Fonts\segoeuisl.ttf 216 0x918b74bc34d0 \Windows\System32\msv1_0.dll 216 0x918b74bc3660 \Windows\System32\netlogon.dll 216 0x918b74bc37f0 \$Directory 216 0x918b74bc3980 \Windows\debug\PASSWD.LOG 216 0x918b74bc3b10 \$Directory 216 0x918b74bc3ca0 \Windows\System32\rsaenh.dll 216 0x918b74bc3e30 \Windows\System32\C_28591.NLS 216 0x918b74bc4150 \Windows\System32\dnsapi.dll 216 0x918b74bc4470 \ntsvcs 216 0x918b74bc4600 \Windows\System32\scesrv.dll 216 0x918b74bc4790 \Windows\System32\svchost.exe 216 0x918b74bc4ab0 \ntsvcs 216 0x918b74bc4c40 \Windows\System32\scecli.dll 216 0x918b74bc4dd0 \$Directory 216 0x918b74bc50f0 \scerpc 216 0x918b74bc5280 \Windows\System32\authz.dll 216 0x918b74bc5410 \Windows\System32\ntmarta.dll 216 0x918b74bc55a0 \Windows\System32\slc.dll 216 0x918b74bc5730 \scerpc 216 0x918b74bc58c0 \Windows\System32\umpo.dll 216 0x918b74bc5a50 \$Directory 216 0x918b74bc5be0 \Windows\System32\umpnpmgr.dll 216 0x918b74bc5d70 \Windows\System32\sppc.dll 216 0x918b74bc6090 \Windows\System32\umpoext.dll 216 0x918b74bc6220 \Windows\System32 216 0x918b74bc63b0 \Users\santa\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini 216 0x918b74bc6540 \Windows\System32\kdcpw.dll 216 0x918b74bc66d0 \Windows\System32\en-US\services.exe.mui 216 0x918b74bc6860 \ntsvcs 216 0x918b74bc69f0 \scerpc 216 0x918b74bc6b80 \Program Files\WindowsApps\Microsoft.VCLibs.140.00.UWPDesktop_14.0.32530.0_x64__8wekyb3d8bbwe\msvcp140.dll 216 0x918b74bc6d10 \Windows\System32\WUDFPlatform.dll 216 0x918b74bc71c0 \Windows\System32\profext.dll 216 0x918b74bc7350 \Windows\System32\tdh.dll 216 0x918b74bc74e0 \Windows\System32\dxgi.dll 216 0x918b74bc7670 \Windows\servicing\TrustedInstaller.exe 216 0x918b74bc7800 \Windows\System32\fontdrvhost.exe 216 0x918b74bc7990 \Windows\System32\mintdh.dll 216 0x918b74bc7b20 \Sessions\1\AppContainerNamedObjects\S-1-15-2-95739096-486727260-2033287795-3853587803-1685597119-444378811-2746676523 216 0x918b74bc8160 \Sessions\0\AppContainerNamedObjects\S-1-15-2-95739096-486727260-2033287795-3853587803-1685597119-444378811-2746676523 216 0x918b74bc82f0 \Windows\System32\fontdrvhost.exe 216 0x918b74bc8480 \Windows\System32 216 0x918b74bc8610 \$Directory 216 0x918b74bc87a0 \Windows\System32 216 0x918b74bc8c50 \Windows\System32\fwbase.dll 216 0x918b74bc9270 \Windows\System32 216 0x918b74bc9400 \Windows\System32\RpcRtRemote.dll 216 0x918b74bc9590 \Windows\System32\umpo-overrides.dll 216 0x918b74bc9720 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b74bc98b0 \$Directory 216 0x918b74bc9a40 \CMApi 216 0x918b74bc9bd0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db 216 0x918b74bc9d60 \Windows\System32\en-US\svchost.exe.mui 216 0x918b74bc9ef0 \CMNotify 216 0x918b74bca080 \CMNotify 216 0x918b74bca210 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT 216 0x918b74bca530 \Windows\System32\gpapi.dll 216 0x918b74bca850 \Device\HarddiskVolume4\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b74bca9e0 \Windows\System32\RpcEpMap.dll 216 0x918b74bcab70 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b74bcad00 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 216 0x918b74bcae90 \Device\HarddiskVolume4\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b74bcb1b0 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 216 0x918b74bcb340 \Windows\System32\hid.dll 216 0x918b74bcb4d0 \$Directory 216 0x918b74bcb660 \Windows\ServiceProfiles\NetworkService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b74bcb7f0 \Windows\System32\DXCore.dll 216 0x918b74bcb980 \Windows\System32\en-US\Windows.Graphics.dll.mui 216 0x918b74bcbb10 \Windows\System32\SleepStudy\UserNotPresentSession.etl 216 0x918b74bcbca0 \Windows\System32\svchost.exe 216 0x918b74bcbe30 \Windows\Fonts\vgasys.fon 216 0x918b74bcc150 \CMNotify 216 0x918b74bcc2e0 \epmapper 216 0x918b74bcc470 \Endpoint 216 0x918b74bcc600 \Endpoint 216 0x918b74bcc790 \Winsock2\CatalogChangeListener-260-0 216 0x918b74bcc920 \Endpoint 216 0x918b74bccab0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b74bccc40 \epmapper 216 0x918b74bccdd0 \Endpoint 216 0x918b74bcd0f0 \Endpoint 216 0x918b74bcd280 \Endpoint 216 0x918b74bcd410 \Endpoint 216 0x918b74bcd5a0 \Endpoint 216 0x918b74bcd730 \Endpoint 216 0x918b74bcda50 \epmapper 216 0x918b74bcdbe0 \Endpoint 216 0x918b74bcdd70 \Endpoint 216 0x918b74bce090 \Endpoint 216 0x918b74bce220 \Winsock2\CatalogChangeListener-1dc-0 216 0x918b74bce3b0 \Winsock2\CatalogChangeListener-318-0 216 0x918b74bce540 \Windows\System32\wshqos.dll 216 0x918b74bce6d0 \Endpoint 216 0x918b74bce860 \Windows\System32 216 0x918b74bce9f0 \Windows\System32\psmsrv.dll 216 0x918b74bceb80 \Endpoint 216 0x918b74bced10 \Endpoint 216 0x918b74bceea0 \Windows\System32\rpcss.dll 216 0x918b74bcf1c0 \Endpoint 216 0x918b74bcf350 \Endpoint 216 0x918b74bcf4e0 \$Directory 216 0x918b74bcf670 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b74bcf800 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b74bcf990 \$Directory 216 0x918b74bcfb20 \$Directory 216 0x918b74bcfcb0 \Windows\System32\en-US\windows.ui.xaml.dll.mui 216 0x918b74bcfe40 \Windows\Globalization\ICU\zoneinfo64.res 216 0x918b74bd0160 \Reference 216 0x918b74bd02f0 \Windows\System32\PlayToDevice.dll 216 0x918b74bd0480 \Windows\Fonts\seguisb.ttf 216 0x918b74bd0610 \Windows\Fonts\trebucbd.ttf 216 0x918b74bd07a0 \Server 216 0x918b74bd0930 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b74bd0960 স璽醋￿স璽醋￿ 0 0x918b74bd0ac0 \Windows\System32\conhost.exe 216 0x918b74bd0c50 \$Directory 216 0x918b74bd0de0 \Connect 216 0x918b752020e0 \LSM_API_service 216 0x918b75202270 \Windows\System32\wer.dll 216 0x918b75202590 \Windows\System32\dwm.exe 216 0x918b752028b0 \CMNotify 216 0x918b75202a40 \Windows\System32\dwmredir.dll 216 0x918b75202bd0 \Windows\Fonts\marlett.ttf 216 0x918b75202d60 \Windows\System32\lsm.dll 216 0x918b75202ef0 \Windows\System32\dwminit.dll 216 0x918b75203080 \LSM_API_service 216 0x918b75203210 \Windows\System32\PsmServiceExtHost.dll 216 0x918b752033a0 \Windows\System32\dwmapi.dll 216 0x918b75203530 \Windows\System32\sysntfy.dll 216 0x918b752036c0 \Windows\System32\UXInit.dll 216 0x918b75203d00 \Windows\Fonts\micross.ttf 216 0x918b75203e90 \Windows\System32\rmclient.dll 216 0x918b752041b0 \Windows\System32\apphelp.dll 216 0x918b75204340 \Windows\Resources\Themes\aero\aero.msstyles 216 0x918b752044d0 \LSM_API_service 216 0x918b752047f0 \Windows\System32 216 0x918b75204980 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\startupCache\scriptCache-child-current.bin 216 0x918b75204b10 \Windows\System32\uxtheme.dll 216 0x918b75204ca0 \Windows\SysWOW64\npmproxy.dll 216 0x918b75205150 \Windows\System32\bisrv.dll 216 0x918b752052e0 \Windows\Registration\R000000000006.clb 216 0x918b75205470 \Windows\System32\dcomp.dll 216 0x918b75205600 \Windows\System32\d2d1.dll 216 0x918b75205790 \Windows\System32\en-US\dwm.exe.mui 216 0x918b75205920 \Windows\System32\dwmghost.dll 216 0x918b75205ab0 \CMApi 216 0x918b75205c40 \Windows\System32\twinapi.appcore.dll 216 0x918b75205dd0 \Windows\System32\winmmbase.dll 216 0x918b752060f0 \Windows\System32\d3d11.dll 216 0x918b75206410 \Windows\System32\rpcss.dll 216 0x918b75206730 \Windows\System32\D3DCompiler_47.dll 216 0x918b752068c0 \Windows\System32\dsreg.dll 216 0x918b75206be0 \Windows\System32\msvcp110_win.dll 216 0x918b75206d70 \Windows\System32\ResourcePolicyClient.dll 216 0x918b75207220 \Windows\System32\embeddedmodesvcapi.dll 216 0x918b752073b0 \Windows\System32\d3d10warp.dll 216 0x918b752076d0 \Windows\Registration\R000000000006.clb 216 0x918b75207860 \Windows\System32\CoreMessaging.dll 216 0x918b752079f0 \Windows\System32\winmm.dll 216 0x918b75207d10 \Windows\System32\xmllite.dll 216 0x918b75207ea0 \Windows\System32\dwmcore.dll 216 0x918b752081c0 \Windows\System32\uDWM.dll 216 0x918b75208350 \$Directory 216 0x918b752084e0 \$Directory 216 0x918b75208670 \Windows\System32\config\BBI.LOG2 216 0x918b75208800 \Windows\System32\taskschd.dll 216 0x918b75208990 \Windows\ServiceProfiles\LocalService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b75208b20 \Windows\ServiceProfiles\LocalService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b75208cb0 \Windows\System32\SystemEventsBrokerServer.dll 216 0x918b75208e40 \Windows\System32\BrokerLib.dll 216 0x918b75209160 \Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 216 0x918b752092f0 \Windows\System32\ResourcePolicyServer.dll 216 0x918b75209480 \Windows\Fonts 216 0x918b75209610 \Windows\System32\config\BBI 216 0x918b752097a0 \Windows\System32\dabapi.dll 216 0x918b75209930 \Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 216 0x918b75209ac0 \Windows\System32\config\BBI.LOG1 216 0x918b75209c50 \Windows\System32\shacct.dll 216 0x918b75209de0 \Windows\ServiceProfiles\LocalService\NTUSER.DAT 216 0x918b75282150 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl 216 0x918b75282710 \Windows\System32\drivers\condrv.sys 216 0x918b752c38f0 \$PrepareToShrinkFileSize 216 0x918b752c5ce0 \Windows\System32\drivers\cldflt.sys 216 0x918b752c7550 \Windows\System32\drivers\wcifs.sys 216 0x918b752c8970 \Windows\System32\drivers\luafv.sys 216 0x918b752c9d90 \Windows\System32\drivers\storqosflt.sys 216 0x918b7538a0e0 \CMNotify 216 0x918b7538a270 \CMNotify 216 0x918b7538a400 \Windows\System32\svchost.exe 216 0x918b7538a590 \Windows\System32\svchost.exe 216 0x918b7538a8b0 \Windows\System32 216 0x918b7538aa40 \Windows\System32 216 0x918b7538ad60 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7538aef0 \Windows\System32\lmhsvc.dll 216 0x918b7538b210 \Device\HarddiskVolume4\Windows\ServiceProfiles\LocalService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b7538b530 \Windows\ServiceProfiles\LocalService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b7538b6c0 \Windows\System32\nrpsrv.dll 216 0x918b7538b850 \Windows\System32\gpsvc.dll 216 0x918b7538b9e0 \Windows\System32 216 0x918b7538bb70 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7538bd00 \CMNotify 216 0x918b7538be90 \Windows\System32\nlaapi.dll 216 0x918b7538c1b0 \$Directory 216 0x918b7538c340 \Windows\System32\svchost.exe 216 0x918b7538c4d0 \Windows\System32 216 0x918b7538c660 \Windows\System32\dsrole.dll 216 0x918b7538c7f0 \Windows\Fonts\trebucit.ttf 216 0x918b7538cb10 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7538cca0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7538ce30 \Device\HarddiskVolume4\Windows\ServiceProfiles\LocalService\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b7538d150 \Windows\System32\svchost.exe 216 0x918b7538d2e0 \CMNotify 216 0x918b7538d470 \CMNotify 216 0x918b7538d600 \Windows\System32\WinTypes.dll 216 0x918b7538d790 \Windows\System32\Windows.Devices.Radios.dll 216 0x918b7538d920 \Windows\System32\httpprxc.dll 216 0x918b7538dab0 \CMNotify 216 0x918b7538dc40 \CMNotify 216 0x918b7538ddd0 \CMNotify 216 0x918b7538e0f0 \CMNotify 216 0x918b7538e410 \Windows\System32\avrt.dll 216 0x918b7538e5a0 \CMNotify 216 0x918b7538e730 \CMNotify 216 0x918b7538e8c0 \CMNotify 216 0x918b7538ea50 \CMNotify 216 0x918b7538ebe0 \CMNotify 216 0x918b7538ed70 \CMNotify 216 0x918b7538f090 \Windows\System32\bi.dll 216 0x918b7538f220 \Windows\System32\ncbservice.dll 216 0x918b7538f3b0 \Windows\System32\propsys.dll 216 0x918b7538f540 \CMNotify 216 0x918b7538f6d0 \Endpoint 216 0x918b7538f9f0 \Windows\System32\SystemEventsBrokerClient.dll 216 0x918b7538fb80 \Windows\System32\ISM.dll 216 0x918b7538fea0 \Windows\System32\ninput.dll 216 0x918b753901c0 \Windows\System32\CoreUIComponents.dll 216 0x918b75390350 \CMApi 216 0x918b753904e0 \CMNotify 216 0x918b75390670 \CMNotify 216 0x918b75390800 \Windows\Registration\R000000000006.clb 216 0x918b75390990 \CMNotify 216 0x918b75390b20 \CMNotify 216 0x918b75390cb0 \Windows\System32\BthRadioMedia.dll 216 0x918b75390e40 \CMNotify 216 0x918b75391160 \CMNotify 216 0x918b753912f0 \CMNotify 216 0x918b75391480 \CMNotify 216 0x918b75391610 \CMNotify 216 0x918b75391930 \Windows\Registration\R000000000006.clb 216 0x918b75391ac0 \CMNotify 216 0x918b75391c50 \Windows\System32\BluetoothApis.dll 216 0x918b75391de0 \CMNotify 216 0x918b753a60e0 \Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat.LOG1 216 0x918b753a6270 \Windows\System32\netprofm.dll 216 0x918b753a6400 \Windows\System32\wtsapi32.dll 216 0x918b753a6590 \CMNotify 216 0x918b753a6720 \Program Files (x86)\Mozilla Firefox 216 0x918b753a68b0 \Windows\Registration\R000000000006.clb 216 0x918b753a6a40 \Windows\System32\svchost.exe 216 0x918b753a6bd0 \Windows\System32\wevtsvc.dll 216 0x918b753a6ef0 \$Directory 216 0x918b753a7080 \CMApi 216 0x918b753a7210 \CMNotify 216 0x918b753a73a0 \Windows\System32\PortableDeviceApi.dll 216 0x918b753a76c0 \CMNotify 216 0x918b753a7850 \Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat 216 0x918b753a7b70 \CMNotify 216 0x918b753a7d00 \Windows\System32 216 0x918b753a7e90 \Windows\System32\SEMgrSvc.dll 216 0x918b753a81b0 \Users\santa\AppData\Local\Comms\UnistoreDB\USS.jtx 216 0x918b753a8660 \CMNotify 216 0x918b753a8980 \Windows\System32\en-US\svchost.exe.mui 216 0x918b753a8ca0 \Windows\System32\en-US\dosvc.dll.mui 216 0x918b753a8e30 \Windows\System32\UserDataTimeUtil.dll 216 0x918b753a9150 \Program Files (x86)\Mozilla Firefox 216 0x918b753a92e0 \Windows\System32\AudioSrvPolicyManager.dll 216 0x918b753a9470 \Windows\System32\en-US\svchost.exe.mui 216 0x918b753a9600 \Windows\System32\MrmDeploy.dll 216 0x918b753a9790 \Windows\System32\sysmain.dll 216 0x918b753a9920 \Windows\System32\msdtcVSp1res.dll 216 0x918b753a9ab0 \Windows\System32\cryptngc.dll 216 0x918b753a9c40 \Windows\System32\svchost.exe 216 0x918b753a9dd0 \Windows\System32\ubpm.dll 216 0x918b753aa0f0 \Windows\System32 216 0x918b753aa730 \Windows\System32\wmiclnt.dll 216 0x918b753aa8c0 \Windows\System32\profsvc.dll 216 0x918b753aaa50 \Windows\System32\samlib.dll 216 0x918b753aabe0 \Windows\System32\wkscli.dll 216 0x918b753aad70 \Windows\System32\profsvcext.dll 216 0x918b753ab090 \Windows\System32\es.dll 216 0x918b753ab220 \Windows\SysWOW64\wship6.dll 216 0x918b753ab3b0 \Windows\System32\logoncli.dll 216 0x918b753ab540 \Windows\System32\appsruprov.dll 216 0x918b753ab9f0 \CMApi 216 0x918b753abb80 \Windows\System32\usermgrcli.dll 216 0x918b753abd10 \Windows\System32\schedsvc.dll 216 0x918b753ac4e0 \Windows\System32\Windows.Gaming.Input.dll 216 0x918b753ac670 \Windows\System32\themeservice.dll 216 0x918b753ac800 \Windows\System32\wincorlib.dll 216 0x918b753ac990 \Windows\System32\AudioEndpointBuilder.dll 216 0x918b753accb0 \Windows\System32\WindowsCodecs.dll 216 0x918b753ad160 \$Directory 216 0x918b753ad610 \Windows\System32\FontProvider.dll 216 0x918b753ad930 \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-FontFace.dat 216 0x918b753adac0 \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-System.dat 216 0x918b753adc50 \Windows\System32\FntCache.dll 216 0x918b753adde0 \Windows\System32\policymanager.dll 216 0x918b754ab100 \CMNotify 216 0x918b754ab420 \Windows\System32\winhttp.dll 216 0x918b754ab5b0 \Winsock2\CatalogChangeListener-3f0-0 216 0x918b754ab740 \Windows\System32\DispBroker.Desktop.dll 216 0x918b754ab8d0 \Endpoint 216 0x918b754aba60 \Endpoint 216 0x918b754abbf0 \eventlog 216 0x918b754abd80 \Windows\Registration\R000000000006.clb 216 0x918b754ac0a0 \Endpoint 216 0x918b754ac230 \CMNotify 216 0x918b754ac3c0 \Windows\System32\OneCoreUAPCommonProxyStub.dll 216 0x918b754ac550 \Endpoint 216 0x918b754ac6e0 \Windows\System32\coloradapterclient.dll 216 0x918b754ac870 \eventlog 216 0x918b754aca00 \CMNotify 216 0x918b754acb90 \eventlog 216 0x918b754acd20 \Windows\System32\UIAnimation.dll 216 0x918b754ad1d0 \Windows\System32\MMDevAPI.dll 216 0x918b754ad680 \Windows\System32\mscms.dll 216 0x918b754ad810 \Windows\System32\wevtapi.dll 216 0x918b754ad9a0 \CMApi 216 0x918b754adb30 \CMApi 216 0x918b754adcc0 \Windows\Registration\R000000000006.clb 216 0x918b754ade50 \CMNotify 216 0x918b754ae170 \Windows\System32\actxprxy.dll 216 0x918b754ae490 \Windows\System32\audiosrv.dll 216 0x918b754ae620 \Windows\System32\winnsi.dll 216 0x918b754ae940 \Windows\System32\svchost.exe 216 0x918b754aead0 \Windows\System32\en-US\AudioEndpointBuilder.dll.mui 216 0x918b754aec60 \Windows\System32\netjoin.dll 216 0x918b754af110 \Windows\System32\en-US\svchost.exe.mui 216 0x918b754af2a0 \Windows\System32\dhcpcore.dll 216 0x918b754af430 \Windows\System32\dhcpcsvc.dll 216 0x918b754af5c0 \Windows\System32\nlasvc.dll 216 0x918b754af8e0 \Windows\System32\dnsrslvr.dll 216 0x918b754afc00 \Windows\System32\DispBroker.dll 216 0x918b754afd90 \Windows\System32\Sens.dll 216 0x918b754b00b0 \Windows\System32\nsisvc.dll 216 0x918b754b0240 \CMNotify 216 0x918b754b03d0 \Windows\System32 216 0x918b754b0560 \Windows\System32\dhcpcsvc6.dll 216 0x918b754b06f0 \Windows\System32\wshhyperv.dll 216 0x918b754b0880 \Windows\System32\ncsi.dll 216 0x918b754b0a10 \Windows\System32\ssdpapi.dll 216 0x918b754b0ba0 \CMNotify 216 0x918b754b0d30 \$Directory 216 0x918b754b0ec0 \Windows\System32\dhcpcore6.dll 216 0x918b754b11e0 \Windows\System32\winevt\Logs\System.evtx 216 0x918b754b1370 \Windows\System32\taskcomp.dll 216 0x918b754b1690 \Windows\System32\winevt\Logs\Security.evtx 216 0x918b754b19b0 \Windows\System32\drivers\etc 216 0x918b754b1b40 \Endpoint 216 0x918b754b1cd0 \Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx 216 0x918b754b1e60 \Windows\System32\winevt\Logs\Application.evtx 216 0x918b754b2180 \Windows\System32\Windows.Graphics.dll 216 0x918b754b2310 \Dev\Query 216 0x918b754b24a0 \CMNotify 216 0x918b754b27c0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b754b2c70 \Endpoint 216 0x918b754b2e00 \$Directory 216 0x918b754b3120 \CMNotify 216 0x918b754b32b0 \Dev\Query 216 0x918b754b3440 \Windows\System32\svchost.exe 216 0x918b754b35d0 \SwDevice 216 0x918b754b38f0 \Windows\System32\FWPUCLNT.DLL 216 0x918b754b3a80 \Windows\System32 216 0x918b754b3da0 \Endpoint 216 0x918b754b4250 \CMNotify 216 0x918b754b43e0 \Windows\System32\en-US\d2d1.dll.mui 216 0x918b754b4570 \CMNotify 216 0x918b754b4700 \Windows\System32\winevt\Logs\Internet Explorer.evtx 216 0x918b754b4890 \Windows\System32\shsvcs.dll 216 0x918b754b4a20 \Windows\System32\winevt\Logs\HardwareEvents.evtx 216 0x918b754b4bb0 \Windows\System32\AudioSes.dll 216 0x918b754b4ed0 \atsvc 216 0x918b754b5510 \Windows\System32\wlanapi.dll 216 0x918b754b5830 \CMNotify 216 0x918b754b59c0 \atsvc 216 0x918b754b5b50 \Windows\Tasks 216 0x918b754b5ce0 \atsvc 216 0x918b754b5e70 \Windows\Registration\R000000000006.clb 216 0x918b754b6190 \Windows\System32\winevt\Logs\Key Management Service.evtx 216 0x918b754b6320 \Windows\System32\usermgr.dll 216 0x918b754b64b0 \Windows\System32\en-US\netprofmsvc.dll.mui 216 0x918b754b6640 \Windows\System32\winevt\Logs\Windows PowerShell.evtx 216 0x918b754b67d0 \Windows\System32\netprofmsvc.dll 216 0x918b754b6c80 \Windows\System32\MrmCoreR.dll 216 0x918b754b7130 \CMApi 216 0x918b754b72c0 \Windows\System32\Windows.UI.dll 216 0x918b754b7450 \Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx 216 0x918b754b75e0 \Windows\System32\BCP47Langs.dll 216 0x918b754b7770 \Windows\System32\cabinet.dll 216 0x918b754b7900 \Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx 216 0x918b754b7a90 \Windows\System32 216 0x918b754b7db0 \Windows\System32\mstask.dll 216 0x918b754b80d0 \Windows\System32\svchost.exe 216 0x918b754b8260 \Windows\System32\InputHost.dll 216 0x918b754b83f0 \Windows\System32\wcmsvc.dll 216 0x918b754b8580 \CMApi 216 0x918b754b8710 \Windows\System32\mobilenetworking.dll 216 0x918b754b8ee0 \Windows\System32\radardt.dll 216 0x918b754b9200 \Windows\System32\svchost.exe 216 0x918b754b96b0 \Windows\System32\spoolsv.exe 216 0x918b754b9840 \Windows\System32\OnDemandConnRouteHelper.dll 216 0x918b754b99d0 \Windows\System32\coreaudiopolicymanagerext.dll 216 0x918b754b9b60 \Windows\System32\FamilySafetyExt.dll 216 0x918b754b9cf0 \Windows\System32\samcli.dll 216 0x918b754b9e80 \Windows\System32\en-US\svchost.exe.mui 216 0x918b754ba1a0 \Windows\System32 216 0x918b754ba330 \Windows\System32\en-US\svchost.exe.mui 216 0x918b754ba4c0 \Windows\System32\dusmsvc.dll 216 0x918b754ba650 \CMNotify 216 0x918b754ba7e0 \Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx 216 0x918b754bab00 \CMNotify 216 0x918b754bac90 \Windows\Registration\R000000000006.clb 216 0x918b754bae20 \Windows\System32\en-US\gpsvc.dll.mui 216 0x918b75561670 \Windows\System32\drivers\lltdio.sys 216 0x918b75561ac0 \$PrepareToShrinkFileSize 216 0x918b75562080 \$PrepareToShrinkFileSize 216 0x918b755634a0 \Windows\System32\drivers\mslldp.sys 216 0x918b755638f0 \SystemRoot\System32\Config\TxR\{fd9a35aa-49fe-11e9-aa2c-248a07783950}.TxR 216 0x918b75564470 \Windows\System32\config\TxR\{fd9a35aa-49fe-11e9-aa2c-248a07783950}.TxR.blf 216 0x918b75565a00 \Windows\System32\drivers\rspndr.sys 216 0x918b75565e50 \Windows\System32\drivers\http.sys 216 0x918b75567100 \Windows\System32\drivers\winquic.sys 216 0x918b755673e0 \Windows\System32\config\TxR\{fd9a35aa-49fe-11e9-aa2c-248a07783950}.TxR.0.regtrans-ms 216 0x918b75567550 \Windows\System32\config\TxR\{fd9a35aa-49fe-11e9-aa2c-248a07783950}.TxR.2.regtrans-ms 216 0x918b75568240 \Windows\System32\config\TxR\{fd9a35aa-49fe-11e9-aa2c-248a07783950}.TxR.1.regtrans-ms 216 0x918b7556c460 \Windows\System32\drivers\mrxsmb.sys 216 0x918b7556d5a0 \Windows\System32\drivers\bowser.sys 216 0x918b75616100 \Windows\System32\winevt\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx 216 0x918b75616290 \Windows\System32\CSystemEventsBrokerClient.dll 216 0x918b756165b0 \Windows\System32 216 0x918b75616740 \Windows\System32 216 0x918b756168d0 \Windows\Fonts\segoeuib.ttf 216 0x918b75616a60 \Dev\Query 216 0x918b75616bf0 \CMNotify 216 0x918b756170a0 \Windows\System32 216 0x918b75617230 \Windows\System32\fveapi.dll 216 0x918b756173c0 \Windows\System32\TimeBrokerClient.dll 216 0x918b756176e0 \Windows\System32\en-US\spoolsv.exe.mui 216 0x918b75617870 \CMApi 216 0x918b75617a00 \CMNotify 216 0x918b75617b90 \Windows\System32\svchost.exe 216 0x918b75617d20 \Windows\System32\urlmon.dll 216 0x918b75617eb0 \spoolss 216 0x918b756181d0 \Windows\System32\BFE.DLL 216 0x918b75618360 \CMNotify 216 0x918b756184f0 \Windows\System32\svchost.exe 216 0x918b75618680 \CMNotify 216 0x918b75618810 \Windows\System32\winevt\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx 216 0x918b756189a0 \Windows\System32\Windows.StateRepository.dll 216 0x918b75618b30 \CMNotify 216 0x918b75618cc0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b75619170 \Windows\System32\PCPKsp.dll 216 0x918b75619300 \spoolss 216 0x918b75619490 \Windows\Registration\R000000000006.clb 216 0x918b75619940 \Windows\SoftwareDistribution\DataStore\Logs\edb.loglog 216 0x918b75619ad0 \Windows\System32\StateRepository.Core.dll 216 0x918b75619c60 \Windows\System32\en-US\bfe.dll.mui 216 0x918b7561a110 \Endpoint 216 0x918b7561a2a0 \Windows\System32\TimeBrokerServer.dll 216 0x918b7561a5c0 \$Directory 216 0x918b7561aa70 \$Directory 216 0x918b7561ac00 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7561ad90 \Endpoint 216 0x918b7561b3d0 \spoolss 216 0x918b7561b560 \Windows\System32\AppXDeploymentClient.dll 216 0x918b7561b6f0 \Windows\System32 216 0x918b7561b880 \Windows\System32\capauthz.dll 216 0x918b7561ba10 \Windows\System32\LanguageOverlayUtil.dll 216 0x918b7561bba0 \Endpoint 216 0x918b7561bd30 \Winsock2\CatalogChangeListener-5e8-0 216 0x918b7561bec0 \Endpoint 216 0x918b7561c1e0 \Windows\System32\BCP47mrm.dll 216 0x918b7561c370 \CMNotify 216 0x918b7561c500 \Windows\System32\wkssvc.dll 216 0x918b7561c690 \wkssvc 216 0x918b7561c820 \Windows\System32\dsparse.dll 216 0x918b7561c9b0 \wkssvc 216 0x918b7561cb40 \Windows\System32\rasadhlp.dll 216 0x918b7561ce60 \CMApi 216 0x918b7561d310 \Windows\System32\en-US\Windows.UI.Immersive.dll.mui 216 0x918b7561d4a0 \Windows\System32\cmintegrator.dll 216 0x918b7561d630 \Windows\System32\webio.dll 216 0x918b7561d7c0 \Windows\System32\Windows.UI.Xaml.dll 216 0x918b7561d950 \Windows\System32\wcmcsp.dll 216 0x918b7561dae0 \Windows\System32\UserMgrProxy.dll 216 0x918b7561e2b0 \Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Operational.evtx 216 0x918b7561e5d0 \Windows\System32\MPSSVC.dll 216 0x918b7561e760 \Windows\System32\FirewallAPI.dll 216 0x918b7561e8f0 \Windows\System32\en-US\FirewallAPI.dll.mui 216 0x918b7561ea80 \Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Restricted.evtx 216 0x918b7561ec10 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7561f0c0 \Windows\Registration\R000000000006.clb 216 0x918b7561f3e0 \Windows\System32\cryptsvc.dll 216 0x918b7561f700 \Windows\System32\trkwks.dll 216 0x918b7561f890 \Windows\System32\WSHTCPIP.DLL 216 0x918b7561fa20 \Windows\System32\crypttpmeksvc.dll 216 0x918b7561fbb0 \trkwks 216 0x918b7561fd40 \Program Files\VMware\VMware Tools\glib-2.0.dll 216 0x918b7561fed0 \Program Files\VMware\VMware Tools\gmodule-2.0.dll 216 0x918b756201f0 \Windows\System32\cryptcatsvc.dll 216 0x918b75620380 \Windows\System32 216 0x918b75620510 \Windows\System32\wship6.dll 216 0x918b756206a0 \Windows\System32\dmenrollengine.dll 216 0x918b75620830 \Program Files\VMware\VMware Tools\VMware VGAuth\intl.dll 216 0x918b756209c0 \Program Files\VMware\VMware Tools\gobject-2.0.dll 216 0x918b75620ce0 \Windows\System32\version.dll 216 0x918b75620e70 \trkwks 216 0x918b75621190 \Windows\System32\wdi.dll 216 0x918b75621320 \$Directory 216 0x918b756214b0 \Program Files\VMware\VMware Tools\intl.dll 216 0x918b75621640 \$Directory 216 0x918b756217d0 \Program Files\VMware\VMware Tools\VMware VGAuth\VGAuthService.exe 216 0x918b75621960 \Windows\System32\iphlpsvc.dll 216 0x918b75621af0 \Windows\System32\diagtrack.dll 216 0x918b75621c80 \Windows\Registration\R000000000006.clb 216 0x918b75622130 \Windows\System32\dps.dll 216 0x918b756222c0 \Windows\System32\perftrack.dll 216 0x918b75622450 \trkwks 216 0x918b756225e0 \Windows\System32\webauthn.dll 216 0x918b75622770 \Program Files\VMware\VMware Tools\vmtoolsd.exe 216 0x918b75622900 \Windows\System32\netapi32.dll 216 0x918b75622a90 \Windows\System32\winsqlite3.dll 216 0x918b75622c20 \Windows\System32\windowsperformancerecordercontrol.dll 216 0x918b75622db0 \Windows\System32\NetSetupApi.dll 216 0x918b756230d0 \Windows\System32\fwpolicyiomgr.dll 216 0x918b756233f0 \Windows\System32\diagperf.dll 216 0x918b75623580 \Windows\System32\CatRoot 216 0x918b75623710 \Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx 216 0x918b756238a0 \Program Files\VMware\VMware Tools\VMware VGAuth\glib-2.0.dll 216 0x918b75623a30 \Windows\System32\pnpts.dll 216 0x918b75623bc0 \Program Files\VMware\VMware Tools\pcre.dll 216 0x918b75623d50 \Program Files\VMware\VMware Tools\VMware VGAuth\libeay32.dll 216 0x918b75623ee0 \Program Files\VMware\VMware Tools\VMware VGAuth\ssleay32.dll 216 0x918b75624200 \CMApi 216 0x918b75624520 \Windows\System32\winnlsres.dll 216 0x918b756246b0 \Windows\System32 216 0x918b75624840 \Windows\System32\tbs.dll 216 0x918b756249d0 \Program Files\VMware\VMware Tools\VMware VGAuth\libxml2.dll 216 0x918b75624e80 \Program Files\VMware\VMware Tools\vmtools.dll 216 0x918b756251a0 \Windows\System32\ProximityService.dll 216 0x918b75625330 \Windows\System32\vcruntime140.dll 216 0x918b756254c0 \Windows\System32\ProximityCommon.dll 216 0x918b75625650 \Windows\System32\vsstrace.dll 216 0x918b75625970 \Windows\System32\vssapi.dll 216 0x918b75625b00 \Dev\Query 216 0x918b75625c90 \Windows\System32\weretw.dll 216 0x918b75625e20 \Dev\Query 216 0x918b75664af0 \Windows\System32\drivers\vmmemctl.sys 216 0x918b75666640 \Windows\System32\drivers\mrxsmb20.sys 216 0x918b75667610 \Windows\System32\drivers\srvnet.sys 216 0x918b75667eb0 \$PrepareToShrinkFileSize 216 0x918b756685e0 \Windows\System32\drivers\mmcss.sys 216 0x918b75669890 \Windows\System32\drivers\mrxsmb10.sys 216 0x918b7566a580 \Windows\System32\drivers\PEAuth.sys 216 0x918b7566b100 \Windows\System32\drivers\Ndu.sys 216 0x918b7566e350 \Windows\System32\drivers\tcpipreg.sys 216 0x918b756729c0 \Windows\System32\drivers\srv2.sys 216 0x918b756c1100 \Dev\Query 216 0x918b756c1740 \Windows\System32\winevt\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx 216 0x918b756c1a60 \Windows\System32\npmproxy.dll 216 0x918b756c1bf0 \Dev\Query 216 0x918b756c1d80 \$Directory 216 0x918b756c2230 \Dev\Query 216 0x918b756c2550 \$Directory 216 0x918b756c26e0 \Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx 216 0x918b756c2870 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Widgets.dll 216 0x918b756c2a00 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe 216 0x918b756c2b90 \Windows\System32 216 0x918b756c2eb0 \Windows\System32\en-US\vsstrace.dll.mui 216 0x918b756c3360 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b756c34f0 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpSvc.dll 216 0x918b756c3680 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b756c3810 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpClient.dll 216 0x918b756c39a0 \$Directory 216 0x918b756c3cc0 \ProgramData\Microsoft\Windows\wfp\wfpdiag.etl 216 0x918b756c3e50 \$Directory 216 0x918b756c4170 \Dev\Query 216 0x918b756c4300 \Windows\System32\srumsvc.dll 216 0x918b756c4490 \$Extend\$ObjId:$O:$INDEX_ALLOCATION 216 0x918b756c4620 \Windows\System32\en-US\advapi32.dll.mui 216 0x918b756c4940 \Windows\System32\adhapi.dll 216 0x918b756c4970 䧈畬醋￿䧈畬醋￿ 0 0x918b756c4ad0 \$Extend\$ObjId 216 0x918b756c4df0 \Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4Operational.evtx 216 0x918b756c5110 \Windows\System32\iertutil.dll 216 0x918b756c52a0 \CMNotify 216 0x918b756c5430 \System Volume Information\tracking.log 216 0x918b756c5750 \Windows\System32\wfapigp.dll 216 0x918b756c58e0 \Windows\System32\secur32.dll 216 0x918b756c5c00 \Program Files\VMware\VMware Tools\VMware VGAuth\libxmlsec.dll 216 0x918b756c6240 \Program Files\VMware\VMware Tools\VMware VGAuth\libxmlsec-openssl.dll 216 0x918b756c63d0 \Windows\System32\ProximityCommonPal.dll 216 0x918b756c66f0 \Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx 216 0x918b756c6880 \CMApi 216 0x918b756c6a10 \Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4WHC.evtx 216 0x918b756c6ba0 \Dev\Query 216 0x918b756c6ec0 \Windows\System32\wbem\WMIsvc.dll 216 0x918b756c71e0 \$Directory 216 0x918b756c7370 \Windows\System32\ProximityServicePal.dll 216 0x918b756c7500 \Windows\System32\stdole2.tlb 216 0x918b756c7690 \Windows\System32\srvsvc.dll 216 0x918b756c7820 \Windows\System32\wbem\MOF 216 0x918b756c7b40 \CMApi 216 0x918b756c7cd0 \Windows\System32\wbemcomn.dll 216 0x918b756c8180 \Windows\System32\winevt\Logs\Microsoft-Windows-WebAuthN%4Operational.evtx 216 0x918b756c8310 \Windows\System32\wsock32.dll 216 0x918b756c8950 \Program Files\VMware\VMware Tools\VMware VGAuth\pcre.dll 216 0x918b756c8ae0 \Windows\System32\netmsg.dll 216 0x918b756c8c70 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b756c8e00 \Windows\System32\winevt\Logs\Microsoft-Windows-Partition%4Diagnostic.evtx 216 0x918b756c9120 \CMApi 216 0x918b756c9440 \Windows\System32\WPTaskScheduler.dll 216 0x918b756c95d0 \Windows\System32\es.dll 216 0x918b756c9760 \Windows\System32\pcasvc.dll 216 0x918b756c98f0 \Windows\System32\wpnservice.dll 216 0x918b756c9a80 \Windows\System32\en-US\propsys.dll.mui 216 0x918b756c9c10 \Windows\System32\wpncore.dll 216 0x918b756ca0c0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b756ca250 \Windows\System32\esent.dll 216 0x918b756ca3e0 \Windows\System32\MTFServer.dll 216 0x918b756ca570 \Windows\System32\Windows.Devices.Enumeration.dll 216 0x918b756ca700 \Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx 216 0x918b756ca890 \$Directory 216 0x918b756caa20 \gecko.4576.3988.14258203149884878546 216 0x918b756cabb0 \Windows\SysWOW64\WSHTCPIP.DLL 216 0x918b756caed0 \Program Files\VMware\VMware Tools\icudt44l.dat 216 0x918b756cb510 \Windows\System32\cdp.dll 216 0x918b756cb6a0 \Windows\System32\vsocklib.dll 216 0x918b756cb9c0 \pagefile.sys 216 0x918b756cbb50 \$Directory 216 0x918b756cc190 \$Directory 216 0x918b756cc960 \Windows\System32\winevt\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx 216 0x918b756ccaf0 \Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi 216 0x918b756ccc80 \Windows\Temp\vmware-vmsvc-SYSTEM.log 216 0x918b756cd2c0 \Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx 216 0x918b756cd5e0 \CMNotify 216 0x918b756cd900 \Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx 216 0x918b756cdc20 \Program Files\VMware\VMware Tools\plugins\common\hgfsServer.dll 216 0x918b756ce0d0 \Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx 216 0x918b756ce710 \Program Files\VMware\VMware Tools\hgfs.dll 216 0x918b756ce8a0 \CMApi 216 0x918b756ceee0 \Windows\System32\vfuprov.dll 216 0x918b756cf200 \Windows\System32\eeprov.dll 216 0x918b756cf390 \Windows\System32\nduprov.dll 216 0x918b756cf6b0 \$Directory 216 0x918b756cfb60 \Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx 216 0x918b756d01a0 \Windows\System32\mpr.dll 216 0x918b756d0330 \Windows\System32\dbgcore.dll 216 0x918b756d07e0 \Windows\System32\en-US\mscms.dll.mui 216 0x918b756d0b00 \Windows\System32\wpnsruprov.dll 216 0x918b756d0c90 \Windows\System32\ncuprov.dll 216 0x918b75726360 \Windows\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl 216 0x918b75786490 \ 216 0x918b75932290 \Windows\System32\srumapi.dll 216 0x918b759325b0 \Windows\System32\httpprxm.dll 216 0x918b75932740 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b759328d0 \$Directory 216 0x918b75932a60 \Windows\System32\adhsvc.dll 216 0x918b75932d80 \Windows\System32\winevt\Logs\Microsoft-Windows-Storage-Storport%4Operational.evtx 216 0x918b759330a0 \Windows\System32\winevt\Logs\Microsoft-Windows-Storage-Storport%4Health.evtx 216 0x918b75933230 \Windows\System32\energyprov.dll 216 0x918b759333c0 \Endpoint 216 0x918b75933550 \Windows\System32\SleepStudy\ScreenOn\ScreenOnPowerStudyTraceSession-2023-11-17-15-49-38.etl 216 0x918b759336e0 \Endpoint 216 0x918b75933870 \Endpoint 216 0x918b75933a00 \Windows\System32\taskhostw.exe 216 0x918b75933b90 \$Directory 216 0x918b75933d20 \Endpoint 216 0x918b759341d0 \Winsock2\CatalogChangeListener-3d0-0 216 0x918b759344f0 \Windows\System32\sscore.dll 216 0x918b75934680 \Windows\System32\en-US\wldap32.dll.mui 216 0x918b759349a0 \Endpoint 216 0x918b75934b30 \Program Files\VMware\VMware Tools\plugins\common\hgfsUsability.dll 216 0x918b75934e50 \Windows\System32\winevt\Logs\Microsoft-Windows-User Device Registration%4Admin.evtx 216 0x918b75935170 \Program Files\VMware\VMware Tools\plugins\common\vix.dll 216 0x918b75935300 \Windows\System32\en-US\iphlpsvc.dll.mui 216 0x918b75935490 \Windows\System32\sscoreext.dll 216 0x918b75935940 \CMApi 216 0x918b75935ad0 \swapfile.sys 216 0x918b75935c60 \Windows\System32\usoapi.dll 216 0x918b75935df0 \Program Files\VMware\VMware Tools\plugins\vmsvc\appInfo.dll 216 0x918b75936110 \Windows\System32\Windows.Shell.ServiceHostBuilder.dll 216 0x918b75936430 \Windows\System32\wmidcom.dll 216 0x918b759365c0 \$ConvertToNonresident 216 0x918b759368e0 \Windows\System32\resutils.dll 216 0x918b75937240 \Windows\System32\Windows.System.Launcher.dll 216 0x918b75937560 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b759376f0 \Windows\System32\mi.dll 216 0x918b75937880 \Windows\System32\en-US\taskhostw.exe.mui 216 0x918b75937a10 \Windows\Fonts\segoeuil.ttf 216 0x918b75937ba0 \Windows\System32\miutils.dll 216 0x918b75937d30 \$Directory 216 0x918b75937ec0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f\comctl32.dll 216 0x918b75938370 \Windows\System32\msvcp140.dll 216 0x918b75938500 \Windows\System32\clusapi.dll 216 0x918b75938690 \Program Files\VMware\VMware Tools\libeay32.dll 216 0x918b75938820 \ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db 216 0x918b759389b0 \ProgramData\Microsoft\Windows\Caches\cversions.2.db 216 0x918b75938b40 \ProgramData\VMware\VMware VGAuth\logfile.txt.0 216 0x918b75938cd0 \Program Files\VMware\VMware Tools\ssleay32.dll 216 0x918b75938e60 \Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx 216 0x918b75939310 \$Directory 216 0x918b759394a0 \Windows\System32\cmd.exe 216 0x918b75939630 \ProgramData\Microsoft\Diagnosis\ScenariosSqlStore\EventStore.db 216 0x918b759397c0 \Windows\System32\winevt\Logs\Microsoft-Windows-SMBClient%4Operational.evtx 216 0x918b75939950 \Program Files\VMware\VMware Tools\plugins\vmsvc\deployPkgPlugin.dll 216 0x918b75939ae0 \Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx 216 0x918b7593a120 \Program Files\VMware\VMware Tools\deployPkg.dll 216 0x918b7593a2b0 \$Directory 216 0x918b7593a440 \Windows\System32\wbem\wbemcore.dll 216 0x918b7593aa80 \Windows\System32\winevt\Logs\Microsoft-Windows-Containers-Wcifs%4Operational.evtx 216 0x918b7593ac10 \CMNotify 216 0x918b7593ada0 \ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db 216 0x918b7593b250 \$Directory 216 0x918b7593b570 \$Directory 216 0x918b7593b700 \Windows\System32\en-US\user32.dll.mui 216 0x918b7593b890 \Windows\SysWOW64\en-US\user32.dll.mui 216 0x918b7593bbb0 \CMNotify 216 0x918b7593bd40 \Windows\System32\wbem\wbemprox.dll 216 0x918b7593bed0 \Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx 216 0x918b7593c510 \Windows\System32\en-US\propsys.dll.mui 216 0x918b7593c9c0 \CMNotify 216 0x918b7593cce0 \CMNotify 216 0x918b7593ce70 \Windows 216 0x918b7593d320 \Winsock2\CatalogChangeListener-258-0 216 0x918b7593d4b0 \Windows\Prefetch\SVCHOST.EXE-7B92DD11.pf 216 0x918b7593d640 \CMNotify 216 0x918b7593d7d0 \CMNotify 216 0x918b7593daf0 \Endpoint 216 0x918b7593de10 \Windows\System32\provsvc.dll 216 0x918b7593e2c0 \Endpoint 216 0x918b7593e5e0 \srvsvc 216 0x918b7593e770 \Windows\System32\en-US\vsstrace.dll.mui 216 0x918b7593e900 \Windows\System32\wbem\esscli.dll 216 0x918b7593ec20 \Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Security.evtx 216 0x918b7593edb0 \Windows\System32\en-US\user32.dll.mui 216 0x918b7593f260 \Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Audit.evtx 216 0x918b7593f3f0 \Windows\System32\wbem\wbemsvc.dll 216 0x918b7593f580 \Output 216 0x918b7593f710 \$Directory 216 0x918b7593f8a0 \Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx 216 0x918b7593fa30 \Windows\System32\wbem\repdrvfs.dll 216 0x918b7593fbc0 \Input 216 0x918b7593fee0 \Windows\System32\dosvc.dll 216 0x918b75940200 \Windows\Registration\R000000000006.clb 216 0x918b75940390 \Windows\System32\en-US\dosvc.dll.mui 216 0x918b75940520 \Windows\Registration\R000000000006.clb 216 0x918b759406b0 \Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Security.evtx 216 0x918b75940840 \Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Operational.evtx 216 0x918b75940a00 ੘疔醋￿੘疔醋￿ 0 0x918b75940b60 \Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx 216 0x918b75940e80 \Program Files\VMware\VMware Tools\plugins\vmsvc\diskWiper.dll 216 0x918b759411a0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\INetCache\MSIMGSIZ.DAT 216 0x918b75941330 \Windows\System32\wbem\fastprox.dll 216 0x918b759414c0 \Windows\System32\wbem\wmiutils.dll 216 0x918b75941b00 \Windows\System32\en-US\propsys.dll.mui 216 0x918b75941e20 \Program Files\VMware\VMware Tools\plugins\vmsvc\guestInfo.dll 216 0x918b75a9c100 \Program Files\VMware\VMware Tools\plugins\vmsvc\guestStore.dll 216 0x918b75a9c290 \CMApi 216 0x918b75a9c420 \CMNotify 216 0x918b75a9c740 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b75a9c8d0 \Endpoint 216 0x918b75a9ca60 \Windows\System32\Windows.Security.Authentication.OnlineId.dll 216 0x918b75a9cbf0 \$Directory 216 0x918b75a9cd80 \Windows\Registration\R000000000006.clb 216 0x918b75a9d0a0 \Windows\Registration\R000000000006.clb 216 0x918b75a9d230 \Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx 216 0x918b75a9d3c0 \vgauth-service 216 0x918b75a9d550 \$Directory 216 0x918b75a9d6e0 \Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx 216 0x918b75a9d870 \Windows\System32\wbem\Repository\MAPPING1.MAP 216 0x918b75a9da00 \Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Audit.evtx 216 0x918b75a9db90 \Program Files\VMware\VMware Tools\plugins\vmsvc\hwUpgradeHelper.dll 216 0x918b75a9dd20 \Windows\System32\wbem\Repository\MAPPING3.MAP 216 0x918b75a9deb0 \Windows\System32\svchost.exe 216 0x918b75a9e1d0 \Windows\System32\wbem\Repository\INDEX.BTR 216 0x918b75a9e360 \Program Files\VMware\VMware Tools\plugins\vmsvc\powerOps.dll 216 0x918b75a9e4f0 \Windows\System32\wbem\Repository\MAPPING2.MAP 216 0x918b75a9e680 \Windows\System32\wbem\Repository\OBJECTS.DATA 216 0x918b75a9e810 \Windows\System32\Windows.UI.Immersive.dll 216 0x918b75a9e9a0 \Windows\System32\SearchFilterHost.exe 216 0x918b75a9eb30 \Program Files\VMware\VMware Tools\plugins\vmsvc\resolutionSet.dll 216 0x918b75a9ecc0 \Program Files\VMware\VMware Tools\plugins\vmsvc\timeSync.dll 216 0x918b75a9ee50 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\ls\data.sqlite 216 0x918b75a9f170 \Program Files\VMware\VMware Tools\plugins\vmsvc\vmbackup.dll 216 0x918b75a9f490 \Windows\Registration\R000000000006.clb 216 0x918b75a9f620 \ProgramData\Microsoft\Windows Defender\Support\MPLog-20231116-212734.log 216 0x918b75a9f7b0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777 216 0x918b75a9f940 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 216 0x918b75a9fad0 \Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx 216 0x918b75a9fc60 \Windows\Prefetch\SVCHOST.EXE-922543B0.pf 216 0x918b75a9fdf0 \$Directory 216 0x918b75aa0110 \Windows\System32\MpSigStub.exe 216 0x918b75aa02a0 \Users\santa\Desktop\desktop.ini 216 0x918b75aa0430 \Windows\System32\comsvcs.dll 216 0x918b75aa05c0 \Windows\SysWOW64\linkinfo.dll 216 0x918b75aa0750 \$Directory 216 0x918b75aa08e0 \ProgramData\Microsoft\Diagnosis\EventStore.db 216 0x918b75aa0a70 \$Directory 216 0x918b75aa0c00 \Windows\System32\dllhost.exe 216 0x918b75aa0d90 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b75aa10b0 \Windows\System32\spinf.dll 216 0x918b75aa1240 \$Directory 216 0x918b75aa13d0 \$Directory 216 0x918b75aa1560 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b75aa16f0 \Windows\System32\taskschd.dll 216 0x918b75aa1880 \Windows\System32\dllhost.exe 216 0x918b75aa1a10 \Windows\System32 216 0x918b75aa1d30 \Windows\Registration\R000000000006.clb 216 0x918b75aa21e0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b75aa2370 \$Directory 216 0x918b75aa2500 \Windows\System32\srvcli.dll 216 0x918b75aa2690 \Windows\System32\en-US\twinapi.appcore.dll.mui 216 0x918b75aa2820 \Windows\System32\comsvcs.dll 216 0x918b75aa29b0 \Windows\System32\bcd.dll 216 0x918b75aa2b40 \ProgramData\Microsoft\Diagnosis\EventStore.db-wal 216 0x918b75aa2cd0 \Windows\System32\winevt\Logs\Microsoft-Windows-UniversalTelemetryClient%4Operational.evtx 216 0x918b75aa2e60 \Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4FirewallDiagnostics.evtx 216 0x918b75aa3180 \ProgramData\Microsoft\Windows Defender\Support\MPScanSkip-20231117-153013.log 216 0x918b75aa34a0 \Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx 216 0x918b75aa3630 \$Directory 216 0x918b75aa37c0 \Windows\System32\DWrite.dll 216 0x918b75aa3950 \Windows\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{6682993A-C0E8-4D3F-BF57-F45542DC534B}.crmlog 216 0x918b75aa3ae0 \ProgramData\Microsoft\Windows Defender\Support\MPDeviceControl-20231117-153013.log 216 0x918b75aa3c70 \$Directory 216 0x918b75aa3e00 \ProgramData\Microsoft\Diagnosis\EventStore.db-shm 216 0x918b75aa4120 \ProgramData\Microsoft\Windows Defender\Support\MpWppTracing-20231117-154944-00000003-ffffffff.bin 216 0x918b75aa42b0 \Windows\System32\txflog.dll 216 0x918b75aa45d0 \ProgramData\Microsoft\Windows Defender\Support\MPDetection-20231116-212734.log 216 0x918b75aa4760 \Windows\Registration\R000000000006.clb 216 0x918b75aa48f0 \Windows\System32\FlightSettings.dll 216 0x918b75aa4a80 \Windows\System32\stdole2.tlb 216 0x918b75aa4c10 \Windows\System32\mskeyprotect.dll 216 0x918b75aa4da0 \Windows\System32\BcastDVRCommon.dll 216 0x918b75aa50c0 \Windows\System32\bcastdvruserservice.dll 216 0x918b75aa5250 \$Directory 216 0x918b75aa53e0 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\GameBar.exe 216 0x918b75aa5570 \Windows\System32\comres.dll 216 0x918b75aa5700 \Windows\SysWOW64\Windows.ApplicationModel.dll 216 0x918b75aa5890 \Windows\System32\mtxoci.dll 216 0x918b75aa5a20 \$Directory 216 0x918b75aa5bb0 \$Directory 216 0x918b75aa5d40 \Windows\System32\xolehlp.dll 216 0x918b75aa5ed0 \Windows\System32\ktmw32.dll 216 0x918b75aa61f0 \Windows\System32\sspicli.dll 216 0x918b75aa6380 \Windows\System32\mtxclu.dll 216 0x918b75aa66a0 \ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db 216 0x918b75aa6830 \ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db-shm 216 0x918b75aa69c0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b75aa6b50 \Windows\System32\msdtc.exe 216 0x918b75aa6ce0 \Windows\System32\en-US\combase.dll.mui 216 0x918b75aa6e70 \Windows\System32\amsi.dll 216 0x918b75aa7190 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b75aa7320 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db 216 0x918b75aa74b0 \ProgramData\Microsoft\Diagnosis\ScenariosSqlStore\EventStore.db-wal 216 0x918b75aa7640 \Windows\System32\cscapi.dll 216 0x918b75aa77d0 \ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db-wal 216 0x918b75aa7960 \Windows\Registration\R000000000006.clb 216 0x918b75aa7af0 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpOAV.dll 216 0x918b75aa7c80 \Windows\System32\Windows.UI.Core.TextInput.dll 216 0x918b75aa7e10 \Windows\System32 216 0x918b75aa8130 \Windows\System32\msdtcprx.dll 216 0x918b75aa82c0 \Windows\Fonts\segoeui.ttf 216 0x918b75aa8450 \ProgramData\Microsoft\Windows Defender\Support\MpWppTracing-20231117-154944-00000003-ffffffff.bin 216 0x918b75aa85e0 \ProgramData\Microsoft\Diagnosis\ScenariosSqlStore\EventStore.db-shm 216 0x918b75aa8a90 \Windows\System32\storewuauth.dll 216 0x918b75aa8db0 \Windows\System32\en-US\msdtcVSp1res.dll.mui 216 0x918b75aa90d0 \Windows\System32\wbem\WmiPrvSD.dll 216 0x918b75aa9260 \Windows\System32\MsDtc\Trace\dtctrace.log 216 0x918b75aa93f0 \Windows\System32\wbem\wbemess.dll 216 0x918b75aa9580 \Windows\Registration\R000000000006.clb 216 0x918b75aa9710 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\cache2\entries\90986EF1909EF6B5244F9775F7FBF9E3ADD68DE9 216 0x918b75aa9a30 \Windows\System32\OneCoreCommonProxyStub.dll 216 0x918b75aa9d50 \ProgramData\Microsoft\Diagnosis\Sideload 216 0x918b75aa9ee0 \Device\HarddiskVolume4\Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat{80f87ee9-850a-11ee-b495-000c29cb6a43}.TM 216 0x918b75aaa200 \Windows\System32\en-US\msdtc.exe.mui 216 0x918b75aaa390 \Windows\System32\msdtctm.dll 216 0x918b75aaa6b0 \Windows\System32\ncobjapi.dll 216 0x918b75aaa840 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\Drivers\WdNisDrv.sys 216 0x918b75aaa9d0 \Windows\System32\msdtclog.dll 216 0x918b75aaab60 \$Directory 216 0x918b75aaae80 \wkssvc 216 0x918b75aab330 \Windows\System32\MsDtc\MSDTC.LOG 216 0x918b75aab4c0 \Windows\System32\Windows.UI.Xaml.Resources.19h1.dll 216 0x918b75aab650 \CMApi 216 0x918b75aab970 \Device\HarddiskVolume4\Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat{80f87ee9-850a-11ee-b495-000c29cb6a43}.TM 216 0x918b75aabb00 \Windows\System32\aepic.dll 216 0x918b75aabe20 \Windows\System32\TileDataRepository.dll 216 0x918b75c24150 \Windows\System32\Windows.Globalization.dll 216 0x918b75c242e0 \Windows\System32 216 0x918b75c24470 \Windows\System32\catsrv.dll 216 0x918b75c24600 \Windows\System32\winevt\Logs\Parameters.evtx 216 0x918b75c24790 \Windows\appcompat\Programs\Amcache.hve.LOG2 216 0x918b75c24ab0 \Windows\System32\spp\store\2.0\data.dat 216 0x918b75c24c40 \$Directory 216 0x918b75c24dd0 \Windows\System32 216 0x918b75c250f0 \Windows\appcompat\Programs\Amcache.hve.LOG1 216 0x918b75c25280 \Windows\System32\en-US\winhttp.dll.mui 216 0x918b75c25410 \Windows\Fonts\seguisb.ttf 216 0x918b75c255a0 \Windows\System32\catsrvut.dll 216 0x918b75c25730 \Windows\appcompat\Programs\Amcache.hve 216 0x918b75c258c0 \$Directory 216 0x918b75c25a50 \Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx 216 0x918b75c25d70 \Windows\System32\wbem\WmiPrvSE.exe 216 0x918b75c26090 \Windows\System32\mfcsubs.dll 216 0x918b75c26220 \Windows\System32\Windows.StateRepositoryCore.dll 216 0x918b75c263b0 \Windows\Registration\R000000000006.clb 216 0x918b75c26540 \Windows\Fonts\consola.ttf 216 0x918b75c266d0 \Windows\System32\notepad.exe 216 0x918b75c26860 \Windows\System32\AppxAllUserStore.dll 216 0x918b75c269f0 \Windows\System32\catsrvps.dll 216 0x918b75c26d10 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b75c26ea0 \Windows\System32\directmanipulation.dll 216 0x918b75c271c0 \Windows\System32\en-US\notepad.exe.mui 216 0x918b75c27800 \Windows\System32\Windows.UI.Xaml.InkControls.dll 216 0x918b75c27990 \$Directory 216 0x918b75c27b20 \CMApi 216 0x918b75c27cb0 \Windows\System32\Windows.UI.Xaml.Maps.dll 216 0x918b75c28160 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b75c287a0 \$Directory 216 0x918b75c28930 \Windows\System32\msxml6.dll 216 0x918b75c28ac0 \Windows\System32\msxml6r.dll 216 0x918b75c28c50 \$Directory 216 0x918b75c28de0 \Windows\System32\Windows.UI.Xaml.Phone.dll 216 0x918b75c29100 \Windows\System32\wbem\cimwin32.dll 216 0x918b75c29290 \CMApi 216 0x918b75c295b0 \Windows\System32 216 0x918b75c29740 \Windows\System32\spp\store\2.0\data.dat 216 0x918b75c298d0 \Windows\System32\en-US\notepad.exe.mui 216 0x918b75c29a60 \Windows\Registration\R000000000006.clb 216 0x918b75c29d80 \Windows\System32\framedynos.dll 216 0x918b75c2a0a0 \Windows\System32\en-US\user32.dll.mui 216 0x918b75c2a230 \Windows\Registration\R000000000006.clb 216 0x918b75c2a3c0 \Windows\System32\sppwinob.dll 216 0x918b75c2aa00 \Windows\Fonts\StaticCache.dat 216 0x918b75c2ad20 \Windows\System32\fltLib.dll 216 0x918b75c2aeb0 \Windows\Fonts\mmrtextb.ttf 216 0x918b75c2b680 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite 216 0x918b75c2b810 \Windows\Registration\R000000000006.clb 216 0x918b75c2bcc0 \Windows\System32\wscapi.dll 216 0x918b75c2be50 \Windows\Fonts\seguisb.ttf 216 0x918b75c2c300 \Windows\Registration\R000000000006.clb 216 0x918b75c2c490 \CMApi 216 0x918b75c2c620 \Windows\System32\Windows.UI.Xaml.Controls.dll 216 0x918b75c2c7b0 \Windows\System32\pkeyhelper.dll 216 0x918b75c2c940 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b75c2c970 질痂醋￿질痂醋￿ 0 0x918b75c2cc60 \Windows\System32\wbem\en-US\cimwin32.dll.mui 216 0x918b75c2cdf0 \Windows\SystemResources\notepad.exe.mun 216 0x918b75c2d430 \Windows\explorer.exe 216 0x918b75c2d750 \$Directory 216 0x918b75c2d8e0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite-shm 216 0x918b75c2da70 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite-shm 216 0x918b75c2dc00 \Users\santa\ntuser.dat.LOG1 216 0x918b75c2e3d0 \Windows\Registration\R000000000006.clb 216 0x918b75c2e560 \$Directory 216 0x918b75c2e6f0 \Windows\System32\normidna.nls 216 0x918b75c2e880 \Windows\System32\CertEnroll.dll 216 0x918b75c2eba0 \Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx 216 0x918b75c2ed30 \$Directory 216 0x918b75c2eec0 \$Directory 216 0x918b75c2f1e0 \Windows\Fonts\segoeuisl.ttf 216 0x918b75c2f690 \Users\santa\NTUSER.DAT 216 0x918b75c2f820 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite-wal 216 0x918b75c2fb40 \$Directory 216 0x918b75c2fcd0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite 216 0x918b75c2fe60 \$Directory 216 0x918b75c30180 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite-wal 216 0x918b75c30310 \Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx 216 0x918b75c304a0 \Windows\Fonts\StaticCache.dat 216 0x918b75c307c0 \$Directory 216 0x918b75c30950 \$Directory 216 0x918b75c30c70 \$Directory 216 0x918b75c30e00 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 216 0x918b75c31120 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 216 0x918b75c312b0 \$Directory 216 0x918b75c31440 \Device\HarddiskVolume4\Users\santa\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b75c315d0 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat{80f87ee9-850a-11ee-b495-000c29cb6a43}.TMContainer00000000000000000002.regtrans-ms 216 0x918b75c31760 \$Directory 216 0x918b75c318f0 \Windows\System32\IDStore.dll 216 0x918b75c31c10 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat{80f87ee9-850a-11ee-b495-000c29cb6a43}.TMContainer00000000000000000001.regtrans-ms 216 0x918b75c31da0 \$Directory 216 0x918b75c320c0 \Users\santa\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b75c32250 \Device\HarddiskVolume4\Users\santa\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b75c32570 \Users\santa\ntuser.dat.LOG2 216 0x918b75c32890 \$Directory 216 0x918b75c32a20 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat 216 0x918b75c32bb0 \$Directory 216 0x918b75c32d40 \Users\santa\AppData\Local\Microsoft\Windows\UsrClass.dat{80f87ee9-850a-11ee-b495-000c29cb6a43}.TM.blf 216 0x918b75c32ed0 \Users\santa\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b75c331f0 \$Directory 216 0x918b75c33380 \$Directory 216 0x918b75c33510 \$Directory 216 0x918b75c33830 \Users\santa\NTUSER.DAT{fd9a35db-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b75c339c0 \Windows\System32\Windows.CloudStore.dll 216 0x918b75c33b50 \CMApi 216 0x918b75c33ce0 \Windows\System32\en-US\combase.dll.mui 216 0x918b75c33e70 \Windows\System32\en-US\dps.dll.mui 216 0x918b75c34190 \Windows\System32\en-US\winmmbase.dll.mui 216 0x918b75c34320 \$Directory 216 0x918b75c344b0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b75c34640 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b75c34960 \Windows\System32\en-US\sysmain.dll.mui 216 0x918b75c34c80 \Windows\System32\en-US\svchost.exe.mui 216 0x918b75c34e10 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite-wal 216 0x918b75c352c0 \$Directory 216 0x918b75c355e0 \$Directory 216 0x918b75c35770 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b75c35900 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\content-prefs.sqlite 216 0x918b75c35a90 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd 216 0x918b75c35c20 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd 216 0x918b75c35db0 \$Directory 216 0x918b75c360d0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite 216 0x918b75c36260 \Windows\System32\svchost.exe 216 0x918b75c363f0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite 216 0x918b75c36580 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite-wal 216 0x918b75c36710 \Windows\Registration\R000000000006.clb 216 0x918b75c36a30 \Windows\System32 216 0x918b75c36bc0 \$Directory 216 0x918b75c36d50 \$Directory 216 0x918b75c37200 \Windows\System32\SmartCardBackgroundPolicy.dll 216 0x918b75c376b0 \Windows\Fonts\palab.ttf 216 0x918b75c37840 \Windows\Fonts\pala.ttf 216 0x918b75c37cf0 \Windows\Fonts\palabi.ttf 216 0x918b75c37e80 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd-shm 216 0x918b75c38330 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.18362.1_neutral__cw5n1h2txyewy\ActivationStore.dat 216 0x918b75c384c0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b75c387e0 \gecko.4576.3988.14086781544336770055 216 0x918b75c38b00 \Windows\System32\sppobjs.dll 216 0x918b75c392d0 \$Directory 216 0x918b75c39780 \gecko.4576.3988.14086781544336770055 216 0x918b75c39910 \Windows\Fonts\times.ttf 216 0x918b75c39c30 \Windows\System32\en-US\lsm.dll.mui 216 0x918b75c3a0e0 \Windows\System32\wbem\WmiPrvSE.exe 216 0x918b75c3a270 \Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx 216 0x918b75c3a590 \$Directory 216 0x918b75c3a720 \Windows\Fonts\palai.ttf 216 0x918b75c3aa40 \Windows\System32\en-US\user32.dll.mui 216 0x918b75c3abd0 \Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Operational.evtx 216 0x918b75c3b080 \Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx 216 0x918b75c3b530 \Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Debug.evtx 216 0x918b75c3b6c0 \Windows\System32\certca.dll 216 0x918b75c3b850 \Windows\Fonts\segoescb.ttf 216 0x918b75c3bb70 \Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx 216 0x918b75c3bd00 \Windows\System32 216 0x918b75c3be90 \Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx 216 0x918b75c3c1b0 \$Directory 216 0x918b75c3c340 \Windows\Registration\R000000000006.clb 216 0x918b75c3c4d0 \Windows\Fonts\segoeprb.ttf 216 0x918b75c3c660 \Windows\System32\pdh.dll 216 0x918b75c3c980 \Windows\System32\AppXDeploymentServer.dll 216 0x918b75c3cca0 \Windows\System32\wbem\WmiPerfClass.dll 216 0x918b75c3ce30 \Windows\Fonts\segoesc.ttf 216 0x918b75c3d790 \Windows\System32\dmcmnutils.dll 216 0x918b75c3d920 \Windows\System32\omadmapi.dll 216 0x918b75c3dab0 \$Directory 216 0x918b75c3dc40 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpRtp.dll 216 0x918b75c3ddd0 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe 216 0x918b75c3f090 \ProgramData\Microsoft\Windows Defender\Scans\MpDiag.bin 216 0x918b75c3f540 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCommu.dll 216 0x918b75c3f6d0 \Windows\System32\mdmregistration.dll 216 0x918b75c3f860 \ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\80A0E259-2BD8-4DD7-A23C-FCBC9D6451B7-0.bin 216 0x918b75c40800 \Windows\System32\mshtml.dll 216 0x918b75c412f0 \Windows\System32\iri.dll 216 0x918b75c42290 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpengine.dll 216 0x918b75c42740 \$Directory 216 0x918b75c430a0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b75c43550 \Users\santa\AppData\Local\Microsoft\Windows\Burn 216 0x918b75c436e0 \Windows\System32\en-US\mshtml.dll.mui 216 0x918b75d77150 \Windows\ImmersiveControlPanel\SystemSettings.exe 216 0x918b75d772e0 \Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll 216 0x918b75d77470 \Windows\System32\ucrtbase_clr0400.dll 216 0x918b75d77600 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.67 216 0x918b75d77790 \$Directory 216 0x918b75d77920 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b75d77950 禨痗醋￿禨痗醋￿ 0 0x918b75d77ab0 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.E6 216 0x918b75d77c40 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.DB 216 0x918b75d77dd0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpavdlta.vdm 216 0x918b75d780f0 \Windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll 216 0x918b75d78280 \Windows\System32\WofUtil.dll 216 0x918b75d785a0 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.A0 216 0x918b75d78730 \Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb 216 0x918b75d788c0 \Windows\System32\vcruntime140_clr0400.dll 216 0x918b75d78a50 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.6C 216 0x918b75d78d70 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.80 216 0x918b75d79090 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpasbase.vdm 216 0x918b75d79220 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.87 216 0x918b75d79540 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpavbase.vdm 216 0x918b75d796d0 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.7E 216 0x918b75d79860 \Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb 216 0x918b75d79b80 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpasdlta.vdm 216 0x918b75d79d10 \Program Files\Windows Defender\en-US\shellext.dll.mui 216 0x918b75d79ea0 \Windows\System32\mscoree.dll 216 0x918b75d7a1c0 \Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 216 0x918b75d7a350 \Windows\System32\svchost.exe 216 0x918b75d7a4e0 \Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb 216 0x918b75d7a670 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b75d7ae40 \Windows\System32\ssdpsrv.dll 216 0x918b75d7b2f0 \Windows\System32\upnp.dll 216 0x918b75d7b610 \Endpoint 216 0x918b75d7b7a0 \Endpoint 216 0x918b75d7b930 \Endpoint 216 0x918b75d7bac0 \Endpoint 216 0x918b75d7bc50 \Endpoint 216 0x918b75d7c100 \Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb 216 0x918b75d7c290 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm 216 0x918b75d7c420 \Windows\System32 216 0x918b75d7c740 \Endpoint 216 0x918b75d7ca60 \Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb.jfm 216 0x918b75d7cbf0 \Endpoint 216 0x918b75d7d0a0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b75d7d230 \Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb.jfm 216 0x918b75d7d3c0 \Endpoint 216 0x918b75d7d6e0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b75d7d870 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.7C 216 0x918b75d7da00 \Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx 216 0x918b75d7db90 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.83 216 0x918b75d7dd20 \CMApi 216 0x918b75d7e1d0 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.79 216 0x918b75d7e4f0 \CMNotify 216 0x918b75d7e680 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b75d7e810 \Windows\System32\en-US\themeui.dll.mui 216 0x918b75d7e9a0 \$Directory 216 0x918b75d7eb30 \Windows\System32\en-US\sysmain.dll.mui 216 0x918b75d7ecc0 \Windows\Fonts\times.ttf 216 0x918b75d7f170 \ProgramData\Microsoft\Windows Defender\Scans\mpcache-80D920E3D804BCBC8CEBFB05C3A2284D99FCC016.bin.01 216 0x918b75d7f300 \$Directory 216 0x918b75d7f620 \CMNotify 216 0x918b75d7f7b0 \CMNotify 216 0x918b75d7f940 \Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 216 0x918b75d7fad0 \CMNotify 216 0x918b75d7fc60 \$Directory 216 0x918b75d7fdf0 \Windows\Prefetch\PfPre_e075aaec.mkd 216 0x918b75d80110 \CMNotify 216 0x918b75d802a0 \Windows\System32\en-US\Windows.Storage.Search.dll.mui 216 0x918b75d80750 \ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db 216 0x918b75d80a70 \$ConvertToNonresident 216 0x918b75d80c00 \Windows\ImmersiveControlPanel\resources.pri 216 0x918b75d80d90 \ProgramData\Microsoft\Windows Defender\Definition Updates\Updates 216 0x918b75d810b0 \$Directory 216 0x918b75d81240 \Windows\System32\en-US\combase.dll.mui 216 0x918b75d813d0 \CMApi 216 0x918b75d81560 \$Directory 216 0x918b75d816f0 \Windows\en-US\explorer.exe.mui 216 0x918b75d81880 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b75d81a10 \$Directory 216 0x918b75d81ba0 \Windows\System32\winevt\Logs\Microsoft-Windows-WinRM%4Operational.evtx 216 0x918b75d81d30 \ProgramData\Microsoft\Windows Defender\IMpService77BDAF73-B396-481F-9042-AD358843EC24.lock 216 0x918b75d81ec0 \Windows\System32\Windows.StateRepositoryPS.dll 216 0x918b75d821e0 \Windows\System32\cryptnet.dll 216 0x918b75d82500 \lsass 216 0x918b75d82690 \ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db-shm 216 0x918b75d829b0 \ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db-wal 216 0x918b75d829e0 ⨸痘醋￿⨸痘醋￿ 29716 0x918b75d82b40 \ProgramData\Microsoft\Windows Defender\IMpDlpService77BDAF73-B396-481F-9042-AD358843EC24.lock 216 0x918b75d82cd0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows-managed.dll 216 0x918b75d83310 \ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db 216 0x918b75d834a0 \$Directory 216 0x918b75d837c0 \Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx 216 0x918b75d83950 \Windows\System32 216 0x918b75d83ae0 \Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Safety\network\local\sinkholeCache 216 0x918b75d83c70 \Windows\System32\en-US\QuietHours.dll.mui 216 0x918b75d83e00 \Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.32530.0_x64__8wekyb3d8bbwe\vccorlib140_app.dll 216 0x918b75d84120 \gecko.4576.3988.9916641259275048487 216 0x918b75d842b0 \gecko.4576.3988.9916641259275048487 216 0x918b75d84440 \Windows\System32\NotificationController.dll 216 0x918b75d845d0 \Windows\System32\en-US\lsm.dll.mui 216 0x918b75d84760 \CMApi 216 0x918b75d848f0 \Windows\System32\wininet.dll 216 0x918b75d84a80 \Windows\System32 216 0x918b75d84c10 \$Directory 216 0x918b75d850c0 \Windows\System32\sihost.exe 216 0x918b75d85250 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe 216 0x918b75d853e0 \$Directory 216 0x918b75d85570 \CMNotify 216 0x918b75d85700 \Windows\Registration\R000000000006.clb 216 0x918b75d85890 \Windows\System32\svchost.exe 216 0x918b75d85a20 \$Directory 216 0x918b75d861f0 \Windows\System32 216 0x918b75d86510 \Windows\System32\en-US\winsrv.dll.mui 216 0x918b75d866a0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b75d86830 \Windows\System32\en-US\user32.dll.mui 216 0x918b75d869c0 \Windows\System32\cdpusersvc.dll 216 0x918b75d86b50 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log 216 0x918b75d87320 \Windows\Fonts\SitkaB.ttc 216 0x918b75d874b0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b75d87640 \Windows\System32\en-US\taskhostw.exe.mui 216 0x918b75d877d0 \$Directory 216 0x918b75d87960 \Windows\System32 216 0x918b75d87990 秨痘醋￿秨痘醋￿ 0 0x918b75d87af0 \Windows\System32\DesktopShellExt.dll 216 0x918b75d87c80 \$Directory 216 0x918b75d87e10 \Program Files\WindowsApps\Microsoft.XboxGameOverlay_1.54.4001.0_x64__8wekyb3d8bbwe 216 0x918b75d882c0 \Windows\Registration\R000000000006.clb 216 0x918b75d88450 \$Directory 216 0x918b75d88770 \$Directory 216 0x918b75d88900 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\CacheStorage\CacheStorage.edb 216 0x918b75d88a90 \Windows\System32\MsCtfMonitor.dll 216 0x918b75d88c20 \Windows\System32\PlaySndSrv.dll 216 0x918b75d890d0 \Windows\System32\WpnUserService.dll 216 0x918b75d89260 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cert9.db 216 0x918b75d893f0 \Dev\Query 216 0x918b75d89580 \Windows\System32\taskhostw.exe 216 0x918b75d898a0 \Dev\Query 216 0x918b75d89a30 \Windows\Registration\R000000000006.clb 216 0x918b75d89bc0 \$Directory 216 0x918b75d89d50 \Windows\System32\Windows.Networking.Connectivity.dll 216 0x918b75d8a200 \CMApi 216 0x918b75d8a520 \Windows\System32\QuietHours.dll 216 0x918b75d8a6b0 \Windows\System32\ExecModelClient.dll 216 0x918b75d8a9d0 \Windows\System32\ClipboardServer.dll 216 0x918b75d8ab60 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b75d8acf0 \Windows\System32\SecureTimeAggregator.dll 216 0x918b75d8ae80 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData 216 0x918b75d8b1a0 \Windows\System32\WinBioPlugIns\FaceBootstrapAdapter.dll 216 0x918b75d8b4c0 \Windows\System32\msutb.dll 216 0x918b75d8b650 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b75d8b7e0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b75d8b970 \Windows\System32\ActivationManager.dll 216 0x918b75d8bb00 \Windows\System32\wcmapi.dll 216 0x918b75d8bc90 \Windows\System32\ncryptsslp.dll 216 0x918b75d8c140 \Windows\System32\ncryptprov.dll 216 0x918b75d8c2d0 \Windows\System32\dssenh.dll 216 0x918b75d8c460 \Windows\System32\TabSvc.dll 216 0x918b75d8c780 \$Directory 216 0x918b75d8caa0 \CMNotify 216 0x918b75d8cc30 \Windows\System32\ctfmon.exe 216 0x918b75d8cdc0 \Windows\System32\en-US\MsCtfMonitor.dll.mui 216 0x918b75d8d0e0 \Windows\System32\winevt\Logs\Microsoft-Windows-LiveId%4Operational.evtx 216 0x918b75d8d400 \CMNotify 216 0x918b75d8d590 \Windows\System32\TokenBroker.dll 216 0x918b75d8d720 \Windows\System32 216 0x918b75d8da40 \$Directory 216 0x918b75d8dbd0 \Windows\System32\en-US\ctfmon.exe.mui 216 0x918b75d8dd60 \Windows\System32\AppointmentActivation.dll 216 0x918b75d8def0 \Users\santa\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-shm 216 0x918b75d8e530 \Users\santa\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-wal 216 0x918b75d8e6c0 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\V01.loglogog 216 0x918b75d8e9e0 \Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 216 0x918b75d8eb70 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b75d8f1b0 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat 216 0x918b75d8f340 \Windows\System32\BitsProxy.dll 216 0x918b75d8f4d0 \$Directory 216 0x918b75d8f660 \CMApi 216 0x918b75d8f7f0 \$Directory 216 0x918b75d8f980 \Windows\System32\modernexecserver.dll 216 0x918b75d8fb10 \Windows\System32\en-US\winmm.dll.mui 216 0x918b75d8fca0 \$Directory 216 0x918b75d8fe30 \Users\santa\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db 216 0x918b75d90150 \Windows\System32\InputService.dll 216 0x918b75d90600 \Endpoint 216 0x918b75d90790 \Windows\System32\SebBackgroundManagerPolicy.dll 216 0x918b75d90920 \Windows\System32 216 0x918b75d90c40 \Windows\System32\svchost.exe 216 0x918b75d910f0 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm 216 0x918b75d91280 \Windows\System32\en-US\localspl.dll.mui 216 0x918b75d91410 \Windows\System32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll 216 0x918b75d915a0 \Windows\System32\ACPBackgroundManagerPolicy.dll 216 0x918b75d91730 \Windows\System32\Windows.ApplicationModel.dll 216 0x918b75d918c0 \Windows\System32\Windows.Security.Authentication.Web.Core.dll 216 0x918b75d91a50 \Windows\System32\en-US\svchost.exe.mui 216 0x918b75d91be0 \LOCAL\cubeb-pipe-4576-13 216 0x918b75d91d70 \Windows\System32\WindowManagement.dll 216 0x918b75d923b0 \Windows\System32\perfdisk.dll 216 0x918b75d92540 \Windows\System32\execmodelproxy.dll 216 0x918b75d926d0 \Windows\System32\en-US\cmd.exe.mui 216 0x918b75d92860 \Windows\System32\PrintIsolationProxy.dll 216 0x918b75d929f0 \Windows\System32\tokenbinding.dll 216 0x918b75d92b80 \Windows\System32\BackgroundMediaPolicy.dll 216 0x918b75d92d10 \CMApi 216 0x918b75d92ea0 \Windows\System32\notificationplatformcomponent.dll 216 0x918b75d931c0 \Windows\System32\TextInputMethodFormatter.dll 216 0x918b75d93350 \Windows\System32\ShareHost.dll 216 0x918b75d93800 \Windows\System32\localspl.dll 216 0x918b75d93990 \CMApi 216 0x918b75d93cb0 \Windows\System32\spoolss.dll 216 0x918b75d93e40 \Windows\System32\dui70.dll 216 0x918b75d942f0 \Endpoint 216 0x918b75d94480 \Windows\System32\perfos.dll 216 0x918b75d94610 \Windows\System32\sfc_os.dll 216 0x918b75d94930 \Windows\Registration\R000000000006.clb 216 0x918b75d94c50 \Windows\System32\FXSMON.dll 216 0x918b75d95100 \Windows\System32\rasman.dll 216 0x918b75d95420 \CMNotify 216 0x918b75d955b0 \Windows\System32\AppContracts.dll 216 0x918b75d95740 \Windows\System32\AppMon.dll 216 0x918b75d958d0 \Windows\System32\winspool.drv 216 0x918b75d95a60 \Program Files (x86)\Mozilla Firefox 216 0x918b75d95bf0 \Windows\System32\wpnprv.dll 216 0x918b75d95d80 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b75d96550 \$Directory 216 0x918b75d96870 \CMApi 216 0x918b75d96b90 \Windows\Fonts\segmdl2.ttf 216 0x918b75d96d20 \Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll 216 0x918b75d96eb0 \Windows\System32\wuceffects.dll 216 0x918b76024150 \Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Admin.evtx 216 0x918b760242e0 \Windows\System32\deviceassociation.dll 216 0x918b76024470 \AsyncConnectHlp 216 0x918b76024600 \MsFteWds 216 0x918b76024790 \Windows\System32\ole32.dll 216 0x918b76024920 \Windows\System32\config\COMPONENTS{fd9a35c3-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b76024ab0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b76024c40 \Endpoint 216 0x918b76024dd0 \Windows\System32\usbmon.dll 216 0x918b760250f0 \Windows\System32\PackageStateChangeHandler.dll 216 0x918b76025280 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76025410 \Windows\System32\snmpapi.dll 216 0x918b760255a0 \Windows\System32\container.dll 216 0x918b76025730 \Windows\System32\C_1256.NLS 216 0x918b760258c0 \Windows\System32\dusmapi.dll 216 0x918b76025a50 \Windows\System32\config\COMPONENTS{fd9a35c3-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b76025be0 \CMNotify 216 0x918b76025d70 \Windows\System32\wlidprov.dll 216 0x918b76026090 \Windows\System32\tcpmon.dll 216 0x918b76026220 \Windows\System32\wsnmp32.dll 216 0x918b760263b0 \Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Operational.evtx 216 0x918b76026540 \Windows\System32\APMon.dll 216 0x918b760266d0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76026860 \Windows\System32\twinui.appcore.dll 216 0x918b760269f0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76026b80 \Windows\System32\InputLocaleManager.dll 216 0x918b76026d10 \AsyncSelectHlp 216 0x918b76026ea0 \Windows\System32\MusNotificationUx.exe 216 0x918b760271c0 \$Directory 216 0x918b76027350 \Windows\System32\C_1254.NLS 216 0x918b760274e0 \Windows\System32\C_1253.NLS 216 0x918b76027670 \Dev\Query 216 0x918b76027800 \Windows\Registration\R000000000006.clb 216 0x918b76027990 \Windows\System32\C_1251.NLS 216 0x918b76027b20 \Windows\System32\AppResolver.dll 216 0x918b76027cb0 \Windows\System32\en-US\APMon.dll.mui 216 0x918b76027e40 \CMApi 216 0x918b76028160 \Users\santa\AppData\Local\Microsoft\Windows\Caches\cversions.3.db 216 0x918b760282f0 \Windows\Registration\R000000000006.clb 216 0x918b76028480 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76028610 \Windows\System32\cdpsvc.dll 216 0x918b760287a0 \Windows\System32\WSDApi.dll 216 0x918b76028930 \Windows\System32\C_1250.NLS 216 0x918b76028ac0 \Windows\Web\Wallpaper\Theme1\Desktop.ini 216 0x918b76028de0 \Windows\System32\Windows.StateRepositoryClient.dll 216 0x918b76029100 \Windows\System32\tquery.dll 216 0x918b76029420 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b760295b0 \Windows\System32\MTF.dll 216 0x918b76029740 \Dev\Query 216 0x918b760298d0 \Windows\System32\UiaManager.dll 216 0x918b76029a60 \CMApi 216 0x918b76029bf0 \Windows\System32\webservices.dll 216 0x918b76029d80 \gecko.4576.3988.585370181143719742 216 0x918b7602a0a0 \Windows\System32\mssrch.dll 216 0x918b7602a230 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Assets\Blank_PhotosSplashWideTile.png 216 0x918b7602a3c0 \$Directory 216 0x918b7602a550 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\The Internet.lnk 216 0x918b7602a6e0 \Windows 216 0x918b7602a870 \Windows 216 0x918b7602aa00 \$Directory 216 0x918b7602ab90 \Windows\System32\Windows.CloudStore.Schema.Shell.dll 216 0x918b7602ad20 \Windows\System32\sbservicetrigger.dll 216 0x918b7602aeb0 \$Directory 216 0x918b7602b1d0 \Windows\System32\keyiso.dll 216 0x918b7602b360 \Windows\System32\EAMProgressHandler.dll 216 0x918b7602b4f0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b7602b680 \Windows\System32\drvstore.dll 216 0x918b7602b810 \Windows\System32\daxexec.dll 216 0x918b7602b9a0 \Windows\System32\threadpoolwinrt.dll 216 0x918b7602bb30 \Windows\System32\Windows.Shell.BlueLightReduction.dll 216 0x918b7602bcc0 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7602be50 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776 216 0x918b7602c170 \Windows\System32\CoreShellExtFramework.dll 216 0x918b7602c300 \Windows\System32\wpnclient.dll 216 0x918b7602c490 \Windows\System32\spool\prtprocs\x64\winprint.dll 216 0x918b7602c620 \$Directory 216 0x918b7602c7b0 \Program Files (x86)\Mozilla Firefox 216 0x918b7602c940 \Windows\System32\wshbth.dll 216 0x918b7602cad0 \CMApi 216 0x918b7602cdf0 \Windows\System32\ContentDeliveryManager.Utilities.dll 216 0x918b7602d110 \Windows\System32\en-US\datamap.0409.dat 216 0x918b7602d2a0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b7602d430 \Windows\System32\twinui.pcshell.dll 216 0x918b7602d5c0 \Endpoint 216 0x918b7602d750 \Windows\System32\en-US\inetpp.dll.mui 216 0x918b7602d8e0 \Windows\System32\wpnapps.dll 216 0x918b7602da70 \Windows\System32\imageres.dll 216 0x918b7602dc00 \$Directory 216 0x918b7602dd90 \Windows\Fonts\mmrtext.ttf 216 0x918b7602e0b0 \$Directory 216 0x918b7602e240 \Windows\SysWOW64\mswsock.dll 216 0x918b7602e3d0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb 216 0x918b7602e560 \Windows\SystemResources\imageres.dll.mun 216 0x918b7602e6f0 \CMApi 216 0x918b7602ea10 \Windows\System32\AuthExt.dll 216 0x918b7602eba0 \$Directory 216 0x918b7602ed30 \SwDevice 216 0x918b7602f1e0 \$Directory 216 0x918b7602f370 \$Directory 216 0x918b7602f500 \Windows\System32\inetpp.dll 216 0x918b7602f690 \$Directory 216 0x918b7602f820 \Windows\System32\Windows.StateRepositoryBroker.dll 216 0x918b7602f9b0 \Windows\System32\win32spl.dll 216 0x918b7602fcd0 \Windows\System32\ieproxy.dll 216 0x918b7602fe60 \Windows\System32\en-US\win32spl.dll.mui 216 0x918b76030180 \Dev\Query 216 0x918b76030310 \Windows\System32 216 0x918b760304a0 \Program Files (x86)\Mozilla Firefox 216 0x918b76030630 \Windows\System32\en-US\AuthExt.dll.mui 216 0x918b760307c0 \Windows\Prefetch\MICROSOFTEDGEUPDATE.EXE-96674210.pf 216 0x918b76030950 \Windows\System32\spool\drivers\W32X86\PCC 216 0x918b76030ae0 \Windows\System32\wscui.cpl 216 0x918b76030c70 \Windows\System32\wups2.dll 216 0x918b76030e00 \Users\santa\AppData\Local\Temp\MicrosoftEdgeUpdate.log 216 0x918b76031120 \$Directory 216 0x918b760312b0 \Windows\System32 216 0x918b760315d0 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776 216 0x918b76031760 \Windows\SysWOW64\TextInputFramework.dll 216 0x918b760318f0 \SwDevice 216 0x918b76031a80 \Windows\System32\PhotoMetadataHandler.dll 216 0x918b760320c0 \Windows\System32\twinapi.dll 216 0x918b76032570 \CMNotify 216 0x918b76032700 \Windows\System32\imm32.dll 216 0x918b76032890 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76032a20 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.jfm 216 0x918b76032ed0 \CMNotify 216 0x918b760331f0 \Dev\Query 216 0x918b76033380 \Endpoint 216 0x918b76033510 \SwDevice 216 0x918b760336a0 \Windows\System32\vaultcli.dll 216 0x918b76033830 \SwDevice 216 0x918b760339c0 \Windows\System32\NetworkStatus.dll 216 0x918b76033b50 \gecko.4576.3988.585370181143719742 216 0x918b76033ce0 \$Directory 216 0x918b76033e70 \$Directory 216 0x918b76034190 \Windows\System32\en-US\propsys.dll.mui 216 0x918b76034320 \$Directory 216 0x918b760344b0 \Windows\System32\en-US\ieframe.dll.mui 216 0x918b76034640 \Windows\System32\ieframe.dll 216 0x918b76034960 \Windows\Fonts\segoeuib.ttf 216 0x918b76034af0 \Windows\System32\StartTileData.dll 216 0x918b76034c80 \Windows\System32\msi.dll 216 0x918b76034e10 \Windows\System32\en-US\shell32.dll.mui 216 0x918b76035130 \Windows\SysWOW64\wshqos.dll 216 0x918b760352c0 \Users\santa\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK 216 0x918b76035450 \Windows\Fonts\cambriai.ttf 216 0x918b760355e0 \$Directory 216 0x918b76035770 \Windows\System32\en-US\MusNotifyIcon.exe.mui 216 0x918b76035900 \gecko.4576.3988.18146219246632876385 216 0x918b76035a90 \$Directory 216 0x918b76035c20 \Windows\System32\MusNotificationUx.exe 216 0x918b76035db0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b760360d0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76036260 \Users\santa\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db 216 0x918b760363f0 \Windows\Fonts\times.ttf 216 0x918b76036710 \Windows\Registration\R000000000006.clb 216 0x918b760368a0 \Windows\System32\sppc.dll 216 0x918b76036a30 \$Directory 216 0x918b76036bc0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76036ee0 \$Directory 216 0x918b76037200 \Windows\System32\spool\drivers\x64\PCC 216 0x918b76037390 \Windows\System32\Windows.UI.Xaml.Resources.Common.dll 216 0x918b76037520 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{0050F440-DE0F-48EE-A4F2-CDD94F01CAB6}.catalogItem 216 0x918b760376b0 \Windows\System32\spp\store\2.0\tokens.dat 216 0x918b760379d0 \$Directory 216 0x918b76037b60 \Windows\System32 216 0x918b76037e80 \$Directory 216 0x918b76038330 \Windows\System32\NotificationControllerPS.dll 216 0x918b760384c0 \Windows\System32\vm3ddevapi64.dll 216 0x918b76038650 \$Directory 216 0x918b760387e0 \$Directory 216 0x918b76038970 \Windows 216 0x918b76038c90 \Windows\System32\spool\drivers\W32X86\PCC 216 0x918b76038e20 \Windows\System32\Windows.ApplicationModel.Core.dll 216 0x918b76039140 \Windows\System32\wbem\wmiprov.dll 216 0x918b760392d0 \Windows\Registration\R000000000006.clb 216 0x918b760395f0 \$ConvertToNonresident 216 0x918b76039780 \$Directory 216 0x918b76039910 \$Directory 216 0x918b76039aa0 \Windows\System32\MitigationClient.dll 216 0x918b76039c30 \$Directory 216 0x918b76039dc0 \gecko.4576.3988.4692312835060683011 216 0x918b7603a0e0 \Endpoint 216 0x918b7603a270 \Windows\System32\config\COMPONENTS.LOG1 216 0x918b7603a400 \Windows\System32\config\COMPONENTS.LOG2 216 0x918b7603a720 \Endpoint 216 0x918b7603a8b0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.jfm 216 0x918b7603aa40 \Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx 216 0x918b7603abd0 \CMNotify 216 0x918b7603ad60 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7603aef0 \$Directory 216 0x918b7603b080 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b7603b210 \Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi 216 0x918b7603b3a0 \CMNotify 216 0x918b7603b850 \Windows\System32\vm3ddevapi64-release.dll 216 0x918b7603bb70 \Windows\System32 216 0x918b7603bd00 \Windows\System32\spool\drivers\x64\PCC 216 0x918b7603be90 \Endpoint 216 0x918b7603c340 \Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.401.765.0.exe 216 0x918b7603c4d0 \$Directory 216 0x918b7603c660 \gecko.4576.3988.18146219246632876385 216 0x918b7603c7f0 \$Directory 216 0x918b7603c980 \$Directory 216 0x918b7603cb10 \ProgramData\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\User.dat 216 0x918b7603cca0 \$Directory 216 0x918b7603d150 \Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll 216 0x918b7603d2e0 \Windows\System32\spool\drivers\x64\PCC 216 0x918b7603d470 \Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx 216 0x918b7603d600 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\1.401.765.0_to_1.401.798.0_mpasdlta.vdm._p 216 0x918b7603d790 \Program Files\WindowsApps\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\Skype\vccorlib140.dll 216 0x918b7603d920 \Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll 216 0x918b7603dab0 \Windows\SysWOW64\vccorlib140.dll 216 0x918b7603dc40 \Windows\System32\DeviceDirectoryClient.dll 216 0x918b7603e0f0 \Windows\System32\spool\drivers\x64\PCC 216 0x918b7603e280 \$Directory 216 0x918b7603e5a0 \Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll 216 0x918b7603e8c0 \Windows\System32\SndVolSSO.dll 216 0x918b7603ea50 \gecko.4576.3988.1511846534483018721 216 0x918b7603ed70 \Windows\System32\SettingSyncCore.dll 216 0x918b7603f090 \$Directory 216 0x918b7603f220 \$Directory 216 0x918b7603f3b0 \Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask 216 0x918b7603f540 \Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4LogonTasksChannel.evtx 216 0x918b7603f6d0 \Program Files\WindowsApps\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\Skype\msvcp140.dll 216 0x918b7603f9f0 \Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4AppDefaults.evtx 216 0x918b7603fb80 \Windows\System32\spool\drivers\x64\PCC 216 0x918b7603fd10 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\idb\4167130407yCt7G%cCf7C%o7ndfci6g.sqlite 216 0x918b7603fea0 \1840.1da1a23c79ec4cf 216 0x918b760401c0 \Windows\System32\wpdshext.dll 216 0x918b76040350 \Windows\System32\prm0009.dll 216 0x918b760404e0 \Windows\System32\en-US\NotificationController.dll.mui 216 0x918b76040670 \gecko.4576.3988.5164763320614748629 216 0x918b76040800 \$Directory 216 0x918b76040990 \gecko.4576.3988.5164763320614748629 216 0x918b76040b20 \Windows\System32\oleacc.dll 216 0x918b76040e40 \Windows\System32\DevDispItemProvider.dll 216 0x918b76041160 \Windows\System32\en-US\oleaccrc.dll.mui 216 0x918b760412f0 \Windows\System32\DataExchange.dll 216 0x918b76041480 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76041610 \Windows\System32\en-US\combase.dll.mui 216 0x918b760417a0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76041ac0 \Windows\System32\ExplorerFrame.dll 216 0x918b76041c50 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b76041de0 \Windows\System32\RTWorkQ.dll 216 0x918b76042100 \Windows\System32\StructuredQuery.dll 216 0x918b76042290 \Windows\Fonts\StaticCache.dat 216 0x918b760425b0 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b76042740 \Windows\Registration\R000000000006.clb 216 0x918b760428d0 \Windows\System32\spp\plugin-manifests-signed\sppwinob-spp-plugin-manifest-signed.xrm-ms 216 0x918b76042bf0 \Windows\System32\oleaccrc.dll 216 0x918b76042d80 \Windows\System32\wbem\WmiPerfInst.dll 216 0x918b760430a0 \gecko.4576.3988.1511846534483018721 216 0x918b76043230 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\1.401.765.0_to_1.401.798.0_mpavdlta.vdm._p 216 0x918b760433c0 \Windows\System32\MSWB7.dll 216 0x918b76043550 \LOCAL\cubeb-pipe-4576-13 216 0x918b760436e0 \Windows\System32\spp\plugin-manifests-signed\sppobjs-spp-plugin-manifest-signed.xrm-ms 216 0x918b76043870 \Windows\Registration\R000000000006.clb 216 0x918b76043b90 \Windows\System32\en-US\wscui.cpl.mui 216 0x918b76043eb0 \Windows\SysWOW64\MrmCoreR.dll 216 0x918b76060a00 ੘瘆醋￿੘瘆醋￿ 0 0x918b760df2e0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Caches\cversions.3.db 216 0x918b760df470 \Windows\System32 216 0x918b760df600 \ProgramData\Microsoft\Windows\OneSettings\config.json 216 0x918b760df790 \Windows\System32\thumbcache.dll 216 0x918b760dfab0 \Windows\System32\CBDHSvc.dll 216 0x918b760dfc40 \Windows\Registration\R000000000006.clb 216 0x918b760dfdd0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b760e00f0 \$Directory 216 0x918b760e0280 \Windows\System32\en-US\svchost.exe.mui 216 0x918b760e0410 \Windows\System32\en-US\propsys.dll.mui 216 0x918b760e05a0 \Windows\SysWOW64\FWPUCLNT.DLL 216 0x918b760e0730 \Windows\System32\windows.applicationmodel.datatransfer.dll 216 0x918b760e0a50 \CMApi 216 0x918b760e0be0 \Windows\System32\MusNotifyIcon.exe 216 0x918b760e0d70 \Windows\Fonts\timesbi.ttf 216 0x918b760e1090 \Windows\System32\winevt\Logs\Microsoft-Windows-HelloForBusiness%4Operational.evtx 216 0x918b760e1220 \Windows\Fonts\timesbd.ttf 216 0x918b760e13b0 \Windows\System32\windows.immersiveshell.serviceprovider.dll 216 0x918b760e1540 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\80237EE4964FC9C409AAF55BF996A292_C5130A0BDC8C859A2757D77746C10868 216 0x918b760e16d0 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-wal 216 0x918b760e1860 \Windows\System32\svchost.exe 216 0x918b760e19f0 \Windows\System32\edputil.dll 216 0x918b760e1b80 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Caches\{17A6A947-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db 216 0x918b760e1d10 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b760e1ea0 \Windows\Fonts\timesi.ttf 216 0x918b760e21c0 \Windows\System32 216 0x918b760e2350 \Windows\System32\ntshrui.dll 216 0x918b760e24e0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpavdlta.vdm 216 0x918b760e2990 \CMNotify 216 0x918b760e2b20 \CMNotify 216 0x918b760e2cb0 \ProgramData\Microsoft\Windows\OneSettings\UsoSettings.json 216 0x918b760e2e40 \Windows\System32\wbem\NCProv.dll 216 0x918b760e3160 \$Directory 216 0x918b760e32f0 \Windows\System32\cldapi.dll 216 0x918b760e3480 \PIPE_EVENTROOT\CIMV2SCM EVENT PROVIDER 216 0x918b760e37a0 \Windows\Prefetch\MUSNOTIFYICON.EXE-19B43B6D.pf 216 0x918b760e3930 \Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan 216 0x918b760e3ac0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpasdlta.vdm 216 0x918b760e3c50 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\mpavdlta.vdm 216 0x918b760e3de0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpasbase.vdm 216 0x918b760e4100 \Windows\System32\ApplicationFrame.dll 216 0x918b760e4290 \Windows\System32\winbrand.dll 216 0x918b760e4420 \Windows\System32\Pimstore.dll 216 0x918b760e45b0 \Windows\System32\twinui.dll 216 0x918b760e4740 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpasdlta.vdm 216 0x918b760e48d0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpavbase.vdm 216 0x918b760e4a60 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\mpasdlta.vdm 216 0x918b760e4bf0 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\mpavdlta.vdm 216 0x918b760e4d80 \ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb 216 0x918b760e50a0 \Windows\Temp\E39618F2-C692-4495-9595-CD89B93B468221c0.1da1a23e07d5c34\mpasdlta.vdm 216 0x918b760e5230 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b760e53c0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db 216 0x918b760e5550 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 216 0x918b760e56e0 \$Directory 216 0x918b760e5870 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll 216 0x918b760e5a00 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm 216 0x918b760e5b90 \$Directory 216 0x918b760e5d20 \Windows\System32\ConstraintIndex.Search.dll 216 0x918b760e5eb0 \$Directory 216 0x918b760e61d0 \Windows\System32\APHostClient.dll 216 0x918b760e64f0 \Windows\System32\tzres.dll 216 0x918b760e6680 \Windows\System32\en-US\urlmon.dll.mui 216 0x918b760e6810 \Windows\System32\en-US\mshtml.dll.mui 216 0x918b760e69a0 \Windows\System32\en-US\tzres.dll.mui 216 0x918b760e6b30 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b760e7170 \Windows\System32\accountaccessor.dll 216 0x918b760e7300 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 216 0x918b760e7490 \Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download 216 0x918b760e7620 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b760e77b0 \Windows\System32\jscript9.dll 216 0x918b760e7ad0 \$Directory 216 0x918b760e7c60 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\S-1-5-21-1046918562-1299961717-1331875240-1001.pckgdep 216 0x918b760e7df0 \Windows\Registration\R000000000006.clb 216 0x918b760e8110 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b760e82a0 \$Directory 216 0x918b760e8430 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b760e85c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b760e8750 \Users\santa\Pictures\wallpaper.png 216 0x918b760e88e0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallpaper.png 216 0x918b760e8a70 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{49040C94-439D-4181-939B-400DF4927C3F}.catalogItem 216 0x918b760e8d90 \Windows\SysWOW64\msvcp140.dll 216 0x918b760e90b0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{444D7E83-38FD-41A7-B6C9-E2408C16522A}.catalogItem 216 0x918b760e9240 \$Directory 216 0x918b760e93d0 \Windows\System32\HolographicExtensions.dll 216 0x918b760e9560 \Windows\System32\linkinfo.dll 216 0x918b760e96f0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{34A29904-08E5-4E25-8DFA-E11604620A36}.catalogItem 216 0x918b760e9880 \Windows\System32\wuapihost.exe 216 0x918b760e9a10 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{4A28E9F2-073A-4423-A514-4213FFEFEBBA}.catalogItem 216 0x918b760e9ba0 \Windows\System32\VirtualMonitorManager.dll 216 0x918b760e9d30 \$Directory 216 0x918b760ea1e0 \$Directory 216 0x918b760ea370 \Windows\System32\en-US\MMDevAPI.dll.mui 216 0x918b760ea500 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{3F8A46C6-51AA-4DE5-B34D-84B7720C385E}.catalogItem 216 0x918b760ea690 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{36EEEF0D-07D7-461B-BD63-4D59DBAAA9F1}.catalogItem 216 0x918b760ea820 \srvsvc 216 0x918b760ea9b0 \Windows\System32\provthrd.dll 216 0x918b760eab40 \Windows\System32\security.dll 216 0x918b760eacd0 \Windows\System32\Windows.Web.Http.dll 216 0x918b760eae60 \$Directory 216 0x918b760eb180 \$Directory 216 0x918b760eb310 \$Directory 216 0x918b760eb4a0 \Windows\System32\schedcli.dll 216 0x918b760eb630 \Users\santa\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000012.db 216 0x918b760eb7c0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{3FDEDDC5-ACC3-45B4-8673-DB8404A61C04}.catalogItem 216 0x918b760eb950 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{5D04056B-EE2D-4D26-9D9A-5E94F6BD26BD}.catalogItem 216 0x918b760ebc70 \$Directory 216 0x918b760ebe00 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{9DB307E7-AED6-43BD-A9D9-74DCFFA69083}.catalogItem 216 0x918b760ec2b0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{60166A20-898B-4410-8545-F859A33EE497}.catalogItem 216 0x918b760ec440 \Windows\SysWOW64\vcruntime140.dll 216 0x918b760ec5d0 \Windows\Registration\R000000000006.clb 216 0x918b760ec8f0 \Windows\System32\winevt\Logs\State.evtx 216 0x918b760eca80 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db 216 0x918b760ecc10 \Endpoint 216 0x918b760ed0c0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db 216 0x918b760ed250 \Users\santa\Pictures\wallpaper.png 216 0x918b760ed3e0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallpaper.png 216 0x918b760ed570 \Windows\System32\en-US\twinui.pcshell.dll.mui 216 0x918b760ed700 \Windows\System32\AboveLockAppHost.dll 216 0x918b760eda20 \Windows\System32\NPSM.dll 216 0x918b760edbb0 \Windows\System32\Windows.Web.dll 216 0x918b760edd40 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{5D34A17C-E779-43E3-8F10-9B8EC079AB07}.catalogItem 216 0x918b760eded0 \Users\santa\Searches\desktop.ini 216 0x918b760ee1f0 \Windows\System32\wbem\ntevt.dll 216 0x918b760ee380 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncShell64.dll 216 0x918b760ee510 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{9AED473A-31C1-465E-BC4E-33B9015007B6}.catalogItem 216 0x918b760ee6a0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b760ee830 \Windows\System32\EhStorShell.dll 216 0x918b760ee9c0 \$Directory 216 0x918b760eeb50 \Users\santa\AppData\Local\ConnectedDevicesPlatform\L.santa\ActivitiesCache.db 216 0x918b760eece0 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd 216 0x918b760eee70 \Dev\Query 216 0x918b760ef190 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm 216 0x918b760ef320 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{9F531629-9C7B-49B3-838F-43E812031C81}.catalogItem 216 0x918b760ef4b0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001.pckgdep 216 0x918b760ef640 \CMNotify 216 0x918b760ef7d0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{B596C7B4-0FE0-4D0E-8F37-E96773FE9F78}.catalogItem 216 0x918b760ef960 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{C3C2A2A6-3256-41E6-B7A5-B6F3A56D6678}.catalogItem 216 0x918b760efaf0 \Dev\Query 216 0x918b760efc80 \Windows\System32\winevt\Logs\Microsoft-Windows-TWinUI%4Operational.evtx 216 0x918b760efe10 \Windows\SysWOW64\en-US\fwpuclnt.dll.mui 216 0x918b760f0130 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{B64B03EB-23B1-4C72-85E1-1BAFBC392F07}.catalogItem 216 0x918b760f02c0 \$Directory 216 0x918b760f0450 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{BAB5EB9A-271F-464B-BBFB-DBE76F5B333D}.catalogItem 216 0x918b760f05e0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{C5C5C73B-B43A-4639-B50A-5D6FBE6CF6FC}.catalogItem 216 0x918b760f0770 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{BFE037EF-488A-4482-B8E5-23DFBA0D2CFE}.catalogItem 216 0x918b760f0900 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{D1010237-5028-41EA-80E8-F4CD4FB58B20}.catalogItem 216 0x918b760f0a90 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{BDA779DB-96E8-4B17-BD2C-AD23AA6B4953}.catalogItem 216 0x918b760f0c20 \Windows\rescache\_merged\1198001884\1532113745.pri 216 0x918b760f0db0 \Windows\System32\Windows.Internal.Signals.dll 216 0x918b760f10d0 \Windows\SystemResources\ShellComponents\ShellComponents.pri 216 0x918b760f1260 \Windows\Registration\R000000000006.clb 216 0x918b760f13f0 \Windows\System32\TaskFlowDataEngine.dll 216 0x918b760f1580 \Windows\System32\Windows.Data.Activities.dll 216 0x918b760f18a0 \Dev\Query 216 0x918b760f1a30 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{A6A0EBC6-A68F-416F-A217-B6AA98F6FA30}.catalogItem 216 0x918b760f1ee0 \$Directory 216 0x918b760f2200 \Users\santa\AppData\Local\ConnectedDevicesPlatform\L.santa\ActivitiesCache.db-wal 216 0x918b760f2390 \$Directory 216 0x918b760f2520 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{DD06B977-BF50-499A-9303-B1C89D578889}.catalogItem 216 0x918b760f26b0 \Windows\System32\LockController.dll 216 0x918b760f29d0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{EDFCC36C-26F3-474A-9006-29093111FE13}.catalogItem 216 0x918b760f2b60 \$Directory 216 0x918b760f2cf0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b760f31a0 \Windows\Prefetch\DLLHOST.EXE-C2B2ECC1.pf 216 0x918b760f3330 \Windows\System32\Windows.ApplicationModel.LockScreen.dll 216 0x918b760f34c0 \Windows\Globalization\ICU\icudtl.dat 216 0x918b760f3650 \Endpoint 216 0x918b760f37e0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b760f3970 \Windows\Globalization\ICU\timezoneTypes.res 216 0x918b760f3b00 \Windows\System32\PCShellCommonProxyStub.dll 216 0x918b760f3c90 \$Directory 216 0x918b760f3e20 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{ED95330E-AF5E-431E-8BA5-9AFF6FE75A1E}.catalogItem 216 0x918b760f4140 \Users\santa\AppData\Local\ConnectedDevicesPlatform\L.santa\ActivitiesCache.db-shm 216 0x918b760f42d0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{DA6CD408-E8E4-4098-82A8-B7088801E6B3}.catalogItem 216 0x918b760f4460 \Windows\SysWOW64\en-US\twinapi.dll.mui 216 0x918b760f45f0 \Users\santa\AppData\Roaming\Microsoft\Protect\S-1-5-21-1046918562-1299961717-1331875240-1001\Preferred 216 0x918b760f4780 \$Directory 216 0x918b760f4910 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{DE3C13E8-0C5B-4A7D-8DF5-E63676E1C3DA}.catalogItem 216 0x918b760f4aa0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{E651F2E7-9072-4E12-9EB6-4BF1CE4B05FE}.catalogItem 216 0x918b760f4c30 \Windows\System32\ShellCommonCommonProxyStub.dll 216 0x918b760f4dc0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{FE986C6C-BD0C-4F58-AE21-E0C338D2E79E}.catalogItem 216 0x918b760f50e0 \Windows\Prefetch\VMWARERESOLUTIONSET.EXE-F78A3A07.pf 216 0x918b760f5270 \Server 216 0x918b760f5590 \Windows\SysWOW64\DataExchange.dll 216 0x918b760f5720 \$Directory 216 0x918b760f58b0 \CMApi 216 0x918b760f5a40 \$Directory 216 0x918b760f5bd0 \Windows\Registration\R000000000006.clb 216 0x918b760f5d60 \ProgramData\Microsoft\Windows\OneSettings\CTAC.json 216 0x918b760f5ef0 \Windows\System32\TaskSchdPS.dll 216 0x918b760f6080 \Windows\System32\cryptxml.dll 216 0x918b760f6210 \$Directory 216 0x918b760f63a0 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b760f6530 \Windows\System32 216 0x918b760f66c0 \Windows\System32\mssph.dll 216 0x918b760f6850 \$Directory 216 0x918b760f69e0 \CMApi 216 0x918b760f6b70 \Windows\System32\ngcsvc.dll 216 0x918b760f6d00 \Program Files\VMware\VMware Tools\VMwareResolutionSet.exe 216 0x918b760f71b0 \$Directory 216 0x918b760f74d0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 216 0x918b760f7660 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db 216 0x918b760f7980 \Windows\System32\icmp.dll 216 0x918b760f7ca0 \Windows\System32\Windows.Energy.dll 216 0x918b760f7e30 \$Recycle.Bin\S-1-5-21-1046918562-1299961717-1331875240-1001\desktop.ini 216 0x918b760f8150 \Users\santa\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1024_785_POS4.jpg 216 0x918b760f82e0 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe 216 0x918b760f8470 \Reference 216 0x918b760f8600 \Windows\System32\en-US\shell32.dll.mui 216 0x918b760f8790 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b760f8ab0 \Windows\System32\NgcCtnrGidsHandler.dll 216 0x918b760f8c40 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b760f90f0 \Windows\System32\en-US\ncrypt.dll.mui 216 0x918b760f9280 \Windows\System32\winevt\Logs\Microsoft-Windows-Security-LessPrivilegedAppContainer%4Operational.evtx 216 0x918b760f9410 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 216 0x918b760f95a0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312 216 0x918b760f9730 \Windows\System32\LicenseManagerApi.dll 216 0x918b760f98c0 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\msedgeupdateres_en.dll 216 0x918b760f9be0 \Windows\SysWOW64\oleaut32.dll 216 0x918b760f9d70 \CMApi 216 0x918b760fa090 \$Directory 216 0x918b760fa220 \Windows\System32\NgcCtnr.dll 216 0x918b760fa3b0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-515815643-2845804217-1874292103-218650560-777617685-4287762684-137415000 216 0x918b760fa540 \Windows\System32\Clipc.dll 216 0x918b760fa6d0 \Windows\SystemResources\shell32.dll.mun 216 0x918b760fa860 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 216 0x918b760fa9f0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\CacheStorage\CacheStorage.edb 216 0x918b760fab80 \Windows\System32\NgcCtnrSvc.dll 216 0x918b760fad10 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5 216 0x918b760faea0 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\TELEMETRY.ASM-WINDOWSSQ.json.new 216 0x918b760fb350 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b760fb4e0 \Windows\System32\wuaueng.dll 216 0x918b760fb670 \$Directory 216 0x918b760fb800 \$Directory 216 0x918b760fb990 \Windows\System32\conhost.exe 216 0x918b760fbb20 \Windows\System32\en-US\InputSwitch.dll.mui 216 0x918b760fbe40 \Windows\System32\en-US\stobject.dll.mui 216 0x918b760fc160 \Windows\System32\LicenseManager.dll 216 0x918b760fc2f0 \Windows\System32\winevt\Logs\Microsoft-Windows-Store%4Operational.evtx 216 0x918b760fc480 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b760fc610 \Windows\System32\wwapi.dll 216 0x918b760fc7a0 \Connect 216 0x918b760fcc50 \Windows\System32\prnfldr.dll 216 0x918b760fcde0 \Windows\System32\notepad.exe 216 0x918b760fd290 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b760fd420 \Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 216 0x918b760fd5b0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b760fd740 \Sessions\1\AppContainerNamedObjects\S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708 216 0x918b760fd8d0 \Windows\System32\en-US\dsreg.dll.mui 216 0x918b760fda60 \$Directory 216 0x918b760fdd80 \Windows\System32\en-US\shell32.dll.mui 216 0x918b760fe0a0 \Windows\System32\cflapi.dll 216 0x918b760fe3c0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 216 0x918b760fe550 \Windows\System32\WPDShServiceObj.dll 216 0x918b760fe870 \$Directory 216 0x918b760feb90 \$Directory 216 0x918b760feeb0 \Dev\Query 216 0x918b761b3290 \$NonCachedIo 216 0x918b764971e0 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy 216 0x918b76497370 \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-FontSet-S-1-5-21-1046918562-1299961717-1331875240-1001.dat 216 0x918b76497500 \Windows\System32\en-US\shell32.dll.mui 216 0x918b764979b0 \$Directory 216 0x918b76497b40 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\resources.pri 216 0x918b76497cd0 \Windows\System32\Windows.UI.Xaml.Resources.th.dll 216 0x918b76498180 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\pris\resources.en-US.pri 216 0x918b764984a0 \Windows\System32\RuntimeBroker.exe 216 0x918b764987c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.18362.1_neutral__cw5n1h2txyewy\ActivationStore.dat 216 0x918b76498950 \Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-1046918562-1299961717-1331875240-1001.dat 216 0x918b76498ae0 \Windows\System32\LockAppBroker.dll 216 0x918b76498c70 \Windows\System32\Windows.Internal.Shell.Broker.dll 216 0x918b76498e00 \Windows\System32\Windows.Media.Devices.dll 216 0x918b76499120 \Windows\System32\appinfoext.dll 216 0x918b764992b0 \Windows\System32\en-US\napinsp.dll.mui 216 0x918b76499440 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.18362.1_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b76499760 \$Directory 216 0x918b764998f0 \CMApi 216 0x918b76499a80 \Windows\rescache\_merged\3900133415\2919480952.pri 216 0x918b76499c10 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.18362.1_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b7649a0c0 \$Directory 216 0x918b7649a250 \Windows\Fonts\segoeui.ttf 216 0x918b7649a570 \Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.dll 216 0x918b7649abb0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167 216 0x918b7649ad40 \Windows\Fonts\georgiaz.ttf 216 0x918b7649b1f0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b7649b6a0 \Windows\System32\Windows.Services.TargetedContent.dll 216 0x918b7649bb50 \Windows\Registration\R000000000006.clb 216 0x918b7649be70 \Windows\System32\en-US\dwmapi.dll.mui 216 0x918b7649c190 \Windows\System32 216 0x918b7649c320 \CMApi 216 0x918b7649c4b0 \Windows\System32\CapabilityAccessManagerClient.dll 216 0x918b7649c640 \$Directory 216 0x918b7649c7d0 \Windows\Registration\R000000000006.clb 216 0x918b7649ce10 \$Directory 216 0x918b7649d450 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Internal.Search.winmd 216 0x918b7649d5e0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b7649d770 \Windows\System32\backgroundTaskHost.exe 216 0x918b7649da90 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b7649dc20 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b7649ddb0 \$Directory 216 0x918b7649e260 \CMApi 216 0x918b7649e3f0 \Dev\Query 216 0x918b7649e580 \Dev\Query 216 0x918b7649e8a0 \Windows\SysWOW64\en-US\pnrpnsp.dll.mui 216 0x918b7649ea30 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b7649ebc0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b7649ed50 \Windows\System32\MtcModel.dll 216 0x918b7649f200 \Windows\SystemResources\imageres.dll.mun 216 0x918b7649f390 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b7649f520 \Windows\System32\SearchIndexer.exe 216 0x918b7649f6b0 \$Directory 216 0x918b7649f9d0 \Windows\System32\NcaApi.dll 216 0x918b7649fcf0 \Windows\System32 216 0x918b7649fe80 \Windows\Fonts\trebuc.ttf 216 0x918b764a01a0 \Windows\System32\en-US\AuthExt.dll.mui 216 0x918b764a0330 \Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy 216 0x918b764a0650 \Dev\Query 216 0x918b764a07e0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat 216 0x918b764a0970 \Windows\System32\hcproviders.dll 216 0x918b764a0b00 \Users\santa\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 216 0x918b764a0c90 \$Directory 216 0x918b764a0e20 \$Directory 216 0x918b764a12d0 \Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 216 0x918b764a1780 \Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\resources.pri 216 0x918b764a1910 \$Directory 216 0x918b764a1aa0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b764a1c30 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764a1dc0 \ProgramData\Microsoft\Windows\WER\ReportArchive 216 0x918b764a20e0 \Windows\ShellExperiences\StartUI.dll 216 0x918b764a2270 \Windows\System32 216 0x918b764a2400 \Windows\System32\en-US\ActionCenter.dll.mui 216 0x918b764a2590 \CMApi 216 0x918b764a2720 \Windows\Fonts\segoeui.ttf 216 0x918b764a28b0 \Windows\rescache\_merged\4124255888\4008532806.pri 216 0x918b764a2a40 \Windows\SystemResources\Windows.UI.ShellCommon\Windows.UI.ShellCommon.pri 216 0x918b764a2bd0 \$Directory 216 0x918b764a2d60 \Windows\rescache\_merged\3535846728\48666455.pri 216 0x918b764a2ef0 \Windows\System32\Windows.Storage.ApplicationData.dll 216 0x918b764a3080 \Windows\System32\biwinrt.dll 216 0x918b764a36c0 \Users\santa\AppData\Local\Microsoft\Windows\WER\ERC 216 0x918b764a3850 \Windows\Fonts\segoeuisl.ttf 216 0x918b764a39e0 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b764a3b70 \ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx 216 0x918b764a3e90 \Windows\Fonts\comicbd.ttf 216 0x918b764a41b0 \Windows\System32\en-US\SearchIndexer.exe.mui 216 0x918b764a4340 \Windows\Fonts\consolai.ttf 216 0x918b764a44d0 \$Directory 216 0x918b764a4660 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7\GdiPlus.dll 216 0x918b764a4980 \$Directory 216 0x918b764a4b10 \$Directory 216 0x918b764a4ca0 \Windows\System32 216 0x918b764a4e30 \$ConvertToNonresident 216 0x918b764a52e0 \Windows\System32 216 0x918b764a5470 \Windows\Fonts\comic.ttf 216 0x918b764a5920 \Windows\System32\wermgr.exe 216 0x918b764a5950 妨癊醋￿妨癊醋￿ 0 0x918b764a5c40 \Windows\Fonts\comici.ttf 216 0x918b764a5dd0 \Windows\System32\feclient.dll 216 0x918b764a60f0 \Windows\Fonts\comicz.ttf 216 0x918b764a6280 \Windows\Fonts\consolab.ttf 216 0x918b764a6410 \$Directory 216 0x918b764a65a0 \Windows\Registration\R000000000006.clb 216 0x918b764a6730 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764a6a50 \Users\santa\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 216 0x918b764a6be0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b764a6d70 \$Directory 216 0x918b764a7090 \Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx 216 0x918b764a7220 \Users\santa\AppData\Roaming\Microsoft\Windows\Printer Shortcuts 216 0x918b764a73b0 \Windows\System32\Windows.Globalization.Fontgroups.dll 216 0x918b764a76d0 \$Directory 216 0x918b764a7860 \Program Files (x86)\Mozilla Firefox 216 0x918b764a79f0 \Users\santa\AppData\Roaming\Microsoft\Windows\Printer Shortcuts 216 0x918b764a7b80 \Windows\System32\RuntimeBroker.exe 216 0x918b764a7d10 \Windows\Fonts\consolaz.ttf 216 0x918b764a7ea0 \$Directory 216 0x918b764a8350 \Users\santa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned 216 0x918b764a84e0 \ProgramData\Microsoft\Windows\Start Menu\Programs 216 0x918b764a8670 \Windows 216 0x918b764a8800 \ProgramData\Microsoft\Windows\Start Menu\Programs 216 0x918b764a8990 \Windows\System32\BthTelemetry.dll 216 0x918b764a8b20 \$Directory 216 0x918b764a8cb0 \$Directory 216 0x918b764a8e40 \ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.jfm 216 0x918b764a9160 \Windows\System32\fontgroupsoverride.dll 216 0x918b764a92f0 \Program Files (x86)\Mozilla Firefox 216 0x918b764a9610 \Users\santa\AppData\Local\Microsoft\Windows\Burn 216 0x918b764a97a0 \Windows\SystemResources\Windows.UI.ShellCommon\pris\Windows.UI.ShellCommon.en-US.pri 216 0x918b764a9ac0 \Users\santa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned 216 0x918b764a9c50 \$Directory 216 0x918b764a9de0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b764aa100 \Windows\System32\mssprxy.dll 216 0x918b764aa420 \CMApi 216 0x918b764aa5b0 \$Directory 216 0x918b764aa740 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764aa8d0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin 216 0x918b764aabf0 \$Directory 216 0x918b764aad80 \$Directory 216 0x918b764ab0a0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Data.bin 216 0x918b764ab230 \Windows\System32\en-US\hcproviders.dll.mui 216 0x918b764ab550 \Windows\System32\en-US\Windows.Globalization.dll.mui 216 0x918b764ab6e0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 216 0x918b764ab870 \Windows\System32\wuuhosdeployment.dll 216 0x918b764aba00 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 216 0x918b764abeb0 \Windows\System32\en-US\windows.ui.xaml.dll.mui 216 0x918b764ac1d0 \ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx 216 0x918b764ac360 \Windows\Fonts\segoeuib.ttf 216 0x918b764ac4f0 \Windows\System32\winevt\Logs\Microsoft-Windows-ShellCommon-StartLayoutPopulation%4Operational.evtx 216 0x918b764ac680 \Windows\System32\msauserext.dll 216 0x918b764ac810 \Sessions\1\AppContainerNamedObjects\S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 216 0x918b764acb30 \Windows\Fonts\constan.ttf 216 0x918b764accc0 \$Directory 216 0x918b764ace50 \$Directory 216 0x918b764ad170 \$Directory 216 0x918b764ad300 \Windows\Fonts\constanz.ttf 216 0x918b764ad490 \ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.jfm 216 0x918b764ad620 \Windows\System32\Windows.Storage.Search.dll 216 0x918b764ad7b0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy 216 0x918b764ad940 \Windows\System32\RTMediaFrame.dll 216 0x918b764adc60 \Windows\System32\Windows.Cortana.Desktop.dll 216 0x918b764ae110 \$Directory 216 0x918b764ae2a0 \ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb 216 0x918b764ae5c0 \Windows\Fonts\ebrima.ttf 216 0x918b764ae750 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764ae8e0 \Windows\System32\SystemSettings.SettingsExtensibility.dll 216 0x918b764aea70 \Windows\System32\WinBioPlugIns\NUIVoiceWBSAdapters.dll 216 0x918b764aec00 \Program Files (x86)\Mozilla Firefox\mozavutil.dll 216 0x918b764af0b0 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\pris\resources.en-US.pri 216 0x918b764af3d0 \$Directory 216 0x918b764af560 \Windows\System32\UIAutomationCore.dll 216 0x918b764af6f0 \Windows\Fonts\constani.ttf 216 0x918b764af880 \$Directory 216 0x918b764afba0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b764afec0 \$Directory 216 0x918b764b0370 \Windows\System32\BthAvctpSvc.dll 216 0x918b764b0500 \Windows\Fonts\cour.ttf 216 0x918b764b0820 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\pris\resources.en-US.pri 216 0x918b764b09b0 \$Directory 216 0x918b764b0b40 \Windows\System32\en-US\propsys.dll.mui 216 0x918b764b0cd0 \Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx 216 0x918b764b0e60 \$Directory 216 0x918b764b1180 \$Directory 216 0x918b764b1310 \MsFteWds 216 0x918b764b1630 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b764b1ae0 \Program Files (x86)\Mozilla Firefox\mozglue.dll 216 0x918b764b1e00 \CMApi 216 0x918b764b2120 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b764b2440 \$Directory 216 0x918b764b25d0 \Windows\System32\NPSMDesktopProvider.dll 216 0x918b764b2760 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b764b2a80 \Windows\System32\en-US\combase.dll.mui 216 0x918b764b30c0 \$Directory 216 0x918b764b3250 \Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll 216 0x918b764b33e0 \Program Files (x86)\Mozilla Firefox\mozavcodec.dll 216 0x918b764b3700 \Windows\Fonts\segoeui.ttf 216 0x918b764b3890 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG2 216 0x918b764b3d40 \Windows\System32\msidle.dll 216 0x918b764b41f0 \Windows\System32\Windows.Cortana.PAL.Desktop.dll 216 0x918b764b4380 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764b4510 \Windows\Registration\R000000000006.clb 216 0x918b764b46a0 \Windows\System32\PersonaX.dll 216 0x918b764b4830 \Windows\System32\ActionMgr.dll 216 0x918b764b49c0 \$Directory 216 0x918b764b4b50 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat 216 0x918b764b4ce0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\resources.pri 216 0x918b764b5190 \ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr 216 0x918b764b5320 \Windows\rescache\_merged\3199136011\4162976336.pri 216 0x918b764b57d0 \$Directory 216 0x918b764b5960 \ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl 216 0x918b764b5af0 \Windows\System32\Speech_OneCore\common\sapi_onecore.dll 216 0x918b764b5e10 \Windows\System32 216 0x918b764b6130 \Windows\System32\RuntimeBroker.exe 216 0x918b764b62c0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 216 0x918b764b6450 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG1 216 0x918b764b6770 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat 216 0x918b764b7260 \Windows\SystemResources\tquery.dll.mun 216 0x918b764b73f0 \Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx 216 0x918b764b7580 \Windows\System32\mfplat.dll 216 0x918b764b7710 \Windows\System32\Windows.Cortana.OneCore.dll 216 0x918b764b78a0 \Windows\System32\Windows.Cortana.ProxyStub.dll 216 0x918b764b7a30 \Windows\System32\EdgeManager.dll 216 0x918b764b7bc0 \ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 216 0x918b764b7d50 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\TempState\Traces\CortanaTrace1.etl 216 0x918b764b7ee0 \Windows\Registration\R000000000006.clb 216 0x918b764b8200 \$Directory 216 0x918b764b8390 \Windows\Fonts\courbd.ttf 216 0x918b764b8520 \Windows\System32\msftedit.dll 216 0x918b764b86b0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 216 0x918b764b8840 \Windows\System32\UserDataTypeHelperUtil.dll 216 0x918b764b89d0 \Windows\System32\LicenseManagerSvc.dll 216 0x918b764b8b60 \Windows\Fonts\couri.ttf 216 0x918b764b8cf0 \Windows\Fonts\courbi.ttf 216 0x918b764b8e80 \Windows\System32\globinputhost.dll 216 0x918b764b91a0 \Windows\System32\SpeechPal.dll 216 0x918b764b9330 \Windows\System32\Windows.UI.Input.Inking.dll 216 0x918b764b94c0 \Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll 216 0x918b764b9650 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 216 0x918b764b97e0 \$Directory 216 0x918b764b9970 \Program Files\WindowsApps\Microsoft.XboxGameOverlay_1.54.4001.0_x64__8wekyb3d8bbwe 216 0x918b764b9c90 \$Directory 216 0x918b764b9e20 \$Directory 216 0x918b764ba140 \Windows\System32\edgehtml.dll 216 0x918b764ba2d0 \Windows\System32\WinBioDatabase\51F39552-1075-4199-B513-0C10EA185DB0.DAT 216 0x918b764ba460 \Windows\System32\icuin.dll 216 0x918b764ba5f0 \Windows\System32\srpapi.dll 216 0x918b764ba780 \Windows\System32\icuuc.dll 216 0x918b764ba910 \Windows\System32\Chakra.dll 216 0x918b764baaa0 \Program Files\WindowsApps\Microsoft.XboxGameOverlay_1.54.4001.0_x64__8wekyb3d8bbwe 216 0x918b764bac30 \Users\santa\AppData\Local\Microsoft\Windows\WebCacheLock.dat 216 0x918b764badc0 \$Directory 216 0x918b764bb0e0 \Windows\System32\rometadata.dll 216 0x918b764bb270 \Windows\System32\stobject.dll 216 0x918b764bb400 \Windows\SystemResources\stobject.dll.mun 216 0x918b764bb590 \Dev\Query 216 0x918b764bb8b0 \Windows\Fonts\framd.ttf 216 0x918b764bba40 \$Directory 216 0x918b764bbbd0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b764bbd60 \Windows\System32\InputSwitch.dll 216 0x918b764bbef0 \Windows\Temp\MpCmdRun-80-53C9D589-6B66-4F30-9BAB-9A0193B0BAFC.lock 216 0x918b764bc080 \Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 216 0x918b764bc210 \Windows\Fonts\framdit.ttf 216 0x918b764bc3a0 \Windows\System32\icu.dll 216 0x918b764bc6c0 \Windows\System32\WinBioPlugIns\winbiostorageadapter.dll 216 0x918b764bc9e0 \Dev\Query 216 0x918b764bcb70 \Users\santa\AppData\Local\Microsoft\GameDVR 216 0x918b764bcd00 \CMNotify 216 0x918b764bd1b0 \ProgramData\Microsoft\Windows\Start Menu 216 0x918b764bd340 \Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy 216 0x918b764bd4d0 \Windows\System32\wuapi.dll 216 0x918b764bd660 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764bd7f0 \$Directory 216 0x918b764bdb10 \$Directory 216 0x918b764bdca0 \Windows\System32\wups.dll 216 0x918b764bde30 \$Directory 216 0x918b764be150 \Windows\bcastdvr 216 0x918b764be2e0 \Windows\System32\ieframe.dll 216 0x918b764be470 \Windows\System32\C_1257.NLS 216 0x918b764be790 \Windows\Registration\R000000000006.clb 216 0x918b764be920 \Windows\System32\batmeter.dll 216 0x918b764beab0 \Windows\System32\C_932.NLS 216 0x918b764bec40 \Windows\SysWOW64\taskschd.dll 216 0x918b764bedd0 \Windows\System32\winevt\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx 216 0x918b764bf280 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe 216 0x918b764bf410 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b764bf5a0 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalCache 216 0x918b764bf730 \Windows\System32\Windows.UI.Shell.dll 216 0x918b764bfa50 \Dev\Query 216 0x918b764bfbe0 \Windows\System32\winevt\Logs\Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx 216 0x918b764bfd70 \$Directory 216 0x918b764c0090 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\resources.pri 216 0x918b764c0220 \Windows\System32\en-US\setupapi.dll.mui 216 0x918b764c03b0 \Windows\System32\ksuser.dll 216 0x918b764c0540 \Windows\System32\C_1258.NLS 216 0x918b764c06d0 \CMApi 216 0x918b764c0860 \Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx 216 0x918b764c09f0 \Windows\System32\C_949.NLS 216 0x918b764c0d10 \Windows\System32\C_874.NLS 216 0x918b764c0ea0 \Windows\System32\atlthunk.dll 216 0x918b764c14e0 \Windows\Fonts\gadugib.ttf 216 0x918b764c1670 \Windows\SystemResources\SndVolSSO.dll.mun 216 0x918b764c1800 \Windows\System32\C_950.NLS 216 0x918b764c1e40 \ProgramData\Microsoft\Windows\Start Menu 216 0x918b764c2160 \CMApi 216 0x918b764c22f0 \Windows\Fonts\gadugi.ttf 216 0x918b764c2480 \Windows\System32\DXP.dll 216 0x918b764c2610 \Windows\Fonts\georgia.ttf 216 0x918b764c27a0 \Windows\System32\dcntel.dll 216 0x918b764c2930 \Windows\System32\en-US\vsstrace.dll.mui 216 0x918b764c2ac0 \Windows\System32\C_936.NLS 216 0x918b764c2c50 \$Directory 216 0x918b764c2de0 \Windows\System32\en-US\userenv.dll.mui 216 0x918b764c3100 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b764c3420 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764c35b0 \SearchTextHarvester 216 0x918b764c3740 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b764c38d0 \Windows\ShellExperiences\QuickActions.dll 216 0x918b764c3a60 \$Directory 216 0x918b764c3bf0 \Windows\Fonts\segoeui.ttf 216 0x918b764c3d80 \Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx 216 0x918b764c40a0 \Windows\rescache\_merged\2467931877\57170662.pri 216 0x918b764c4230 \$Directory 216 0x918b764c43c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b764c4870 \Windows\System32\shdocvw.dll 216 0x918b764c4b90 \Windows\ShellExperiences\Windows.UI.ActionCenter.dll 216 0x918b764c4d20 \Windows\System32\QuickActionsDataModel.dll 216 0x918b764c4eb0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764c51d0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764c5360 \Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\resources.pri 216 0x918b764c54f0 \$Directory 216 0x918b764c59a0 \Windows\System32\ActionCenter.dll 216 0x918b764c5cc0 \Windows\rescache\_merged\1988845358\2257490454.pri 216 0x918b764c6170 \$Directory 216 0x918b764c6300 \$Directory 216 0x918b764c6490 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764c6620 \CMNotify 216 0x918b764c67b0 \Endpoint 216 0x918b764c6940 \CMNotify 216 0x918b764c6c60 \Windows\System32\en-US\propsys.dll.mui 216 0x918b764c72a0 \CMNotify 216 0x918b764c75c0 \CMNotify 216 0x918b764c7750 \CMNotify 216 0x918b764c78e0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b764c7a70 \CMNotify 216 0x918b764c7c00 \$Directory 216 0x918b764c8240 \Windows\SysWOW64\D3DCompiler_47.dll 216 0x918b764c83d0 \Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx 216 0x918b764c8560 \Windows\System32\en-US\sndvolsso.dll.mui 216 0x918b764c8880 \$Directory 216 0x918b764c8a10 \CMNotify 216 0x918b764c8ba0 \Windows\Fonts\taile.ttf 216 0x918b764c8ec0 \Windows\SoftwareDistribution\DataStore\DataStore.edb 216 0x918b764c9500 \Windows\System32\Syncreg.dll 216 0x918b764c9690 \$Directory 216 0x918b764c9820 \Program Files (x86)\Mozilla Firefox\libGLESv2.dll 216 0x918b764c99b0 \CMNotify 216 0x918b764c9b40 \$Directory 216 0x918b764c9cd0 \Program Files (x86)\Mozilla Firefox\libEGL.dll 216 0x918b764c9e60 \$Directory 216 0x918b764ca180 \$Directory 216 0x918b764ca7c0 \CMNotify 216 0x918b764ca950 \Windows\System32\pnidui.dll 216 0x918b764caae0 \Users\santa\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log 216 0x918b764cac70 \Windows\System32\winevt\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx 216 0x918b764cb760 \Windows\SoftwareDistribution\DataStore\DataStore.edb 216 0x918b764cb8f0 \Windows\SysWOW64\d3d9.dll 216 0x918b764cba80 \CMNotify 216 0x918b764cbc10 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b764cbda0 \Windows\SoftwareDistribution\DataStore\DataStore.jfm 216 0x918b764cc0c0 \Windows\SystemResources\notepad.exe.mun 216 0x918b764cc250 \CMNotify 216 0x918b764cc3e0 \Endpoint 216 0x918b764cc570 \Users\santa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 216 0x918b764cc700 \$Directory 216 0x918b764cca20 \Windows\System32\EthernetMediaManager.dll 216 0x918b764cced0 \CMNotify 216 0x918b764cd1f0 \Windows\System32\NetworkUXBroker.dll 216 0x918b764cd6a0 \Windows\System32\en-US\pnidui.dll.mui 216 0x918b764cd830 \Windows\System32\en-US\svchost.exe.mui 216 0x918b764cd9c0 \Windows\System32\edgeIso.dll 216 0x918b764cdb50 \Windows\System32\WaaSMedicSvc.dll 216 0x918b764cdce0 \Windows\System32\WaaSMedicPS.dll 216 0x918b764cde70 \Users\santa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 216 0x918b764ce4b0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b764ce640 \Windows\System32\PortableDeviceTypes.dll 216 0x918b764ce7d0 \Windows\System32\SettingMonitor.dll 216 0x918b764ce960 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b764cf130 \Windows\System32\srchadmin.dll 216 0x918b764cf2c0 \$Directory 216 0x918b764cf450 \Endpoint 216 0x918b764cf770 \Users\santa\AppData\Roaming\Microsoft\Windows\Start Menu 216 0x918b764cf900 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe 216 0x918b764cfa90 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b764cfc20 \Windows\Fonts\phagspa.ttf 216 0x918b764d00d0 \$Directory 216 0x918b764d0260 \Windows\System32\sppsvc.exe 216 0x918b764d03f0 \Users\santa\AppData\Roaming\Microsoft\Windows\Start Menu 216 0x918b764d0580 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b764d0710 \Windows\Fonts\ntailu.ttf 216 0x918b764d08a0 \Windows\Fonts\ntailub.ttf 216 0x918b764d0a30 \Windows\Fonts\phagspab.ttf 216 0x918b764d0bc0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b764d0d50 \Users\santa\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\settings.dat.LOG2 216 0x918b764d0ee0 \Windows\System32\en-US\Windows.Globalization.dll.mui 216 0x918b764d1200 \Windows\System32\en-US\bthprops.cpl.mui 216 0x918b764d1390 \Windows\System32\msimtf.dll 216 0x918b764d1520 \Users\santa\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\settings.dat 216 0x918b764d16b0 \Windows\Fonts\taileb.ttf 216 0x918b764d1840 \Windows\System32\bthprops.cpl 216 0x918b764d19d0 \Windows\System32\en-US\explorerframe.dll.mui 216 0x918b764d1b60 \CMNotify 216 0x918b764d1e80 \Users\santa\AppData\Local\Microsoft\OneDrive\OneDrive.exe 216 0x918b764d2330 \Users\santa\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\settings.dat.LOG1 216 0x918b764d24c0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe 216 0x918b764d2650 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b764d27e0 \Windows\System32 216 0x918b764d2970 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe 216 0x918b764d2b00 \Windows\Fonts\segoepr.ttf 216 0x918b764d3140 \Users\santa\Desktop 216 0x918b764d32d0 \Program Files\WindowsApps\Microsoft.NET.Native.Runtime.2.2_2.2.28604.0_x64__8wekyb3d8bbwe\mrt100_app.dll 216 0x918b764d3460 \Windows\SysWOW64\rsaenh.dll 216 0x918b764d35f0 \Windows\System32\CompatTelRunner.exe 216 0x918b764d3780 \Windows\Fonts\arial.ttf 216 0x918b764d3aa0 \Windows\SysWOW64\en-US\urlmon.dll.mui 216 0x918b764d40e0 \Users\Public\Desktop 216 0x918b764d4270 \CMApi 216 0x918b764d4400 \Users\santa\Desktop 216 0x918b764d48b0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Microsoft.Notes.dll 216 0x918b764d4a40 \Windows\System32\en-US\Conhost.exe.mui 216 0x918b764d4bd0 \Users\Public\Desktop 216 0x918b764d4d60 \Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll 216 0x918b764d4ef0 \Users\santa\AppData\Roaming\Microsoft\Windows\Network Shortcuts 216 0x918b764d5080 \$Directory 216 0x918b764d5210 \Users\santa\AppData\Roaming\Microsoft\Windows\Network Shortcuts 216 0x918b764d53a0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\e_sqlite3.dll 216 0x918b764d5530 \$Directory 216 0x918b764d56c0 \Windows\System32\mrt100.dll 216 0x918b764d5850 \$Directory 216 0x918b764d5d00 \Windows\SysWOW64\en-US\iertutil.dll.mui 216 0x918b7696c370 \$Directory 216 0x918b7696c500 \$Directory 216 0x918b7696c690 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b7696c820 \Windows\System32\en-US\imapi2.dll.mui 216 0x918b7696c9b0 \Windows\SysWOW64\DWrite.dll 216 0x918b7696cb40 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\Assets\LockMDL2.ttf 216 0x918b7696ce60 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b7696d180 \Windows\SoftwareDistribution\ReportingEvents.log 216 0x918b7696d7c0 \Windows\System32\notepad.exe 216 0x918b7696dae0 \Windows\System32\updatepolicy.dll 216 0x918b7696dc70 \Windows\System32\AuthBroker.dll 216 0x918b7696de00 \CMNotify 216 0x918b7696e2b0 \Windows\Registration\R000000000006.clb 216 0x918b7696e440 \Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\Assets\LockMDL2.ttf 216 0x918b7696e5d0 \$Directory 216 0x918b7696e8f0 \Windows\System32\gamestreamingext.dll 216 0x918b7696ea80 \$Directory 216 0x918b7696ec10 \$Directory 216 0x918b7696eda0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b7696f0c0 \Windows\System32\en-US\edgehtml.dll.mui 216 0x918b7696f250 \Windows\System32\Windows.Management.Workplace.dll 216 0x918b7696f570 \Windows\System32\SyncCenter.dll 216 0x918b7696f700 \$Directory 216 0x918b7696fa20 \$Directory 216 0x918b7696fd40 \Windows\System32\en-US\rsaenh.dll.mui 216 0x918b7696fed0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b769701f0 \$Directory 216 0x918b76970380 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b76970510 \Windows\System32\imapi2.dll 216 0x918b769706a0 \Windows\System32\wuuhext.dll 216 0x918b76970830 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b769709c0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\idb\1209553808LCo7g%sCD7a%t7adbca6s.sqlite-shm 216 0x918b76970b50 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76970ce0 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b76970e70 \Windows\System32\WinMetadata\Windows.ApplicationModel.winmd 216 0x918b76971190 \Windows\SysWOW64\dxgi.dll 216 0x918b76971320 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b76971640 \Windows\System32\en-US\Windows.Security.Authentication.Web.Core.dll.mui 216 0x918b76971960 \$Directory 216 0x918b76971af0 \$Directory 216 0x918b76971c80 \Windows\SystemResources\Windows.UI.SettingsAppThreshold\Windows.UI.SettingsAppThreshold.pri 216 0x918b76971e10 \$Directory 216 0x918b76972130 \$Directory 216 0x918b769722c0 \Windows\System32\svchost.exe 216 0x918b76972450 \$Directory 216 0x918b76972770 \Windows\Fonts\seguiemj.ttf 216 0x918b76972900 \Windows\Fonts\arial.ttf 216 0x918b76972a90 \Windows\Fonts\seguisb.ttf 216 0x918b76972c20 \$Directory 216 0x918b76972db0 \$Directory 216 0x918b76973260 \Windows\System32\smartscreenps.dll 216 0x918b769733f0 \Windows\Registration\R000000000006.clb 216 0x918b76973580 \Windows\Globalization\ICU\windowsZones.res 216 0x918b769738a0 \Windows\Fonts\seguisb.ttf 216 0x918b76973bc0 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b76973d50 \$Directory 216 0x918b76973ee0 \Windows\rescache\_merged\3440028264\2043174863.pri 216 0x918b76974200 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b76974520 \Windows\ImmersiveControlPanel\Telemetry.Common.dll 216 0x918b769749d0 \Users\santa\AppData\Local\Comms\UnistoreDB\store.jfm 216 0x918b76974b60 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Assets\Devices-light.png 216 0x918b76974cf0 \Windows\System32\WinMetadata\Windows.UI.Xaml.winmd 216 0x918b76974e80 \$Directory 216 0x918b769751a0 \$ConvertToNonresident 216 0x918b76975650 \Windows\Fonts\segoeui.ttf 216 0x918b769757e0 \Users\santa\AppData\Local\Comms\UnistoreDB\store.vol 216 0x918b76975970 \Windows\ImmersiveControlPanel\SystemSettingsViewModel.Desktop.dll 216 0x918b76975b00 \Windows\System32\notepad.exe 216 0x918b76975c90 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 216 0x918b76976460 \Windows\System32\newdev.dll 216 0x918b76976910 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 216 0x918b76976aa0 \Windows\System32\en-US\winhttp.dll.mui 216 0x918b76976c30 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db 216 0x918b76976dc0 \Windows\System32\OnDemandBrokerClient.dll 216 0x918b769770e0 \Windows\System32\AppxPackaging.dll 216 0x918b76977270 \Windows\System32\winevt\Logs\Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx 216 0x918b76977590 \$ConvertToNonresident 216 0x918b76977720 \Windows\System32\devrtl.dll 216 0x918b769778b0 \Windows\Fonts\segoeui.ttf 216 0x918b76977a40 \Windows 216 0x918b76977bd0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db 216 0x918b76978080 \Windows\System32\en-US\svchost.exe.mui 216 0x918b76978210 \Windows\System32 216 0x918b769783a0 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b769786c0 \Windows\System32\elslad.dll 216 0x918b76978850 \Windows\SoftwareDistribution\DataStore\Logs\tmp.edb 216 0x918b769789e0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db 216 0x918b76978d00 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm 216 0x918b76979340 \Windows\System32 216 0x918b769797f0 \Windows\System32\mfreadwrite.dll 216 0x918b76979980 \Windows\System32\en-US\propsys.dll.mui 216 0x918b76979ca0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 216 0x918b76979e30 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b7697a150 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 216 0x918b7697a2e0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\clrcompression.dll 216 0x918b7697a470 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\OneSettingsClientForwarder.dll 216 0x918b7697a600 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 216 0x918b7697a790 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData 216 0x918b7697a920 \$Directory 216 0x918b7697add0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Assets\PhotosIcons.ttf 216 0x918b7697b0f0 \$Directory 216 0x918b7697b280 \Windows\System32\en-US\twinui.dll.mui 216 0x918b7697b5a0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll 216 0x918b7697b8c0 \Windows\Fonts\segoeui.ttf 216 0x918b7697bbe0 \$Directory 216 0x918b7697bd70 \Windows\System32\RuntimeBroker.exe 216 0x918b7697c090 \$Directory 216 0x918b7697c220 \Windows\ShellComponents\WindowsInternal.ComposableShell.Experiences.Switcher.dll 216 0x918b7697c3b0 \Windows\Fonts\segoeui.ttf 216 0x918b7697c540 \ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\UpdateLock-E7CF176E110C211B 216 0x918b7697c6d0 \CMApi 216 0x918b7697c860 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7697c9f0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll 216 0x918b7697cb80 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b7697cd10 \Windows\ShellComponents\TaskFlowUI.dll 216 0x918b7697cea0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat.LOG1 216 0x918b7697d1c0 \CMNotify 216 0x918b7697d350 \$Directory 216 0x918b7697d990 \$Directory 216 0x918b7697db20 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat.LOG2 216 0x918b7697dcb0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b7697de40 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Search.winmd 216 0x918b7697e2f0 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b7697e480 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 216 0x918b7697e7a0 \Windows\System32\en-US\user32.dll.mui 216 0x918b7697e930 \Windows\System32\smartscreen.exe 216 0x918b7697ec50 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 216 0x918b7697f290 \MsFteWds 216 0x918b7697f420 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7697f5b0 \Windows\System32 216 0x918b7697f8d0 \Windows\System32\WinRtTracing.dll 216 0x918b7697fa60 \Windows\System32\ieframe.dll 216 0x918b7697fbf0 \Windows\System32\WinMetadata\Windows.Storage.winmd 216 0x918b7697fd80 \Windows\System32\en-US\smartscreen.exe.mui 216 0x918b769800a0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76980230 \Windows\System32\en-US\shell32.dll.mui 216 0x918b769803c0 \Windows\System32\WinMetadata\Windows.Security.winmd 216 0x918b76980550 \$Directory 216 0x918b769806e0 \Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.32530.0_x64__8wekyb3d8bbwe\concrt140_app.dll 216 0x918b76980870 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Assets\PhotosIcons.ttf 216 0x918b76980a00 \Windows\System32\en-US\windows.ui.xaml.dll.mui 216 0x918b76980d20 \Windows\System32\en-US\ApplicationFrame.dll.mui 216 0x918b76980eb0 \Windows\Fonts\StaticCache.dat 216 0x918b769811d0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Tips.winmd 216 0x918b76981680 \Windows\SysWOW64\dnsapi.dll 216 0x918b76981810 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\SharedStyles.dll 216 0x918b76981b30 \CMNotify 216 0x918b76981cc0 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b76981e50 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76982170 \Windows\System32\wscinterop.dll 216 0x918b76982300 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\RB2ZB7BJ 216 0x918b76982490 \$Directory 216 0x918b769827b0 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b76982ad0 \$Directory 216 0x918b76982c60 \Windows\System32\wdmaud.drv 216 0x918b76983430 \$Directory 216 0x918b769835c0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76983750 \Windows\System32\en-US\explorerframe.dll.mui 216 0x918b769838e0 \Windows\System32\en-US\newdev.dll.mui 216 0x918b76983c00 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b76983d90 \Windows\System32\mlang.dll 216 0x918b769840b0 \Windows\System32\winbio.dll 216 0x918b769843d0 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b76984560 \Users\santa\AppData\Local\Microsoft\Windows\Safety\shell\remote\script_96032244749497702726114603847611723578.rel.v2 216 0x918b769846f0 \Program Files\Windows Defender\shellext.dll 216 0x918b76984880 \$Directory 216 0x918b76984a10 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SPA.winmd 216 0x918b76984ba0 \$Directory 216 0x918b76984d30 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76984ec0 \$Directory 216 0x918b769851e0 \Windows\System32\SecurityHealthSystray.exe 216 0x918b76985370 \Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 216 0x918b76985500 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b76985690 \$Directory 216 0x918b76985820 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b769859b0 \Windows\System32\en-US\Windows.Web.Http.dll.mui 216 0x918b76985b40 \Windows\Registration\R000000000006.clb 216 0x918b76985cd0 \Windows\System32\SecurityHealthSSO.dll 216 0x918b76985e60 \Windows\System32\en-US\Conhost.exe.mui 216 0x918b76986180 \Windows\Registration\R000000000006.clb 216 0x918b76986630 \Windows\SysWOW64\wtsapi32.dll 216 0x918b769867c0 \Windows\System32\en-US\securityhealthsso.dll.mui 216 0x918b76986950 \Program Files\Windows Photo Viewer\PhotoBase.dll 216 0x918b76986c70 \Windows\SysWOW64\version.dll 216 0x918b76986e00 \Windows\System32\SecurityHealthService.exe 216 0x918b76987120 \Windows\System32\en-US\combase.dll.mui 216 0x918b769872b0 \Windows\System32 216 0x918b769875d0 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b769878f0 \Windows\ShellExperiences\TileControl.dll 216 0x918b76987a80 \Windows\Registration\R000000000006.clb 216 0x918b76987c10 \Windows\System32\SecurityHealthSystray.exe 216 0x918b76988250 \Windows\SysWOW64\ExplorerFrame.dll 216 0x918b76988570 \CMApi 216 0x918b76988890 \Windows\System32\en-US\user32.dll.mui 216 0x918b76988a20 \$Directory 216 0x918b76988bb0 \Windows\System32\vm3dservice.exe 216 0x918b76988ed0 \Windows\System32\Windows.WARP.JITService.dll 216 0x918b769891f0 \Program Files\VMware\VMware Tools\vmtoolsd.exe 216 0x918b76989380 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76989510 \Windows\System32\SecurityHealthProxyStub.dll 216 0x918b769896a0 \ProgramData\Microsoft\Windows Security Health\Logs\SHS-11172023-155129-7-3f-18362.1.amd64fre.19h1_release.190318-1202.etl 216 0x918b76989830 \Windows\Registration\R000000000006.clb 216 0x918b769899c0 \$Directory 216 0x918b76989b50 \CMApi 216 0x918b76989ce0 \Windows\SysWOW64\dhcpcsvc6.dll 216 0x918b7698a190 \Windows\Registration\R000000000006.clb 216 0x918b7698a320 \Windows\SysWOW64\IPHLPAPI.DLL 216 0x918b7698a4b0 \$Directory 216 0x918b7698a7d0 \Windows\System32\vm3dservice.exe 216 0x918b7698a960 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b7698ae10 \Windows\System32 216 0x918b7698b130 \Windows\System32 216 0x918b7698b450 \$Directory 216 0x918b7698b5e0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7698b770 \Input 216 0x918b7698b900 \Windows\Fonts\segoeuil.ttf 216 0x918b7698ba90 \Program Files\VMware\VMware Tools\plugins\vmusr\dndcp.dll 216 0x918b7698bc20 \Program Files\VMware\VMware Tools\sigc-2.0.dll 216 0x918b7698bdb0 \Windows\System32\keepaliveprovider.dll 216 0x918b7698c3f0 \$Directory 216 0x918b7698c580 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncCxP.dll 216 0x918b7698c710 \Output 216 0x918b7698c8a0 \Windows\Fonts\segoeui.ttf 216 0x918b7698cd50 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7698d200 \CMApi 216 0x918b7698d520 \Windows\Fonts\times.ttf 216 0x918b7698d6b0 \Users\santa\AppData\Local\Microsoft\OneDrive\OneDrive.exe 216 0x918b7698d840 \Windows\System32\mfcore.dll 216 0x918b7698d9d0 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7698de80 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\en\FileSync.LocalizedResources.dll.mui 216 0x918b7698e1a0 \Windows\Temp\vmware-vmusr-santa.log 216 0x918b7698e330 \Windows\Fonts\seguisb.ttf 216 0x918b7698e4c0 \Program Files\VMware\VMware Tools\plugins\vmusr\desktopEvents.dll 216 0x918b7698e650 \$Directory 216 0x918b7698e7e0 \CMApi 216 0x918b7698e970 \$Directory 216 0x918b7698eb00 \Windows\System32\wscui.cpl 216 0x918b7698ee20 \Windows\System32\UIRibbon.dll 216 0x918b7698f140 \Program Files\VMware\VMware Tools\plugins\vmusr\vmtray.dll 216 0x918b7698f2d0 \Windows\System32\mfc140enu.dll 216 0x918b7698f460 \Windows\Registration\R000000000006.clb 216 0x918b7698f910 \CMApi 216 0x918b7698fc30 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b7698fdc0 \Windows\System32\mfc140u.dll 216 0x918b769900e0 \Windows\System32\en-US\mpr.dll.mui 216 0x918b76990400 \Windows 216 0x918b76990590 \Windows\System32\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll 216 0x918b76990720 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.30_none_e685621eb27f4d6a\comctl32.dll 216 0x918b769908b0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.30_none_e685621eb27f4d6a 216 0x918b76990a40 \Windows\System32\winevt\Logs\microsoft-windows-diagnosis-scripted%4operational.evtx 216 0x918b76990d60 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b76990ef0 \CMApi 216 0x918b76991080 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76991210 \Windows\System32\en-US\propsys.dll.mui 216 0x918b769913a0 \Windows\System32 216 0x918b76991530 \Windows\SysWOW64\Windows.UI.dll 216 0x918b769916c0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncClient.dll 216 0x918b76991d00 \Windows\Temp\vmware-vmusr-santa.log 216 0x918b76992340 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\msvcp140.dll 216 0x918b769927f0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\vcruntime140_1.dll 216 0x918b76992b10 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\LoggingPlatform.dll 216 0x918b76992ca0 \$Directory 216 0x918b76992e30 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\vcruntime140.dll 216 0x918b76993150 \Windows\System32\ntlanman.dll 216 0x918b76993790 \Windows\System32\CapabilityAccessHandlers.dll 216 0x918b76993ab0 \$Directory 216 0x918b76993c40 \Windows\SysWOW64\userenv.dll 216 0x918b769945a0 \Windows\System32\drprov.dll 216 0x918b769948c0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\ucrtbase.dll 216 0x918b76994be0 \Windows\System32\davclnt.dll 216 0x918b76994d70 \Windows\System32\SystemSettings.DataModel.dll 216 0x918b76995860 \Windows\System32\davhlpr.dll 216 0x918b76996350 \Program Files (x86)\Mozilla Firefox 216 0x918b76996e40 \Program Files (x86)\Mozilla Firefox 216 0x918b769977a0 \Users\santa\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2023-11-17.2351.4628.2.aodl 216 0x918b76997930 \Program Files (x86)\Mozilla Firefox 216 0x918b76997960 禸皙醋￿禸皙醋￿ 0 0x918b76997c50 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\OneDriveTelemetryStable.dll 216 0x918b76997de0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\LogUploader.dll 216 0x918b76998100 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncViews.dll 216 0x918b76998290 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\WebView2Loader.dll 216 0x918b76998420 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncFS.dll 216 0x918b769985b0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncEvents.dll 216 0x918b76998740 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\msvcp140_atomic_wait.dll 216 0x918b769988d0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\WnsClientApi.dll 216 0x918b76998a60 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Core.dll 216 0x918b76998bf0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\adal.dll 216 0x918b76998d80 \CMApi 216 0x918b769990a0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncRNWin32Lib.dll 216 0x918b76999230 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Quick.dll 216 0x918b769993c0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Telemetry.dll 216 0x918b76999550 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Gui.dll 216 0x918b769996e0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76999870 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b76999a00 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Qml.dll 216 0x918b76999b90 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5WinExtras.dll 216 0x918b76999d20 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncSqlite3.dll 216 0x918b76999eb0 \Windows\System32\credui.dll 216 0x918b7699a1d0 \Windows\System32\WinMetadata\Windows.Web.winmd 216 0x918b7699a360 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\libcrypto-1_1-x64.dll 216 0x918b7699a4f0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\msvcp140_1.dll 216 0x918b7699a680 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncTelemetryExtensions.dll 216 0x918b7699a810 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncHost.dll 216 0x918b7699a9a0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncSessions.dll 216 0x918b7699ab30 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\SyncEngine.dll 216 0x918b7699acc0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b7699ae50 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\UpdateRingSettings.dll 216 0x918b7699b170 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5Network.dll 216 0x918b7699b620 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SettingsDatabase.db 216 0x918b7699b7b0 \MsFteWds 216 0x918b7699b940 \Windows\System32\Windows.UI.Input.Inking.Analysis.dll 216 0x918b7699bc60 \Windows\System32\en-US\svchost.exe.mui 216 0x918b7699bdf0 \Windows\System32\en-US\Windows.UI.dll.mui 216 0x918b7699c110 \$Directory 216 0x918b7699c2a0 \ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b7699c750 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\libssl-1_1-x64.dll 216 0x918b7699c8e0 \Windows\System32\svchost.exe 216 0x918b7699cc00 \Windows\System32\efswrt.dll 216 0x918b7699cd90 \Windows\SystemResources\Chakra.dll.mun 216 0x918b7699d0b0 \Windows\Fonts\segoeuib.ttf 216 0x918b7699d3d0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b7699d6f0 \Windows\System32 216 0x918b7699dba0 \Windows\Fonts\Sitka.ttc 216 0x918b7699dd30 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\Qt5QmlModels.dll 216 0x918b7699dec0 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-wal 216 0x918b7699e1e0 \Windows\SysWOW64\OneCoreCommonProxyStub.dll 216 0x918b7699e690 \Windows\System32 216 0x918b7699e820 \Windows\System32\InkObjCore.dll 216 0x918b7699e9b0 \Windows\Fonts\SitkaI.ttc 216 0x918b7699eb40 \Windows\System32\configmanager2.dll 216 0x918b7699f310 \$Directory 216 0x918b7699f4a0 \$Directory 216 0x918b7699f7c0 \Windows\SysWOW64\ntshrui.dll 216 0x918b7699fc70 \Windows\System32\winevt\Logs\Microsoft-Windows-Containers-BindFlt%4Operational.evtx 216 0x918b7699fe00 \Windows\Fonts\SitkaZ.ttc 216 0x918b769a0120 \Windows\System32\SettingsEnvironment.Desktop.dll 216 0x918b769a05d0 \Windows\System32\AdaptiveCards.dll 216 0x918b769a08f0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncFSNtfs.dll 216 0x918b769a0a80 \Windows\System32\regapi.dll 216 0x918b769a0da0 \Dev\Query 216 0x918b769a13e0 \$Directory 216 0x918b769a1570 \Windows\SysWOW64\en-US\taskschd.dll.mui 216 0x918b769a1700 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 216 0x918b769a1890 \Windows\Fonts\calibri.ttf 216 0x918b769a1bb0 \Windows\SysWOW64\policymanager.dll 216 0x918b769a1d40 \$Directory 216 0x918b769a1ed0 \Windows\SysWOW64\srvcli.dll 216 0x918b769a21f0 \Windows\SysWOW64\cscapi.dll 216 0x918b769a2380 \Windows\System32\en-US\windows.applicationmodel.datatransfer.dll.mui 216 0x918b769a2510 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\V01.loglog 216 0x918b769a2830 \Windows\System32\enterpriseresourcemanager.dll 216 0x918b769a29c0 \CMApi 216 0x918b769a2b50 \$Directory 216 0x918b769a2e70 \Windows\System32\en-US\ole32.dll.mui 216 0x918b769a3190 \Windows\System32\en-US\avrt.dll.mui 216 0x918b769a3320 \Windows\System32\en-US\combase.dll.mui 216 0x918b769a3640 \Reference 216 0x918b769a37d0 \Windows\System32\dmiso8601utils.dll 216 0x918b769a3960 \Windows\System32\dmoleaututils.dll 216 0x918b769a3c80 \Server 216 0x918b769a3e10 \Windows\SysWOW64\msvcp110_win.dll 216 0x918b769a4130 \Windows\System32\DictationManager.dll 216 0x918b769a42c0 \Dev\Query 216 0x918b769a4450 \Windows\System32\conhost.exe 216 0x918b769a45e0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\edb.log 216 0x918b769a4770 \$Directory 216 0x918b769a4900 \$ConvertToNonresident 216 0x918b769a4a90 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncFSNtfsWB.dll 216 0x918b769a4c20 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\platforms\qwindows.dll 216 0x918b769a4db0 \CMApi 216 0x918b769a50d0 \Windows\SysWOW64\winsta.dll 216 0x918b769a5260 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b769a53f0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncFALWB.dll 216 0x918b769a5710 \$Directory 216 0x918b769a58a0 \$Directory 216 0x918b769a5a30 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SettingsDatabase.db-wal 216 0x918b769a5bc0 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SettingsDatabase.db-shm 216 0x918b769a5d50 \$Directory 216 0x918b769a5ee0 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSync.Resources.dll 216 0x918b769a6200 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSyncFSCache.dll 216 0x918b769a6390 \Windows\System32\en-US\windows.ui.xaml.dll.mui 216 0x918b769a6520 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileSync.LocalizedResources.dll 216 0x918b769a66b0 \Dev\Query 216 0x918b769a6b60 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SyncEngineDatabase.db 216 0x918b769a6cf0 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SyncEngineDatabase.db-wal 216 0x918b769a6e80 \Users\santa\AppData\Local\Microsoft\OneDrive\settings\Personal\SyncEngineDatabase.db-shm 216 0x918b769a71a0 \Users\santa\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2023-11-17_235151_4628-4616.log 216 0x918b769a7330 \$Directory 216 0x918b769a74c0 \Windows\System32\en-US\shell32.dll.mui 216 0x918b769a7c90 \gecko.4576.3988.4196779259130090733 216 0x918b769a8140 \Windows\Fonts\arial.ttf 216 0x918b769a82d0 \Windows\System32\ELSCore.dll 216 0x918b769a8780 \Windows\System32\MicrosoftAccountTokenProvider.dll 216 0x918b769a8910 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b769a8aa0 \CMApi 216 0x918b769a90e0 \Windows\System32\Wpc.dll 216 0x918b769a9590 \Program Files (x86)\Mozilla Firefox 216 0x918b769a9720 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b769a98b0 \Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi 216 0x918b769a9a40 \Windows\System32\en-US\SHCore.dll.mui 216 0x918b769a9d60 \gecko.4576.3988.4196779259130090733 216 0x918b769aa080 \Users\santa\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\en\FileSync.LocalizedResources.dll.mui 216 0x918b769aa210 \Users\santa\AppData\Local\Microsoft\Credentials 216 0x918b769aa3a0 \Users\santa\AppData\Roaming\Microsoft\Credentials 216 0x918b769aa850 \Windows\System32\msIso.dll 216 0x918b769aa9e0 \Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\State\dosvcState.dat.LOG2 216 0x918b769aab70 \$Directory 216 0x918b769aae90 \gecko.4576.3988.14258203149884878546 216 0x918b769ab340 \$Directory 216 0x918b769ab4d0 \Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\Logs\dosvc.20231117_235156_845.etl 216 0x918b769ab7f0 \$Directory 216 0x918b769ab980 \Windows\System32\ngcpopkeysrv.dll 216 0x918b769abca0 \Windows\Fonts\tahomabd.ttf 216 0x918b76abd9d0 \$NonCachedIo 216 0x918b76abdb40 \$NonCachedIo 216 0x918b76ac0660 \$NonCachedIo 216 0x918b76c2b1e0 \Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf 216 0x918b76c2b370 \Windows\System32\en-US\Windows.Security.Authentication.Web.Core.dll.mui 216 0x918b76c2b500 \Windows\SystemResources\Windows.UI.ShellCommonInetCore\Windows.UI.ShellCommonInetCore.pri 216 0x918b76c2b820 \Windows\System32\backgroundTaskHost.exe 216 0x918b76c2b9b0 \Windows\System32\en-US\AppXDeploymentServer.dll.mui 216 0x918b76c2bb40 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eView.dll 216 0x918b76c2bcd0 \CMNotify 216 0x918b76c2be60 \Windows\System32\dsclient.dll 216 0x918b76c2c180 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b76c2c310 \Windows\System32\StorageUsage.dll 216 0x918b76c2c4a0 \Windows 216 0x918b76c2c630 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxTsr.exe 216 0x918b76c2c950 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b76c2cae0 \CMNotify 216 0x918b76c2cc70 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76c2ce00 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76c2d120 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b76c2d2b0 \Windows\Fonts\segoeuil.ttf 216 0x918b76c2d5d0 \CMNotify 216 0x918b76c2d760 \Windows\Fonts\cambriaz.ttf 216 0x918b76c2d8f0 \Windows\System32\en-US\ntasn1.dll.mui 216 0x918b76c2da80 \Sessions\1\AppContainerNamedObjects\S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433 216 0x918b76c2dc10 \$Directory 216 0x918b76c2dda0 \CMNotify 216 0x918b76c2e0c0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db 216 0x918b76c2e250 \Windows\System32\StorSvc.dll 216 0x918b76c2e3e0 \Windows\SystemResources\ExplorerFrame.dll.mun 216 0x918b76c2e700 \Users\santa\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2023-11-17.2323.5328.2.odlgz 216 0x918b76c2e890 \$Directory 216 0x918b76c2ea20 \$Directory 216 0x918b76c2ebb0 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.app.json 216 0x918b76c2ed40 \Windows\System32\backgroundTaskHost.exe 216 0x918b76c2eed0 \$Directory 216 0x918b76c2f1f0 \Windows\System32 216 0x918b76c2f380 \Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf 216 0x918b76c2f510 \Windows\System32\backgroundTaskHost.exe 216 0x918b76c2f6a0 \Windows\System32\en-US\jscript9.dll.mui 216 0x918b76c2f830 \Windows\System32 216 0x918b76c2f9c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b76c2fce0 \wkssvc 216 0x918b76c2fe70 \Windows\System32\winevt\Logs\Microsoft-Windows-Storsvc%4Diagnostic.evtx 216 0x918b76c30190 \Windows\Prefetch\MUSNOTIFYICON.EXE-19B43B6D.pf 216 0x918b76c304b0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\a52b0784bd667468.automaticDestinations-ms 216 0x918b76c30640 \Windows\explorer.exe 216 0x918b76c307d0 \Users\santa\AppData\Local\Microsoft\OneDrive\logs\Personal\SyncEngine-2023-11-17.2351.4628.1.odlgz 216 0x918b76c30960 \Windows\System32\SyncRes.dll 216 0x918b76c30af0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\9d1f905ce5044aee.automaticDestinations-ms 216 0x918b76c30c80 \$Directory 216 0x918b76c30e10 \Sessions\1\AppContainerNamedObjects\S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157 216 0x918b76c31130 \Windows\System32\PhoneutilRes.dll 216 0x918b76c312c0 \Connect 216 0x918b76c31450 \Windows\System32\en-US\Conhost.exe.mui 216 0x918b76c315e0 \Windows\Prefetch\GAMEBAR.EXE-E79FA3B9.pf 216 0x918b76c31770 \$Directory 216 0x918b76c31a90 \Windows\System32\wscproxystub.dll 216 0x918b76c31c20 \Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe 216 0x918b76c31db0 \ProgramData\USOShared\Logs\UsoCoreWorker.5922ac36-0a80-4ccf-8043-a7181bce1717.1.etl 216 0x918b76c32260 \Windows\System32 216 0x918b76c323f0 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\wdscore.dll 216 0x918b76c32580 \Windows\System32\SgrmEnclave.dll 216 0x918b76c32710 \Windows\servicing\en-US\TrustedInstaller.exe.mui 216 0x918b76c328a0 \Windows\System32\SgrmBroker.exe 216 0x918b76c32a30 \$Directory 216 0x918b76c32bc0 \CMApi 216 0x918b76c32d50 \Windows 216 0x918b76c32ee0 \Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy 216 0x918b76c33200 \Windows\Registration\R000000000006.clb 216 0x918b76c33520 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b76c336b0 \Windows\System32\MusNotification.exe 216 0x918b76c33840 \Windows\System32\en-US\user32.dll.mui 216 0x918b76c339d0 \Windows\System32\config\COMPONENTS 216 0x918b76c33b60 \$Directory 216 0x918b76c33cf0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b76c341a0 \Windows\Logs\CBS\CBS.log 216 0x918b76c34330 \$Directory 216 0x918b76c34650 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b76c34970 \$Directory 216 0x918b76c34b00 \Windows\System32\SecurityCenterBroker.dll 216 0x918b76c34c90 \Windows\System32\svchost.exe 216 0x918b76c34e20 \Windows\System32\wscsvc.dll 216 0x918b76c352d0 \Windows\System32\vaultsvc.dll 216 0x918b76c355f0 \ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B 216 0x918b76c35780 \ProgramData\USOShared\Logs\UpdateSessionOrchestration.995347a8-2a9e-48af-bbd5-03147fb77e7a.1.etl 216 0x918b76c35910 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\TiWorker.exe 216 0x918b76c35aa0 \Users\santa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper 216 0x918b76c35c30 \Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx 216 0x918b76c35dc0 \Users\desktop.ini 216 0x918b76c360e0 \Windows\System32\vbsapi.dll 216 0x918b76c36270 \Windows\Registration\R000000000006.clb 216 0x918b76c36590 \$Directory 216 0x918b76c36720 \Windows\System32\en-US\Windows.Web.dll.mui 216 0x918b76c368b0 \Windows\System32\en-US\dps.dll.mui 216 0x918b76c36a40 \Windows\servicing\CbsApi.dll 216 0x918b76c36bd0 \Windows\Logs\waasmedic\waasmedic.20231118_133142_776.etl 216 0x918b76c36d60 \Windows\System32 216 0x918b76c36ef0 \$Directory 216 0x918b76c37080 \Windows\Prefetch\TIWORKER.EXE-2CF725E4.pf 216 0x918b76c37210 \Windows\System32\usosvc.dll 216 0x918b76c37530 \Windows\Prefetch\BACKGROUNDTASKHOST.EXE-A7A4C1BC.pf 216 0x918b76c376c0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b76c37850 \$Directory 216 0x918b76c379e0 \Windows\System32\Phoneutil.dll 216 0x918b76c37b70 \Windows\System32 216 0x918b76c37e90 \Server 216 0x918b76c381b0 \Reference 216 0x918b76c38340 \Windows\System32\syncutil.dll 216 0x918b76c387f0 \Windows\System32\InprocLogger.dll 216 0x918b76c38980 \Windows\System32\SecurityCenterBrokerPS.dll 216 0x918b76c39150 \Windows\System32\dmcfgutils.dll 216 0x918b76c392e0 \Windows\System32\APHostService.dll 216 0x918b76c39470 \Windows\Registration\R000000000006.clb 216 0x918b76c39600 \Windows\System32\MCCSPal.dll 216 0x918b76c39790 \Windows\System32\dmxmlhelputils.dll 216 0x918b76c39920 \Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 216 0x918b76c39ab0 \Windows\System32\clbcatq.dll 216 0x918b76c39dd0 \Windows\System32\SyncController.dll 216 0x918b76c3a0f0 \Windows\System32\UserDataPlatformHelperUtil.dll 216 0x918b76c3a280 \Windows\System32\UserDataLanguageUtil.dll 216 0x918b76c3a410 \Windows\System32\cemapi.dll 216 0x918b76c3a5a0 \Windows\System32\en-US\combase.dll.mui 216 0x918b76c3a730 \Windows\System32\en-US\wscapi.dll.mui 216 0x918b76c3a8c0 \Windows\System32\networkhelper.dll 216 0x918b76c3aa50 \Windows\System32\MCCSEngineShared.dll 216 0x918b76c3abe0 \Windows\SysWOW64\CoreMessaging.dll 216 0x918b76c3ad70 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5 216 0x918b76c3b090 \$Directory 216 0x918b76c3b220 \Windows\System32\en-US\vaultsvc.dll.mui 216 0x918b76c3b3b0 \Output 216 0x918b76c3b540 \CMApi 216 0x918b76c3b860 \$Directory 216 0x918b76c3b9f0 \Input 216 0x918b76c3bb80 \Windows\System32\conhost.exe 216 0x918b76c3bd10 \Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf 216 0x918b76c3bea0 \Windows\System32\en-US\wscapi.dll.mui 216 0x918b76c3c1c0 \$Directory 216 0x918b76c3c4e0 \$Directory 216 0x918b76c3c670 \Windows\SysWOW64\netapi32.dll 216 0x918b76c3c800 \Windows\System32\en-US\winlogon.exe.mui 216 0x918b76c3ccb0 \CMApi 216 0x918b76c3ce40 \Windows\SysWOW64\dsreg.dll 216 0x918b76c3d160 \Windows\SysWOW64\netutils.dll 216 0x918b76c3d2f0 \Users\santa\AppData\Local\Temp\MicrosoftEdgeUpdate.log 216 0x918b76c3d480 \Windows\Logs\CBS\CBS.log 216 0x918b76c3d610 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.tracing.json 216 0x918b76c3d7a0 \$Directory 216 0x918b76c3d930 \Windows\Registration\R000000000006.clb 216 0x918b76c3dac0 \Windows\SysWOW64\wkscli.dll 216 0x918b76c3dc50 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\msedgeupdate.dll 216 0x918b76c3dde0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76c3e100 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b76c3e290 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\dpx.dll 216 0x918b76c3e420 \CMNotify 216 0x918b76c3e5b0 \Windows\System32\usocoreworker.exe 216 0x918b76c3e740 \Windows\Fonts\seguiemj.ttf 216 0x918b76c3e8d0 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\wcp.dll 216 0x918b76c3ea60 \Windows\System32\appraiser.dll 216 0x918b76c3ebf0 \ProgramData\USOShared\Logs\NotificationUxBroker.c139137b-83b1-4da1-b306-622cab502fe6.1.etl 216 0x918b76c3ed80 \CMApi 216 0x918b76c3f0a0 \Windows\SysWOW64\CoreUIComponents.dll 216 0x918b76c3f230 \gecko.4576.3988.7767695392285246638 216 0x918b76c3f3c0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76c3f550 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b76c3f870 \Windows\System32\srclient.dll 216 0x918b76c3fa00 \gecko.4576.3988.7767695392285246638 216 0x918b76c3fb90 \Windows\System32\config\COMPONENTS{fd9a35c3-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b76c3feb0 \Windows\Prefetch\USOCOREWORKER.EXE-C7204344.pf 216 0x918b76c40360 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\CbsCore.dll 216 0x918b76c404f0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite 216 0x918b76c40680 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\msedgeupdateres_en.dll 216 0x918b76c40810 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db 216 0x918b76c409a0 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\drupdate.dll 216 0x918b76c40cc0 \ProgramData\USOShared\Logs\NotificationUxBroker.a7a36037-3ce8-4ec4-9156-3161dd9df5c3.1.etl 216 0x918b76c40e50 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData 216 0x918b76c41170 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76c41300 \Windows\System32\mssvp.dll 216 0x918b76c41490 \Windows\Prefetch\MPSIGSTUB.EXE-4D562760.pf 216 0x918b76c41620 \Windows\System32\devinv.dll 216 0x918b76c417b0 \Program Files (x86)\Mozilla Firefox 216 0x918b76c41ad0 \$Directory 216 0x918b76c41c60 \Windows\System32\SearchProtocolHost.exe 216 0x918b76c41df0 \Program Files (x86)\Mozilla Firefox 216 0x918b76c42110 \Windows\SysWOW64\winnsi.dll 216 0x918b76c425c0 \Windows\System32 216 0x918b76c428e0 \Windows\DiagTrack\RemoteAggregatorTriggerCriteria.dat 216 0x918b76c42a70 \Program Files\WindowsApps\Microsoft.VCLibs.140.00.UWPDesktop_14.0.32530.0_x64__8wekyb3d8bbwe\vcruntime140.dll 216 0x918b76c42c00 \Users\santa\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk 216 0x918b76c42d90 \Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf 216 0x918b76c430b0 \CMApi 216 0x918b76c43240 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{2773188F-807D-421F-A1B6-5644661909DA}.catalogItem 216 0x918b76c433d0 \Windows\Registration\R000000000006.clb 216 0x918b76c43560 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{28F6A877-7AF5-4A73-BD3E-BBBC65150B75}.catalogItem 216 0x918b76c436f0 \Windows 216 0x918b76c43a10 \Windows\WinSxS\FileMaps\$$.cdf-ms 216 0x918b76c43d30 \Windows\Registration\R000000000006.clb 216 0x918b76c43ec0 \Users\santa\Documents\desktop.ini 216 0x918b76c44370 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\S-1-5-21-1046918562-1299961717-1331875240-1001.pckgdep 216 0x918b76c44500 \Windows\SysWOW64\twinapi.dll 216 0x918b76c44690 \Program Files\WindowsApps\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\Skype\SkypeContext.dll 216 0x918b76c44820 \$Directory 216 0x918b76c449b0 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-wal 216 0x918b76c44b40 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\S-1-5-21-1046918562-1299961717-1331875240-1001.pckgdep 216 0x918b76c44cd0 \Windows\System32\apisampling.dll 216 0x918b76c44e60 \Windows\appcompat\Programs\EncapsulationLogging.hve 216 0x918b76c45180 \LOCAL\cubeb-pipe-4576-11 216 0x918b76c45310 \Windows\appcompat\Programs\EncapsulationLogging.hve.LOG1 216 0x918b76c454a0 \Windows\System32\en-US\kernel32.dll.mui 216 0x918b76c45630 \Program Files\WindowsApps\Microsoft.VCLibs.140.00.UWPDesktop_14.0.32530.0_x64__8wekyb3d8bbwe\vcruntime140_1.dll 216 0x918b76c457c0 \Program Files\WindowsApps\Microsoft.VCLibs.140.00.UWPDesktop_14.0.32530.0_x64__8wekyb3d8bbwe\vccorlib140.dll 216 0x918b76c45950 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\PartyWin.dll 216 0x918b76c45ae0 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll 216 0x918b76c45c70 \CMNotify 216 0x918b76c45e00 \$Directory 216 0x918b76c46120 \$Directory 216 0x918b76c462b0 \Users\santa\Favorites\desktop.ini 216 0x918b76c46440 \Windows\System32\pcacli.dll 216 0x918b76c465d0 \Windows\appcompat\Programs\EncapsulationLogging.hve.LOG2 216 0x918b76c46760 \CMApi 216 0x918b76c468f0 \Users\santa\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1680_1050_POS4.jpg 216 0x918b76c46a80 \Users\santa\Links\desktop.ini 216 0x918b76c46c10 \Windows\System32\Windows.ApplicationModel.Store.dll 216 0x918b76c46da0 \Users\santa\Contacts\desktop.ini 216 0x918b76c470c0 \Users\santa\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini 216 0x918b76c47250 \Program Files\Windows Defender\EppManifest.dll 216 0x918b76c473e0 \Windows\SysWOW64\winrnr.dll 216 0x918b76c47570 \Program Files (x86)\Mozilla Firefox\gkcodecs.dll 216 0x918b76c47700 \Windows\SysWOW64\ktmw32.dll 216 0x918b76c47890 \Windows\System32\en-US\rpcrt4.dll.mui 216 0x918b76c47bb0 \Windows\SysWOW64\propsys.dll 216 0x918b76c47d40 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{705BA990-0A9C-4A9F-A7C7-6BABF1AA8561}.catalogItem 216 0x918b76c481f0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{78F02305-4404-49C5-A8E5-A254035C0D00}.catalogItem 216 0x918b76c48380 \Program Files (x86)\Mozilla Firefox\lgpllibs.dll 216 0x918b76c48510 \$Directory 216 0x918b76c486a0 \CMApi 216 0x918b76c48830 \Windows\SysWOW64\dbghelp.dll 216 0x918b76c489c0 \Program Files (x86)\Mozilla Firefox\xul.dll 216 0x918b76c48b50 \Windows\System32\werconcpl.dll 216 0x918b76c48ce0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db 216 0x918b76c48e70 \Windows\SysWOW64\uxtheme.dll 216 0x918b76c49190 \Users\santa\AppData\Local\Mozilla\Firefox\SkeletonUILock-dc0b1b25 216 0x918b76c49320 \Program Files (x86)\Mozilla Firefox\nss3.dll 216 0x918b76c494b0 \LOCAL\cubeb-pipe-4576-11 216 0x918b76c49640 \gecko.4576.3988.7509070130796334379 216 0x918b76c497d0 \Windows\System32\zipfldr.dll 216 0x918b76c49960 \Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx 216 0x918b76c49af0 \Windows\System32 216 0x918b76c49c80 \Windows\SysWOW64\ntmarta.dll 216 0x918b76c49e10 \Users\santa\Saved Games\desktop.ini 216 0x918b76c4a130 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{6846259E-BE8D-4862-8F7D-56766A0C1B25}.catalogItem 216 0x918b76c4a2c0 \Windows\SysWOW64\wsock32.dll 216 0x918b76c4a770 \Windows\System32\D3D12.dll 216 0x918b76c4a900 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{839C59D0-6565-477F-90A2-9982A4FB6C68}.catalogItem 216 0x918b76c4aa90 \CMApi 216 0x918b76c4ac20 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{7A9E1E0B-D13E-488D-9D39-AB555896082D}.catalogItem 216 0x918b76c4b0d0 \$Directory 216 0x918b76c4b260 \Windows\ImmersiveControlPanel\pris\resources.en-US.pri 216 0x918b76c4b3f0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\Dow3CDC.tmp 216 0x918b76c4b580 \Windows\System32 216 0x918b76c4b710 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalState\Logs\Log-GameBarLoggingSession-1.etl 216 0x918b76c4bbc0 \Windows\SysWOW64\NapiNSP.dll 216 0x918b76c4bd50 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\parent.lock 216 0x918b76c4bee0 \Windows\Fonts\cambria.ttc 216 0x918b76c4c200 \Program Files (x86)\Mozilla Firefox\browser\omni.ja 216 0x918b76c4c390 \Windows\System32\ApplicationFrameHost.exe 216 0x918b76c4c520 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 216 0x918b76c4c840 \Windows\System32\eShims.dll 216 0x918b76c4c9d0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194 216 0x918b76c4cb60 \Windows\Prefetch\GAMEBARFTSERVER.EXE-5CD4C30E.pf 216 0x918b76c4ccf0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{79C1C918-E8E6-4677-97FF-FA895DE7EC72}.catalogItem 216 0x918b76c4ce80 \Windows\System32 216 0x918b76c4d1a0 \Windows\SysWOW64\dbgcore.dll 216 0x918b76c4d330 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{7B761C10-8206-40A4-B307-DB82578FD72C}.catalogItem 216 0x918b76c4d4c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_44.18362.1.0_neutral__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b76c4d650 \$Directory 216 0x918b76c4d7e0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{9552323B-F7B9-43CE-8A02-4A183C60D532}.catalogItem 216 0x918b76c4d970 \CMApi 216 0x918b76c4db00 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b76c4dc90 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b76c4de20 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat.LOG2 216 0x918b76c4e140 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b76c4e2d0 \Windows\Registration\R000000000006.clb 216 0x918b76c4eaa0 \$Directory 216 0x918b76c4ec30 \Windows\System32 216 0x918b76c4f0e0 \ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\c37c8b2035625a33.dat 216 0x918b76c4f270 \Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll 216 0x918b76c4f400 \$Directory 216 0x918b76c4f590 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{87AF66AC-E501-4D45-8CDA-9EF297CFF3B2}.catalogItem 216 0x918b76c4f720 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b76c4f8b0 \Windows\Registration\R000000000006.clb 216 0x918b76c4fa40 \ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\c37c8b2035625a33_COM15.dat 216 0x918b76c4fbd0 \CMNotify 216 0x918b76c4fd60 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat.LOG1 216 0x918b76c4fef0 \Program Files (x86)\desktop.ini 216 0x918b76c50080 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eData.dll 216 0x918b76c50210 \Windows\System32\XblAuthManagerProxy.dll 216 0x918b76c503a0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b76c50530 \Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx 216 0x918b76c506c0 \Program Files (x86)\Mozilla Firefox\omni.ja 216 0x918b76c50850 \Windows\SysWOW64\winmm.dll 216 0x918b76c509e0 \Windows\System32 216 0x918b76c50b70 \ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\c37c8b2035625a33_COM15.dat.LOG2 216 0x918b76c50d00 \ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\c37c8b2035625a33.dat 216 0x918b76c50e90 \Windows\Registration\R000000000006.clb 216 0x918b76c511b0 \Users\desktop.ini 216 0x918b76c51340 \Windows\System32\svchost.exe 216 0x918b76c514d0 \Windows\System32\en-US\kernel32.dll.mui 216 0x918b76c51660 \Users\santa\Videos\Captures\desktop.ini 216 0x918b76c517f0 \Users\santa\Pictures\wallpaper.png 216 0x918b76c51980 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\INetCache\ZA002JGD\ab[1].json 216 0x918b76c51b10 \Windows\System32\ShellExperiences\WindowsInternal.Xaml.Controls.Tabs.dll 216 0x918b76c51ca0 \CMApi 216 0x918b76c51e30 \Windows\System32\Windows.WARP.JITService.exe 216 0x918b76c52150 \ProgramData\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\465f7e52ad88feb7.dat 216 0x918b76c522e0 \CMNotify 216 0x918b76c52470 \Windows\Fonts\segoeui.ttf 216 0x918b76c52600 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalState\DiagOutputDir\XboxGamingOverlayTraces_FT_Server_20231118133215.txt 216 0x918b76c52790 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\XboxGameBarFT.winmd 216 0x918b76c52920 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b76c52ab0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76c52c40 \Windows\rescache\_merged\1348407519\4258637282.pri 216 0x918b76c52dd0 \$Directory 216 0x918b76c530f0 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\startupCache\scriptCache-current.bin 216 0x918b76c53280 \Windows\SysWOW64\nlaapi.dll 216 0x918b76c53410 \Windows\System32\Windows.System.Profile.RetailInfo.dll 216 0x918b76c53730 \Windows\System32\AssignedAccessRuntime.dll 216 0x918b76c538c0 \Windows\SysWOW64\WinTypes.dll 216 0x918b76c53a50 \ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\c37c8b2035625a33_COM15.dat.LOG1 216 0x918b76c53be0 \Windows\System32\taskhostw.exe 216 0x918b76c53d70 \Windows\System32\Windows.System.Diagnostics.dll 216 0x918b76c54220 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76c543b0 \Windows\SysWOW64\winmmbase.dll 216 0x918b76c54540 \Windows\SysWOW64\webauthn.dll 216 0x918b76c546d0 \Windows\SysWOW64\devobj.dll 216 0x918b76c54860 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppLockscreen\wallpaper.png 216 0x918b76c549f0 \Windows\SysWOW64\wshbth.dll 216 0x918b76c54ea0 \$Directory 216 0x918b76c551c0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76c554e0 \Windows\bcastdvr\KnownGameList.bin 216 0x918b76c55670 \$Directory 216 0x918b76c55990 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b76c55b20 \$Directory 216 0x918b76c55cb0 \srvsvc 216 0x918b76c55e40 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b76c56160 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppLockscreen\wallpaper.png 216 0x918b76c56480 \Windows\System32\browserbroker.dll 216 0x918b76c567a0 \Endpoint 216 0x918b76c56930 \Windows\System32\duser.dll 216 0x918b76c56ac0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b76c56c50 \Users\santa\Pictures\desktop.ini 216 0x918b76c56de0 \Windows\SysWOW64\dhcpcsvc.dll 216 0x918b76c57100 \Windows\System32\browser_broker.exe 216 0x918b76c57420 \AsyncConnectHlp 216 0x918b76c575b0 \gecko.4576.3988.11027459119419464105 216 0x918b76c57740 \Windows\SysWOW64\netprofm.dll 216 0x918b76c578d0 \gecko.4576.3988.11027459119419464105 216 0x918b76c57a60 \Windows\Registration\R000000000006.clb 216 0x918b76c57bf0 \Endpoint 216 0x918b76c57d80 \$Directory 216 0x918b76c580a0 \Endpoint 216 0x918b76c583c0 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 216 0x918b76c58550 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log 216 0x918b76c586e0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb 216 0x918b76c58870 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\cache2\entries\90986EF1909EF6B5244F9775F7FBF9E3ADD68DE9 216 0x918b76c58a00 \$Directory 216 0x918b76c58b90 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 216 0x918b76c58d20 \Windows\System32\ClipSVC.dll 216 0x918b76c58eb0 \Windows\SystemResources\Windows.UI.ShellCommonInetCore\pris\Windows.UI.ShellCommonInetCore.en-US.pri 216 0x918b76c591d0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log 216 0x918b76c59360 \$Directory 216 0x918b76c594f0 \Windows\Registration\R000000000006.clb 216 0x918b76c59680 \$Directory 216 0x918b76c59810 \$Directory 216 0x918b76c599a0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.jfm 216 0x918b76c59cc0 \Windows\System32\RuntimeBroker.exe 216 0x918b76c59e50 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.jfm 216 0x918b76c5a170 \Windows\System32\ActivationClient.dll 216 0x918b76c5a300 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b76c5a490 \Windows\System32\AppExtension.dll 216 0x918b76c5a620 \ProgramData\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft_Windows-10-Home.swidtag 216 0x918b76c5a7b0 \CMNotify 216 0x918b76c5a940 \Windows\SystemResources\shell32.dll.mun 216 0x918b76c5aad0 \$Directory 216 0x918b76c5ac60 \Windows\System32\dllhost.exe 216 0x918b76c5adf0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b76c5b110 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData 216 0x918b76c5b2a0 \Windows\Fonts\times.ttf 216 0x918b76c5b430 \Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log 216 0x918b76c5b5c0 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 216 0x918b76c5b750 \Users\santa\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log 216 0x918b76c5b8e0 \Windows\System32\en-US\wshqos.dll.mui 216 0x918b76c5ba70 \Sessions\1\AppContainerNamedObjects\S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194\1821068571-1793888307-623627345-1529106238 216 0x918b76c5bc00 \Windows\System32\MicrosoftEdgeSH.exe 216 0x918b76c5bd90 \Windows\Registration\R000000000006.clb 216 0x918b76c5c0b0 \Endpoint 216 0x918b76c5c240 \Windows\System32\CapabilityAccessManager.dll 216 0x918b76c5c3d0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76c5c6f0 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Xbox.Experimentation.dll 216 0x918b76c5c880 \Windows\SysWOW64\InputHost.dll 216 0x918b76c5ca10 \Windows\System32\oleaut32.dll 216 0x918b76c5cba0 \$Directory 216 0x918b76c5cd30 \Endpoint 216 0x918b76c5cec0 \Windows\System32\cdprt.dll 216 0x918b76c5d1e0 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b76c5d500 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b76c5d820 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db 216 0x918b76c5d9b0 \Windows 216 0x918b76c5db40 \Program Files (x86)\Mozilla Firefox 216 0x918b76c5e180 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b76c5e4a0 \Windows\Fonts\arial.ttf 216 0x918b76c5e630 \Windows\System32\cellulardatacapabilityhandler.dll 216 0x918b76c5e950 \Program Files (x86)\Mozilla Firefox 216 0x918b76c5eae0 \Windows\System32\C_1255.NLS 216 0x918b76c5ec70 \Windows\System32\EdgeContent.dll 216 0x918b76c5f120 \Windows\System32\Windows.System.Profile.SystemId.dll 216 0x918b76c5f2b0 \Windows\System32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll 216 0x918b76c5f5d0 \gecko.4576.3988.15626751180869662404 216 0x918b76c5f760 \Windows\System32\Windows.System.UserProfile.DiagnosticsSettings.dll 216 0x918b76c5f8f0 \Program Files\Common Files\microsoft shared\ink\tiptsf.dll 216 0x918b76c5fa80 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db 216 0x918b76c600c0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194\3513710562-3729412521-1863153555-1462103995 216 0x918b76c60250 \gecko.4576.3988.15626751180869662404 216 0x918b76c603e0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\cache\caches.sqlite-wal 216 0x918b76c60570 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\cache\caches.sqlite-shm 216 0x918b76c60890 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\SegXboxGB.ttf 216 0x918b76c60a20 \Windows\SysWOW64\pnrpnsp.dll 216 0x918b76c60bb0 \Windows\SysWOW64\twinapi.appcore.dll 216 0x918b76c60d40 \Windows\Fonts\StaticCache.dat 216 0x918b76c60ed0 \Windows\System32\en-US\user32.dll.mui 216 0x918b76c611f0 \gecko.4576.3988.11432683184268803580 216 0x918b76c61380 \$Directory 216 0x918b76c61510 \Endpoint 216 0x918b76c616a0 \Users\santa\AppData\Local\Microsoft\Windows\Safety\edge\local\local\cache 216 0x918b76c619c0 \Windows\Fonts\tahoma.ttf 216 0x918b76c61b50 \wkssvc 216 0x918b76c61ce0 \$Directory 216 0x918b76c61e70 \CMApi 216 0x918b76c624b0 \Windows\System32\svchost.exe 216 0x918b76c62640 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 216 0x918b76c62960 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b76c62af0 \gecko.4576.3988.11432683184268803580 216 0x918b76c62c80 \Windows\System32\drivers\monitor.sys 216 0x918b76c62e10 \Windows\System32\UIRibbonRes.dll 216 0x918b76c63130 \Windows\System32\MicrosoftEdgeCP.exe 216 0x918b76c632c0 \CMApi 216 0x918b76c63450 \Windows\Prefetch\DLLHOST.EXE-B331F1D0.pf 216 0x918b76c635e0 \gecko.4576.3988.7509070130796334379 216 0x918b76c63900 \Windows\Fonts\seguisb.ttf 216 0x918b76c63a90 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b76c63c20 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite 216 0x918b76c63db0 \ProgramData\Microsoft\Windows\OneSettings\UsoSettings.json 216 0x918b76c640d0 \Windows\Fonts\arial.ttf 216 0x918b76c64260 \Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b76c64580 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\BS_Static_Regular.ttf 216 0x918b76c64710 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite-wal 216 0x918b76c64a30 \Users\santa\Pictures\cool-santa-claus.jpg 216 0x918b76c64bc0 \$Directory 216 0x918b76c64d50 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpavdlta.vdm 216 0x918b76c64ee0 \Windows\System32\en-US\ApplicationFrame.dll.mui 216 0x918b76c65390 \Windows\SysWOW64\BCP47mrm.dll 216 0x918b76c65520 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b76c656b0 \$Directory 216 0x918b76c65840 \Windows\System32\appinfo.dll 216 0x918b76c659d0 \Windows\System32\en-US\svchost.exe.mui 216 0x918b76c65b60 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\SegXbox2.ttf 216 0x918b76c65cf0 \Windows\Fonts\seguiemj.ttf 216 0x918b76c65e80 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\BS_Static_Regular.ttf 216 0x918b76c661a0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\protections.sqlite 216 0x918b76c66330 \Windows\System32\winevt\Logs\Microsoft-Windows-WorkFolders%4WHC.evtx 216 0x918b76c664c0 \Windows\Prefetch\WUAUCLT.EXE-4A7CF88B.pf 216 0x918b76c66650 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite-wal 216 0x918b76c66970 \Windows\SysWOW64\apphelp.dll 216 0x918b76c66b00 \$Directory 216 0x918b76c66c90 \$Directory 216 0x918b76c66e20 \Windows\SysWOW64\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll 216 0x918b76c67140 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b76c672d0 \Windows\System32\sendmail.dll 216 0x918b76c67460 \Windows\Registration\R000000000006.clb 216 0x918b76c67910 \Windows\SysWOW64\wdmaud.drv 216 0x918b76c67c30 \Program Files\WindowsApps\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\Skype\SkypeContext.dll 216 0x918b76c680e0 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b76c68270 \srvsvc 216 0x918b76c68400 \Windows\System32\en-US\Windows.Web.dll.mui 216 0x918b76c68590 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b76c68720 \Windows\SysWOW64\mskeyprotect.dll 216 0x918b76c68a40 \Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.401.765.0.exe 216 0x918b76c68bd0 \ProgramData\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\Cache\465f7e52ad88feb7_COM15.dat 216 0x918b76c68d60 \Windows\System32\en-US\Windows.Web.dll.mui 216 0x918b76c68ef0 \Windows\System32\utcutil.dll 216 0x918b76c69080 \Windows\System32 216 0x918b76c693a0 \Windows\SysWOW64\atlthunk.dll 216 0x918b76c699e0 \Windows\SysWOW64\ksuser.dll 216 0x918b76c69d00 \Windows\Fonts\seguiemj.ttf 216 0x918b76c6a1b0 \gecko.4576.3988.3315572846900535200 216 0x918b76c6a4d0 \Windows\Fonts\cambriab.ttf 216 0x918b76c6aca0 \gecko.4576.3988.11800597154050836485 216 0x918b771021e0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\formhistory.sqlite 216 0x918b77102370 \gecko.4576.3988.6592836978968939771 216 0x918b77102500 \CMApi 216 0x918b77102690 \Windows\System32\en-US\urlmon.dll.mui 216 0x918b77102820 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpengine.dll 216 0x918b77102b40 \gecko.4576.3988.17650197844353459366 216 0x918b77102cd0 \Windows\System32\EhStorAPI.dll 216 0x918b77102e60 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b77103180 \CMApi 216 0x918b77103310 \LOCAL\cubeb-pipe-4576-6 216 0x918b771034a0 \LOCAL\cubeb-pipe-4576-6 216 0x918b77103630 \Program Files (x86)\Mozilla Firefox 216 0x918b771037c0 \Windows\System32\en-US\wosc.dll.mui 216 0x918b77103950 \Device\HarddiskVolume4\Windows\System32\config\COMPONENTS{fd9a35c3-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b77103ae0 \Windows\System32\en-US\Windows.UI.dll.mui 216 0x918b77103c70 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b77103e00 \gecko.4576.3988.17650197844353459366 216 0x918b77104120 \Windows\System32\usocoreworker.exe 216 0x918b771042b0 \Program Files (x86)\Mozilla Firefox 216 0x918b77104440 \Windows\System32\MpSigStub.exe 216 0x918b771045d0 \gecko.4576.3988.6592836978968939771 216 0x918b77104a80 \CMApi 216 0x918b77104c10 \Windows 216 0x918b77104da0 \Windows\System32\usocoreps.dll 216 0x918b771050c0 \Windows\System32\MpSigStub.exe 216 0x918b77105250 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe 216 0x918b77105570 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\S-1-5-21-1046918562-1299961717-1331875240-1001-MergedResources-1.pri 216 0x918b77105700 \Device\HarddiskVolume4\Windows\System32\config\COMPONENTS{fd9a35c3-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b77105a20 \Windows\Fonts\times.ttf 216 0x918b77105bb0 \Windows\System32 216 0x918b77105d40 \CMApi 216 0x918b77105ed0 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\xComms.dll 216 0x918b771061f0 \$Directory 216 0x918b77106380 \ProgramData\USOPrivate\UpdateStore\UpdateCspStore.xml 216 0x918b77106510 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\cache\caches.sqlite 216 0x918b771066a0 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 216 0x918b77106830 \LOCAL\cubeb-pipe-4576-12 216 0x918b771069c0 \Users\santa\Pictures\wallpaper.png 216 0x918b77106ce0 \Windows\System32 216 0x918b77106e70 \$Directory 216 0x918b77107190 \Windows\Fonts\segoeui.ttf 216 0x918b77107320 \Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy 216 0x918b771074b0 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b77107640 \$Directory 216 0x918b771077d0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b77107960 \Windows\System32\en-US\kernel32.dll.mui 216 0x918b77107af0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b77107c80 \Windows\System32\SearchFilterHost.exe 216 0x918b77107e10 \LOCAL\cubeb-pipe-4576-12 216 0x918b77108130 \Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b771082c0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Assets\NewNotePlaceholder-light.png 216 0x918b77108450 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\gamingtelemetrynuget.dll 216 0x918b771085e0 \LOCAL\cubeb-pipe-4576-8 216 0x918b77108900 \Windows\System32\shacctprofile.dll 216 0x918b77108c20 \Windows\System32\en-US\bcrypt.dll.mui 216 0x918b77108db0 \$Directory 216 0x918b771090d0 \CMApi 216 0x918b771093f0 \gecko.4576.3988.7272797111254493628 216 0x918b77109580 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe 216 0x918b77109710 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 216 0x918b771098a0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723 216 0x918b77109a30 \Windows\Registration\R000000000006.clb 216 0x918b77109d50 \Program Files (x86)\Mozilla Firefox 216 0x918b77109ee0 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7710a200 \Program Files (x86)\Mozilla Firefox 216 0x918b7710a390 \gecko.4576.3988.7272797111254493628 216 0x918b7710a520 \LOCAL\cubeb-pipe-4576-8 216 0x918b7710a6b0 \$Directory 216 0x918b7710a840 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Assets\SearchPlaceholder-light.png 216 0x918b7710a9d0 \Windows\System32\gamingtcui.dll 216 0x918b7710ab60 \gecko.4576.3988.2835789630577416850 216 0x918b7710acf0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{0EAA5A01-7A70-45D5-9133-2575E4531A76}.catalogItem 216 0x918b7710ae80 \CMApi 216 0x918b7710b1a0 \Users\santa\AppData\Local\Microsoft\GameDVR\KnownGameList.bin 216 0x918b7710b330 \Windows 216 0x918b7710b4c0 \Windows\System32\en-US\uxtheme.dll.mui 216 0x918b7710b650 \gecko.4576.3988.2835789630577416850 216 0x918b7710b7e0 \Windows\System32\WorkFoldersShell.dll 216 0x918b7710b970 \Windows\System32\WaaSAssessment.dll 216 0x918b7710bb00 \CMApi 216 0x918b7710be20 \Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\S-1-5-21-1046918562-1299961717-1331875240-1001-MergedResources-1.pri 216 0x918b7710c140 \Windows\apppatch\sysmain.sdb 216 0x918b7710c460 \Windows\System32\en-US\powrprof.dll.mui 216 0x918b7710c5f0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\dd7c3b1adb1c168b.automaticDestinations-ms 216 0x918b7710c780 \Windows\System32\en-US\SHCore.dll.mui 216 0x918b7710c910 \Windows\System32\en-US\ole32.dll.mui 216 0x918b7710caa0 \MmThread 216 0x918b7710cc30 \$Directory 216 0x918b7710cdc0 \Windows\System32\en-US\wsock32.dll.mui 216 0x918b7710d0e0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b7710d270 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Assets\SignInUpsellCloud.png 216 0x918b7710d400 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpasdlta.vdm 216 0x918b7710d590 \Windows\System32\en-US\shell32.dll.mui 216 0x918b7710d720 \CMNotify 216 0x918b7710d8b0 \Windows\System32\en-US\ws2_32.dll.mui 216 0x918b7710da40 \Windows\System32\en-US\shlwapi.dll.mui 216 0x918b7710dbd0 \Windows\Temp\MpSigStub.log 216 0x918b7710def0 \Program Files\desktop.ini 216 0x918b7710e210 \Windows\System32\MicrosoftEdgeSH.exe 216 0x918b7710e3a0 \$Directory 216 0x918b7710e530 \$Directory 216 0x918b7710e6c0 \$Directory 216 0x918b7710e9e0 \Windows\Fonts\segoeui.ttf 216 0x918b7710eb70 \$PrepareToShrinkFileSize 216 0x918b7710ed00 \Windows\System32\en-US\Windows.Web.dll.mui 216 0x918b7710ee90 \Windows\System32\en-US\DWrite.dll.mui 216 0x918b7710f1b0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_44.18362.1.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b7710f340 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat.LOG2 216 0x918b7710f4d0 \Windows\System32\ProductEnumerator.dll 216 0x918b7710f660 \Windows\System32\browser_broker.exe 216 0x918b7710f7f0 \Windows\Registration\R000000000006.clb 216 0x918b7710f980 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\Recovery\Active\RecoveryStore.{08A1B7B6-8720-45C7-9F53-5DE13131642A}.dat 216 0x918b7710fb10 \$ConvertToNonresident 216 0x918b7710fca0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\Recovery\Active\{9FE582AC-0714-46BC-86A5-97F8760585AD}.dat 216 0x918b7710fe30 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF01C4B692F42374F5.TMP 216 0x918b77110150 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b771102e0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat.LOG1 216 0x918b77110470 \Windows\Prefetch\RUNTIMEBROKER.EXE-0F75CE2A.pf 216 0x918b77110600 \Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf 216 0x918b77110790 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFF9459C1E5AD81E6B.TMP 216 0x918b77110ab0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--kglcheck-.lnk 216 0x918b77110c40 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.jfm 216 0x918b77110dd0 \Windows\System32\RuntimeBroker.exe 216 0x918b771110f0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log 216 0x918b77111280 \srvsvc 216 0x918b77111410 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_44.18362.1.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b771115a0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_44.18362.1.0_neutral__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b77111730 \Windows\System32 216 0x918b771118c0 \Sessions\0\AppContainerNamedObjects\S-1-15-2-325582940-1778951665-2213520192-4268324128-1481672235-1589908001-3634219278 216 0x918b77111be0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb 216 0x918b77111d70 \Windows\System32\Microsoft\Protect\S-1-5-18\Preferred 216 0x918b77112090 \Windows\WinSxS\Manifests 216 0x918b77112220 \Windows\Registration\R000000000006.clb 216 0x918b77112540 \Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.30_none_788560eb0ef1f3b0\msdelta.dll 216 0x918b771126d0 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe 216 0x918b77112860 \Windows\System32\en-US\sppc.dll.mui 216 0x918b771129f0 \Users\santa\Pictures\desktop.ini 216 0x918b77112b80 \$Directory 216 0x918b77112d10 \Endpoint 216 0x918b77112ea0 \Sessions\0\AppContainerNamedObjects\S-1-15-2-3849594370-768312209-1569529313-3852718675-3346578718-723854219-830068492 216 0x918b771134e0 \Windows\System32\en-US\webauthn.dll.mui 216 0x918b77113800 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77113990 \Windows\System32\en-US\propsys.dll.mui 216 0x918b77113cb0 \Windows\System32\en-US\winmm.dll.mui 216 0x918b77113e40 \$PrepareToShrinkFileSize 216 0x918b77114160 \Windows\System32 216 0x918b771142f0 \Windows\System32\MicrosoftEdgeCP.exe 216 0x918b77114610 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe 216 0x918b771147a0 \Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe 216 0x918b77114930 \Users\santa\Music\desktop.ini 216 0x918b77114c50 \$ConvertToNonresident 216 0x918b77114de0 \Windows\System32\en-US\edgehtml.dll.mui 216 0x918b77115100 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b77115290 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd 216 0x918b77115420 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd-shm 216 0x918b771155b0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b77115740 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd 216 0x918b771158d0 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b77115bf0 \Windows\System32\en-US\mssvp.dll.mui 216 0x918b77115d80 \Windows\System32\en-US\combase.dll.mui 216 0x918b771160a0 \Windows\WinSxS 216 0x918b77116230 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b771163c0 \srvsvc 216 0x918b77116550 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b771166e0 \Windows\System32\bcastdvr.proxy.dll 216 0x918b77116870 \Windows\System32\Windows.WARP.JITService.exe 216 0x918b77116a00 \CMApi 216 0x918b77116b90 \Program Files\Windows Defender\EppManifest.dll 216 0x918b77116d20 \Windows\System32 216 0x918b77116eb0 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751 216 0x918b771171d0 \Windows\SoftwareDistribution\Download\Install 216 0x918b771174f0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9d1f905ce5044aee.customDestinations-ms 216 0x918b77117680 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b77117810 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd-wal 216 0x918b77117b30 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77117cc0 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b77117e50 \Windows\System32\Windows.WARP.JITService.exe 216 0x918b77118170 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 216 0x918b77118300 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB0D848F74F70BB2EAA93746D24D9749 216 0x918b77118490 \Users\santa\Videos\desktop.ini 216 0x918b77118620 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{1461CFEB-1E32-498E-AE2F-9F1708E96109}.catalogItem 216 0x918b771187b0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{1CC81610-AA56-4B6A-AA79-9D585390D374}.catalogItem 216 0x918b77118940 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\80237EE4964FC9C409AAF55BF996A292_C5130A0BDC8C859A2757D77746C10868 216 0x918b77118ad0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{2152CE6B-9B4A-4AFF-9B49-FC05B8C26179}.catalogItem 216 0x918b77118df0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77119110 \Windows\Prefetch\DLLHOST.EXE-38926D07.pf 216 0x918b771192a0 \ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy\S-1-5-21-1046918562-1299961717-1331875240-1001.pckgdep 216 0x918b77119430 \Users\santa\Downloads\desktop.ini 216 0x918b771195c0 \Windows\System32\en-US\combase.dll.mui 216 0x918b771198e0 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b77119a70 \$Directory 216 0x918b77119c00 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\XboxGameBarFT.winmd 216 0x918b77119d90 \LOCAL\cubeb-pipe-4576-9 216 0x918b7711a240 \Endpoint 216 0x918b7711a3d0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7711a560 \Users\santa\OneDrive\desktop.ini 216 0x918b7711a6f0 \CMNotify 216 0x918b7711a880 \$ConvertToNonresident 216 0x918b7711aba0 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\5f7b5f1e01b83767.automaticDestinations-ms 216 0x918b7711ad30 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 216 0x918b7711aec0 \Windows\System32\XblAuthTokenBrokerExt.dll 216 0x918b7711b1e0 \Windows\System32\sfc.dll 216 0x918b7711b500 \$Directory 216 0x918b7711b690 \Windows\System32\XblAuthManager.dll 216 0x918b7711b9b0 \Windows\System32\en-US\combase.dll.mui 216 0x918b7711bcd0 \CMApi 216 0x918b7711be60 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\XboxFluentGB.ttf 216 0x918b7711c180 \$Directory 216 0x918b7711c4a0 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b7711c630 \$Directory 216 0x918b7711c7c0 \Users\santa\Pictures\cool-santa-claus.jpg 216 0x918b7711c950 \Windows\WinSxS 216 0x918b7711cae0 \Windows\System32\enterprisecsps.dll 216 0x918b7711cc70 \Windows\System32\dmenterprisediagnostics.dll 216 0x918b7711ce00 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_12.95.3001.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b7711d120 \Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll 216 0x918b7711d2b0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\datareporting\session-state.json 216 0x918b7711d440 \Windows\System32\OpcServices.dll 216 0x918b7711d760 \Windows\WinSxS 216 0x918b7711da80 \Windows\System32\en-US\wintypes.dll.mui 216 0x918b7711dc10 \Windows\System32\WinMetadata\Windows.Foundation.winmd 216 0x918b7711dda0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallService\{16E27F36-0B29-4012-A7C6-BA2404F04913}.catalogItem 216 0x918b7711e0c0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b7711e250 \$Directory 216 0x918b7711e3e0 \Windows\WinSxS\Catalogs 216 0x918b7711e570 \Windows\System32\spp\store\2.0\cache\cache.dat 216 0x918b7711e700 \Users\santa\Documents\desktop.ini 216 0x918b7711e890 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay---.lnk 216 0x918b7711ea20 \Program Files (x86)\Mozilla Firefox 216 0x918b7711ebb0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpengine.dll 216 0x918b7711ed40 \Windows\Prefetch\BACKGROUNDTASKHOST.EXE-3283E2F7.pf 216 0x918b7711f1f0 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b7711f380 \$Directory 216 0x918b7711f510 \$Directory 216 0x918b7711f830 \Windows\SystemResources\Chakra.dll.mun 216 0x918b7711f9c0 \MsFteWds 216 0x918b7711fb50 \Windows\System32 216 0x918b7711fce0 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b7711fe70 \Windows\System32\POSyncServices.dll 216 0x918b77120190 \Windows\System32\AppXApplicabilityBlob.dll 216 0x918b77120320 \$Directory 216 0x918b771204b0 \Windows\System32\en-US\twinapi.appcore.dll.mui 216 0x918b77120640 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b771207d0 \Windows\System32\BcastDVRClient.dll 216 0x918b77120af0 \Windows\Fonts\georgiab.ttf 216 0x918b77120e10 \Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi 216 0x918b77121130 \Windows\WinSxS\Manifests 216 0x918b77121450 \Users\santa\Desktop\desktop.ini 216 0x918b771215e0 \Windows\System32\Windows.UI.AppDefaults.dll 216 0x918b77121770 \ProgramData\Microsoft\Windows\ClipSVC\tokens.dat 216 0x918b77121900 \CMNotify 216 0x918b77121a90 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b77121c20 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b77121db0 \Users\santa\Videos\desktop.ini 216 0x918b771220d0 \CMNotify 216 0x918b77122260 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 216 0x918b771223f0 \Windows\System32\Windows.Devices.Sensors.dll 216 0x918b77122580 \Users\santa\OneDrive\desktop.ini 216 0x918b77122710 \Windows\System32\DefaultDeviceManager.dll 216 0x918b771228a0 \Windows\System32\DDORes.dll 216 0x918b77122a30 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpClient.dll 216 0x918b77122bc0 \$Directory 216 0x918b77122d50 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\XboxFluentGB.ttf 216 0x918b77122ee0 \Windows\Prefetch\TASKHOSTW.EXE-1EAF2222.pf 216 0x918b77123200 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77123390 \Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.30_none_210ac8966535eaa7 216 0x918b77123520 \Program Files (x86)\Mozilla Firefox\vcruntime140.dll 216 0x918b771236b0 \Windows\System32\SecurityHealthService.exe 216 0x918b77123840 \Windows\System32\Windows.Networking.BackgroundTransfer.dll 216 0x918b771239d0 \Users\santa\Downloads\desktop.ini 216 0x918b77123b60 \Program Files (x86)\Mozilla Firefox\msvcp140.dll 216 0x918b77123cf0 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b77123e80 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms 216 0x918b771241a0 \Users\santa\Music\desktop.ini 216 0x918b77124330 \$Directory 216 0x918b77124650 \ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B 216 0x918b77124970 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b77124b00 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\EAF8AA29A62AB29E614331747385D816_5566971F87EDB16B411A38E82A858AAE 216 0x918b77124c90 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 216 0x918b77124e20 \$Directory 216 0x918b77125140 \Windows\Fonts\arial.ttf 216 0x918b771252d0 \Windows\System32\en-US\notepad.exe.mui 216 0x918b77125460 \Windows\Fonts\StaticCache.dat 216 0x918b771255f0 \$Directory 216 0x918b77125780 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpasdlta.vdm 216 0x918b77125aa0 \Windows\Fonts\arialbd.ttf 216 0x918b77125c30 \Windows\Registration\R000000000006.clb 216 0x918b77125dc0 \Program Files\WindowsApps\Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b771260e0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b77126270 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b77126400 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\SegXbox2.ttf 216 0x918b77126590 \Users\santa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\EAF8AA29A62AB29E614331747385D816_5566971F87EDB16B411A38E82A858AAE 216 0x918b77126720 \Users\santa\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751 216 0x918b771268b0 \Program Files\WindowsApps\Microsoft.SkypeApp_15.108.3205.0_x64__kzf8qxf38zg5c\Skype\vcruntime140.dll 216 0x918b77126bd0 \Windows\System32\en-US\taskhostw.exe.mui 216 0x918b77126ef0 \$Directory 216 0x918b77127080 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77127210 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db 216 0x918b771273a0 \Windows\SystemResources\notepad.exe.mun 216 0x918b77127530 \CMApi 216 0x918b77127850 \Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.10181.0_x64__8wekyb3d8bbwe\Assets\SegXboxGB.ttf 216 0x918b771279e0 \Windows\System32\Unistore.dll 216 0x918b77127b70 \Windows\WinSxS\Manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f.manifest 216 0x918b77127d00 \Windows\System32\PimIndexMaintenance.dll 216 0x918b77127e90 \Windows\System32\WinSync.dll 216 0x918b771281b0 \Windows\SysWOW64\dllhost.exe 216 0x918b77128340 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxOutlookBackground.dll 216 0x918b771284d0 \$Directory 216 0x918b77128660 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxComm.dll 216 0x918b771287f0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b77128980 \ProgramData\Microsoft\Windows Defender\Definition Updates\{945087C3-DEF1-474A-A297-2929D583B4F1}\mpavdlta.vdm 216 0x918b77128b10 \ProgramData\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\S-1-5-21-1046918562-1299961717-1331875240-1001\SystemAppData\Helium\UserClasses.dat 216 0x918b77128ca0 \Windows\System32\en-US\netmsg.dll.mui 216 0x918b77128e30 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db 216 0x918b77129150 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\Content\80237EE4964FC9C409AAF55BF996A292_C5130A0BDC8C859A2757D77746C10868 216 0x918b77129470 \Windows\WinSxS\Manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f.manifest 216 0x918b77129600 \Windows\System32\UserDataService.dll 216 0x918b77129790 \Windows\System32\UserDataAccessRes.dll 216 0x918b77129920 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b77129ab0 \Users\santa\AppData\Local\Comms\UnistoreDB\tmp.edb 216 0x918b77129c40 \$Directory 216 0x918b77129dd0 \Windows\System32\C_20127.NLS 216 0x918b7712a0f0 \Windows\System32\WinSCard.dll 216 0x918b7712a280 \$Directory 216 0x918b7712a5a0 \Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll 216 0x918b7712a730 \Windows\System32\MessagingDataModel2.dll 216 0x918b7712a8c0 \Windows\System32\PimIndexMaintenanceClient.dll 216 0x918b7712aa50 \Users\santa\AppData\Local\Microsoft\GameDVR\KnownGameList.biny_8wekyb3d8bbwe\LocalCache\KnownGameList.bin 216 0x918b7712ad70 \Windows\WinSxS\Manifests\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.18362.30_en-us_b74ea25d7e44006c.manifest 216 0x918b7712b220 \Windows\System32\en-US\rundll32.exe.mui 216 0x918b7712b540 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b7712b860 \Endpoint 216 0x918b7712b9f0 \Windows\System32\dmprocessxmlfiltered.dll 216 0x918b7712bb80 \Windows\System32\mydocs.dll 216 0x918b7712c1c0 \Windows\Prefetch\DLLHOST.EXE-2C56D458.pf 216 0x918b7712c350 \Windows\System32\sppcext.dll 216 0x918b7712c4e0 \Users\santa\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms 216 0x918b7712c670 \Windows\WinSxS\Catalogs 216 0x918b7712c800 \Windows\System32\rundll32.exe 216 0x918b7712c990 \Endpoint 216 0x918b7712cb20 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b7712ccb0 \Users\santa\AppData\Roaming\Microsoft\Windows\Libraries 216 0x918b7712ce40 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b7712d160 \Program Files\WindowsApps\Microsoft.UI.Xaml.2.4_2.42007.9001.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b7712d480 \Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b7712d610 \Endpoint 216 0x918b7712d7a0 \$Directory 216 0x918b7712d930 \Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 216 0x918b7712dac0 \Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 216 0x918b7712dc50 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-194626ba46434f9ab441dd7ebda2aa64-5f64bebb-ac28-4cc7-bd52-570c8fe077c9-7717.json 216 0x918b7712dde0 \Windows\System32\RuntimeBroker.exe 216 0x918b7712e100 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\cache2\doomed\8084 216 0x918b7712e420 \Windows\System32\icmp.dll 216 0x918b7712e5b0 \$Directory 216 0x918b7712e740 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\SiteSecurityServiceState.bin 216 0x918b7712e8d0 \Windows\Fonts\arialbd.ttf 216 0x918b7712ea60 \CMApi 216 0x918b7712ed80 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b7712f0a0 \gecko.4576.3988.3315572846900535200 216 0x918b7712f230 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7712f550 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\Temp\mat-debug-6772.log 216 0x918b7712f6e0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\idb\1209553808LCo7g%sCD7a%t7adbca6s.sqlite 216 0x918b7712f870 \Windows\WinSxS\Manifests\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.18362.30_en-us_b74ea25d7e44006c.manifest 216 0x918b7712fa00 \Program Files (x86)\Mozilla Firefox 216 0x918b7712fb90 \Users\santa\Videos\Captures\desktop.ini 216 0x918b7712fd20 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\xulstore.json.tmp 216 0x918b7712feb0 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.LOG1 216 0x918b771301d0 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.LOG2 216 0x918b771304f0 \color 216 0x918b77130680 \CMNotify 216 0x918b77130810 \Users\santa\AppData\Roaming\Microsoft\Windows\Recent\Pictures.lnk 216 0x918b771309a0 \Users\santa\AppData\Local\Microsoft\Windows\Caches\cversions.1.db 216 0x918b77130cc0 \Users\santa\AppData\Local\Mozilla\Firefox\Profiles\888jya8e.default-release\cache2\entries\4099E44A410522A31136010D97AEFFF69E14242D 216 0x918b77130e50 \Windows\SysWOW64\imm32.dll 216 0x918b77131170 \Users\santa\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser.dll 216 0x918b77131300 \Windows\SysWOW64\BitsProxy.dll 216 0x918b77131490 \Users\santa\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1680_1050_POS4.jpg 216 0x918b77131620 \Windows\System32\vm3ddevapi64.dll 216 0x918b771317b0 \Windows\SysWOW64\mssprxy.dll 216 0x918b77131940 \Users\santa\3D Objects\desktop.ini 216 0x918b77131ad0 \MsFteWds 216 0x918b77131c60 \$Directory 216 0x918b77131df0 \Users\santa\AppData\Roaming\Microsoft\Windows\Libraries 216 0x918b77132110 \Windows\System32 216 0x918b771322a0 \Windows 216 0x918b77132430 \Windows\SysWOW64\webio.dll 216 0x918b771325c0 \CMApi 216 0x918b77132750 \Windows\System32\RstrtMgr.dll 216 0x918b771328e0 \wkssvc 216 0x918b77132a70 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b77132d90 \Windows\System32\dlnashext.dll 216 0x918b77133240 \Windows\SysWOW64\wldp.dll 216 0x918b771333d0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 216 0x918b77133560 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db 216 0x918b771336f0 \Windows\Registration\R000000000006.clb 216 0x918b77133880 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\Crypto\TokenBindingKeys\Keys\887a471fc5377c5cbe6e38ac87d5a40f_65f5fb4f-5543-422b-b9c7-e8cc70c16fc6_775090f05efb4712c965fe90ed1ae5ce 216 0x918b77133a10 \Windows\System32\vm3ddevapi64-release.dll 216 0x918b77133ba0 \ProgramData\USOShared\Logs\NotificationUx.ceffb124-51f2-42a2-bc1d-50ec9d22051e.1.etl 216 0x918b77133d30 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-5476d0c4a7a347909c4b8a13078d4390-f8bdcecf-243f-40f8-b7c3-b9c44a57dead-7230.json 216 0x918b771341e0 \Windows\System32\en-US\ieframe.dll.mui 216 0x918b77134500 \Windows\System32\appraiser\Appraiser_Data.ini 216 0x918b77134690 \ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b771349b0 \Program Files (x86)\Mozilla Firefox 216 0x918b77134b40 \Windows\Fonts\georgiai.ttf 216 0x918b77134cd0 \ProgramData\USOShared\Logs\NotificationUx.f5a2effe-ee13-4166-9927-a4e70291e9c9.1.etl 216 0x918b77134e60 \Windows\System32\dmclient.exe 216 0x918b77135310 \Windows\System32 216 0x918b771354a0 \Windows\Registration\R000000000006.clb 216 0x918b77135630 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\office.odf 216 0x918b771357c0 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxCommAlwaysOnLog.etl 216 0x918b77135950 \Windows\System32\en-US\propsys.dll.mui 216 0x918b77135ae0 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\d5a8f02229be41efb047bd8f883ba799.db.ses 216 0x918b77135c70 \Windows\Prefetch\RUNTIMEBROKER.EXE-B2EBF44B.pf 216 0x918b77135e00 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-af397ef28e484961ba48646a5d38cf54-77418283-d6f6-4a90-b0c8-37e0f5e7b087-7425.json 216 0x918b77136120 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b77136440 \Windows\System32\en-US\windows.storage.dll.mui 216 0x918b77136760 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b771368f0 \Program Files (x86)\Mozilla Firefox 216 0x918b77136c10 \$Directory 216 0x918b77136da0 \ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b77137250 \ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b771373e0 \Users\santa\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxStore.hxd 216 0x918b77137570 \Windows\TextInput\WindowsInternal.ComposableShell.Experiences.TextInput.dll 216 0x918b77137890 \Windows\System32\svchost.exe 216 0x918b77137a20 \Sessions\1\AppContainerNamedObjects\S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009 216 0x918b77137bb0 \Windows 216 0x918b77137d40 \ProgramData\Microsoft\Windows\AppRepository\Packages\InputApp_1000.18362.1.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b77137ed0 \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\en-us\hxcommintl.dll 216 0x918b771381f0 \ProgramData\Microsoft\Windows Defender\Definition Updates\{D62DB865-2BF3-4866-A4B8-E44E0FC98F75}\mpengine.dll 216 0x918b77138380 \Windows\rescache\_merged\2780983867\144070116.pri 216 0x918b77138510 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-d5a8f02229be41efb047bd8f883ba799-59258264-451c-4459-8c09-75d7d721219a-7112.json 216 0x918b771386a0 \Windows\SystemResources\TextInput\TextInput.pri 216 0x918b77138830 \ProgramData\Microsoft\Windows\AppRepository\Packages\InputApp_1000.18362.1.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b771389c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\InputApp_1000.18362.1.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b77138b50 \$Directory 216 0x918b77138ce0 \Windows\Fonts\segoeui.ttf 216 0x918b77138e70 \ProgramData\Microsoft\Windows\AppRepository\Packages\InputApp_1000.18362.1.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b77139190 \Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 216 0x918b77139320 \Windows\SystemApps\InputApp_cw5n1h2txyewy\resources.pri 216 0x918b771394b0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite 216 0x918b771397d0 \Windows\System32\en-US\windows.applicationmodel.datatransfer.dll.mui 216 0x918b77139960 \Windows\SystemApps\InputApp_cw5n1h2txyewy 216 0x918b77139af0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\places.sqlite-wal 216 0x918b77139c80 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite 216 0x918b77139e10 \$Directory 216 0x918b7713a130 \Windows\rescache\_merged\248604377\958443649.pri 216 0x918b7713a2c0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\favicons.sqlite-wal 216 0x918b7713a450 \$Directory 216 0x918b7713a5e0 \$Directory 216 0x918b7713a770 \Users\santa\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat 216 0x918b7713a900 \LOCAL\cubeb-pipe-4576-9 216 0x918b7713aa90 \Users\santa\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat.LOG2 216 0x918b7713ac20 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7713adb0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat.LOG1 216 0x918b7713b0d0 \Windows\DiagTrack\utc.allow.diffbase 216 0x918b7713b260 \Windows\Prefetch\SVCHOST.EXE-EAE9B60B.pf 216 0x918b7713b580 \Windows\System32\shutdownux.dll 216 0x918b7713b710 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.cert.json 216 0x918b7713b8a0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Flighting\FlightingLogging.txt 216 0x918b7713c200 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b7713c390 \Windows\TextInput\WindowsInternal.ComposableShell.Experiences.TextInput.LayoutData.dll 216 0x918b7713c520 \1840.1da1a23c79ec4cf 216 0x918b7713c6b0 \Windows\SysWOW64\edputil.dll 216 0x918b7713c840 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b7713c9d0 \ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.allow.json 216 0x918b7713cb60 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b7713ccf0 \Windows\System32\wdscore.dll 216 0x918b7713d1a0 \Users\santa\AppData\Local\Packages\InputApp_cw5n1h2txyewy\Settings\settings.dat 216 0x918b7713d330 \Users\santa\AppData\Local\Packages\InputApp_cw5n1h2txyewy\Settings\settings.dat.LOG1 216 0x918b7713d4c0 \Users\santa\AppData\Local\Packages\InputApp_cw5n1h2txyewy\Settings\settings.dat.LOG2 216 0x918b7713d7e0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\AlternateServices.bin 216 0x918b7713d970 \gecko.4576.3988.11800597154050836485 216 0x918b7713de20 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage\default\https+++www.youtube.com\idb\4167130407yCt7G%cCf7C%o7ndfci6g.sqlite-shm 216 0x918b7713e2d0 \CMApi 216 0x918b7713e460 \gecko.4576.3988.1641067702936654701 216 0x918b7713e5f0 \Windows\SysWOW64\rometadata.dll 216 0x918b7713e780 \Windows\System32 216 0x918b7713edc0 \gecko.4576.3988.1641067702936654701 216 0x918b7713f0e0 \gecko.4576.3988.7552850740276905925 216 0x918b7713f270 \gecko.4576.3988.7552850740276905925 216 0x918b7713f590 \ProgramData\Microsoft\Windows\OneSettings\config.json 216 0x918b7713f720 \Windows\System32\en-US\sppsvc.exe.mui 216 0x918b7713f8b0 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b7713fd60 \Endpoint 216 0x918b77140080 \Windows\Fonts\segoeuib.ttf 216 0x918b77140530 \Windows\System32\wlidsvc.dll 216 0x918b771406c0 \Windows\SysWOW64\schannel.dll 216 0x918b771411b0 \Program Files (x86)\Mozilla Firefox 216 0x918b77141340 \Program Files (x86)\Mozilla Firefox 216 0x918b77141660 \Windows\SysWOW64\dpapi.dll 216 0x918b771417f0 \$Directory 216 0x918b77141980 \gecko.4576.3988.4692312835060683011 216 0x918b77141b10 \Windows 216 0x918b786bd1e0 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b786bd370 \Windows\ImmersiveControlPanel 216 0x918b786bd500 \Windows\System32 216 0x918b786bd690 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786bd820 \$Directory 216 0x918b786bd9b0 \$Directory 216 0x918b786bdb40 \Windows\SystemResources\notepad.exe.mun 216 0x918b786bdcd0 \Windows\Fonts\StaticCache.dat 216 0x918b786bde60 \Windows\System32\en-US\notepad.exe.mui 216 0x918b786be180 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786be4a0 \Windows\Registration\R000000000006.clb 216 0x918b786be630 \$Directory 216 0x918b786be7c0 \$Directory 216 0x918b786be950 \LOCAL\cubeb-pipe-4576-1 216 0x918b786beae0 \Windows\SysWOW64\directmanipulation.dll 216 0x918b786bec70 \CMApi 216 0x918b786bee00 \Windows\System32\en-US\svchost.exe.mui 216 0x918b786bf120 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786bf2b0 \Windows\rescache\_merged\2421516671\2126941428.pri 216 0x918b786bf440 \Windows\Fonts\tahoma.ttf 216 0x918b786bf5d0 \Windows\System32\en-US\ShutdownUX.dll.mui 216 0x918b786bfc10 \LOCAL\cubeb-pipe-4576-1 216 0x918b786c00c0 \Windows\Fonts\tahoma.ttf 216 0x918b786c0570 \Dev\Query 216 0x918b786c0700 \$Directory 216 0x918b786c0890 \$Directory 216 0x918b786c0a20 \ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1 216 0x918b786c0bb0 \$Directory 216 0x918b786c0d40 \ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2 216 0x918b786c0ed0 \Endpoint 216 0x918b786c11f0 \Windows\System32\Winlangdb.dll 216 0x918b786c1380 \$Directory 216 0x918b786c16a0 \Windows\ImmersiveControlPanel\SystemSettings.dll 216 0x918b786c1830 \ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b786c19c0 \$Directory 216 0x918b786c1b50 \Windows\SystemResources\Windows.UI.SettingsAppThreshold\pris\Windows.UI.SettingsAppThreshold.en-US.pri 216 0x918b786c2190 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786c2640 \Windows\Fonts\verdana.ttf 216 0x918b786c2960 \ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd 216 0x918b786c2af0 \Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi 216 0x918b786c2c80 \Windows\ImmersiveControlPanel\en-US\SystemSettings.exe.mui 216 0x918b786c2e10 \Windows\Fonts\trebucbi.ttf 216 0x918b786c3130 \CMApi 216 0x918b786c32c0 \Dev\Query 216 0x918b786c3450 \Windows\System32\en-US\sechost.dll.mui 216 0x918b786c3770 \Windows\System32 216 0x918b786c3a90 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786c3c20 \Windows\System32\WinMetadata\Windows.UI.winmd 216 0x918b786c3db0 \$Directory 216 0x918b786c4580 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.18362.1_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat 216 0x918b786c4710 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b786c48a0 \Windows\System32\RuntimeBroker.exe 216 0x918b786c4bc0 \Endpoint 216 0x918b786c59d0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b786c5b60 \ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe 216 0x918b786c5e80 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b786c6330 \Windows\System32\en-US\combase.dll.mui 216 0x918b786c6650 \Windows\System32 216 0x918b786c6970 \Windows\SysWOW64\rmclient.dll 216 0x918b786c6b00 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786c6c90 \Windows\SysWOW64\dwmapi.dll 216 0x918b786c6e20 \Windows\System32\wbiosrvc.dll 216 0x918b786c7140 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db 216 0x918b786c7460 \Windows\System32 216 0x918b786c75f0 \Server 216 0x918b786c7910 \Windows\System32\winbioext.dll 216 0x918b786c7aa0 \CMApi 216 0x918b786c7c30 \Windows\SysWOW64\Windows.UI.Immersive.dll 216 0x918b786c7dc0 \$Directory 216 0x918b786c80e0 \Windows\SysWOW64\DXCore.dll 216 0x918b786c8400 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\Temp\aria-debug-804.log 216 0x918b786c8590 \Windows\System32\CryptoWinRT.dll 216 0x918b786c8a40 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db 216 0x918b786c8bd0 \Windows\System32\spp.dll 216 0x918b786c8d60 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786c8ef0 \Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData 216 0x918b786c9530 \Windows\System32\InstallService.dll 216 0x918b786c96c0 \ 216 0x918b786c9850 \Windows\Registration\R000000000006.clb 216 0x918b786c99e0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786c9b70 \Windows\System32\en-US\UIRibbon.dll.mui 216 0x918b786c9e90 \$Directory 216 0x918b786ca1b0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b786ca340 \$Directory 216 0x918b786ca4d0 \$Directory 216 0x918b786ca660 \Windows\System32\SearchFolder.dll 216 0x918b786ca980 \$Directory 216 0x918b786caca0 \Users\santa\AppData\Local\Microsoft\Windows\Safety\edge\remote\synchronousLookupUris_638358601691205476 216 0x918b786cae30 \Windows\SysWOW64\Windows.Globalization.dll 216 0x918b786cb150 \Windows\System32\en-US\combase.dll.mui 216 0x918b786cb2e0 \$Directory 216 0x918b786cb600 \$Directory 216 0x918b786cb920 \Windows\Registration\R000000000006.clb 216 0x918b786cbc40 \Users\santa\AppData\Local\Microsoft\Windows\Safety\edge\remote\topTraffic_638004170464094982 216 0x918b786cbdd0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db 216 0x918b786cc410 \Windows\SysWOW64\mscms.dll 216 0x918b786cc5a0 \Program Files (x86)\Mozilla Firefox\browser\omni.ja 216 0x918b786cc8c0 \Users\santa\AppData\Local\Microsoft\Windows\Safety\edge\remote\script_300161259571223429446516194326035503227.rel.v2 216 0x918b786cca50 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db 216 0x918b786ccbe0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Microsoft.Apps.Stubs.Handoff.dll 216 0x918b786ccd70 \Windows\SysWOW64\coloradapterclient.dll 216 0x918b786cd090 \Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.32530.0_x64__8wekyb3d8bbwe\vcruntime140_1_app.dll 216 0x918b786cd220 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-wal 216 0x918b786cd3b0 \Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.32530.0_x64__8wekyb3d8bbwe\msvcp140_app.dll 216 0x918b786cd540 \$Directory 216 0x918b786cd6d0 \$Directory 216 0x918b786cd860 \Windows\System32\notepad.exe 216 0x918b786cd9f0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db-shm 216 0x918b786cdb80 \$Directory 216 0x918b786cdd10 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.jfm 216 0x918b786cdea0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\settings.dat.LOG1 216 0x918b786ce1c0 \Windows\Fonts\verdanai.ttf 216 0x918b786ce350 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\settings.dat 216 0x918b786ce4e0 \$Directory 216 0x918b786ce670 \Windows\Prefetch\CMD.EXE-CD245F9E.pf 216 0x918b786ce800 \Windows\Fonts\verdanaz.ttf 216 0x918b786ce990 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db 216 0x918b786cecb0 \Windows\SysWOW64\dcomp.dll 216 0x918b786cee40 \$Directory 216 0x918b786cf160 \$Directory 216 0x918b786cf2f0 \Windows\System32\webplatstorageserver.dll 216 0x918b786cf480 \Windows\System32\dllhost.exe 216 0x918b786cf610 \$Directory 216 0x918b786cf7a0 \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\wpndatabase.db 216 0x918b786cf930 \Windows\Fonts\verdanab.ttf 216 0x918b786cfac0 \Sessions\1\AppContainerNamedObjects\S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518 216 0x918b786d0100 \Windows\System32\winevt\Logs\Microsoft-Windows-Biometrics%4Operational.evtx 216 0x918b786d0290 \$Directory 216 0x918b786d0420 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b786d05b0 \Reference 216 0x918b786d0740 \Windows\System32\conhost.exe 216 0x918b786d08d0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\S-1-5-21-1046918562-1299961717-1331875240-1001-MergedResources-1.pri 216 0x918b786d0d80 \Windows\System32\en-US\wscapi.dll.mui 216 0x918b786d10a0 \Windows\System32\amsiproxy.dll 216 0x918b786d1230 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\settings.dat.LOG2 216 0x918b786d13c0 \$Directory 216 0x918b786d1550 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 216 0x918b786d16e0 \CMApi 216 0x918b786d1a00 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 216 0x918b786d1eb0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cookies.sqlite 216 0x918b786d2360 \$Directory 216 0x918b786d24f0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe 216 0x918b786d2680 \Windows\System32\Windows.Media.MediaControl.dll 216 0x918b786d2810 \Windows\System32\en-US\dui70.dll.mui 216 0x918b786d29a0 \Windows\System32 216 0x918b786d2b30 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\MSIMGSIZ.DAT 216 0x918b786d2e50 \Windows\SysWOW64\BCP47Langs.dll 216 0x918b786d3170 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\resources.pri 216 0x918b786d3490 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786d37b0 \Windows\Registration\R000000000006.clb 216 0x918b786d3940 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.jfm 216 0x918b786d3ad0 \Connect 216 0x918b786d3c60 \Program Files (x86)\Mozilla Firefox 216 0x918b786d3df0 \Windows\SystemResources\notepad.exe.mun 216 0x918b786d42a0 \Program Files (x86)\Mozilla Firefox 216 0x918b786d45c0 \Windows 216 0x918b786d4c00 \gecko.4576.3988.4014201448364703608 216 0x918b786d4d90 \gecko.4576.3988.4014201448364703608 216 0x918b786d50b0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786d5240 \Windows 216 0x918b786d53d0 \Windows\System32\en-US\notepad.exe.mui 216 0x918b786d5560 \Windows\System32\en-US\Conhost.exe.mui 216 0x918b786d56f0 \CMApi 216 0x918b786d5880 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b786d5a10 \Windows\System32\en-US\user32.dll.mui 216 0x918b786d61e0 \Windows\System32\en-US\ESENT.dll.mui 216 0x918b786d6370 \Program Files (x86)\Mozilla Firefox\freebl3.dll 216 0x918b786d6500 \Program Files (x86)\Mozilla Firefox 216 0x918b786d6820 \Program Files (x86)\Mozilla Firefox\softokn3.dll 216 0x918b786d6b40 \Program Files (x86)\Mozilla Firefox\ipcclientcerts.dll 216 0x918b786d6cd0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\permissions.sqlite 216 0x918b786d6e60 \$Directory 216 0x918b786d7180 \Windows\System32\MFMediaEngine.dll 216 0x918b786d7310 \Users\santa\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log 216 0x918b786d74a0 \$Directory 216 0x918b786d7630 \Endpoint 216 0x918b786d77c0 \Program Files (x86)\Mozilla Firefox 216 0x918b786d7950 \Endpoint 216 0x918b786d7c70 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b786d7e00 \Windows\System32\Windows.Networking.HostName.dll 216 0x918b786d8120 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b786d82b0 \Windows\SysWOW64\wscapi.dll 216 0x918b786d8440 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cookies.sqlite-shm 216 0x918b786d85d0 \CMApi 216 0x918b786d8760 \AsyncConnectHlp 216 0x918b786d88f0 \Windows\System32\RuntimeBroker.exe 216 0x918b786d8a80 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b786d8c10 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\AppCoreFramework.Windows.dll 216 0x918b786d8da0 \Windows\System32 216 0x918b786d90c0 \Windows 216 0x918b786d9250 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Lightbox.dll 216 0x918b786d93e0 \Windows\System32\en-US\d2d1.dll.mui 216 0x918b786d9890 \Windows\SysWOW64\urlmon.dll 216 0x918b786d9a20 \Windows\SysWOW64\msmpeg2vdec.dll 216 0x918b786d9bb0 \Windows\System32\en-US\wbiosrvc.dll.mui 216 0x918b786d9ed0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.edb 216 0x918b786da1f0 \$Directory 216 0x918b786da380 \$Directory 216 0x918b786da510 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1 216 0x918b786da6a0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\edb.log 216 0x918b786da830 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe\ActivationStore.dat 216 0x918b786da9c0 \ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2 216 0x918b786dace0 \Program Files\WindowsApps\Microsoft.UI.Xaml.2.7_7.2208.15002.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 216 0x918b786dae70 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Utils.dll 216 0x918b786db190 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\SharedServices.dll 216 0x918b786db320 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ImageEditorLib.dll 216 0x918b786db4b0 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786db7d0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\ImageLib.dll 216 0x918b786db960 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.jfm 216 0x918b786dbaf0 \Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\CoreLib.dll 216 0x918b786dbc80 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.edb 216 0x918b786dbe10 \$Directory 216 0x918b786dc130 \CMApi 216 0x918b786dc2c0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.edb 216 0x918b786dc450 \ProgramData\Microsoft\Windows\ClipSVC\tokens.dat 216 0x918b786dc770 \Windows\System32\en-US\KernelBase.dll.mui 216 0x918b786dca90 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b786dcdb0 \Windows\Fonts\segoeuii.ttf 216 0x918b786dd0d0 \CMNotify 216 0x918b786dd260 \Windows\System32\CompPkgSup.dll 216 0x918b786dd3f0 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db 216 0x918b786dd580 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\CacheStorage\CacheStorage.edb 216 0x918b786dd710 \Windows\System32\en-US\propsys.dll.mui 216 0x918b786dd8a0 \Windows\Registration\R000000000006.clb 216 0x918b786ddd50 \Windows\Registration\R000000000006.clb 216 0x918b786ddee0 \Windows\SysWOW64\wininet.dll 216 0x918b786de200 \Input 216 0x918b786de390 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\CacheStorage\CacheStorage.jfm 216 0x918b786de520 \Output 216 0x918b786de840 \Windows\Registration\R000000000006.clb 216 0x918b786decf0 \Users\santa\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log 216 0x918b786dee80 \Windows\System32 216 0x918b786df4c0 \Windows\System32\Windows.Media.dll 216 0x918b786df650 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b786df970 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786dfc90 \$Directory 216 0x918b786dfe20 \Users\santa\Downloads 216 0x918b786e0140 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b786e02d0 \Windows\System32\twext.dll 216 0x918b786e0460 \Windows\SysWOW64\mfperfhelper.dll 216 0x918b786e0780 \Users\santa\Downloads 216 0x918b786e0940 ঘ确醋￿ঘ确醋￿ 0 0x918b786e0dc0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData 216 0x918b786e1400 \Windows\SysWOW64\MMDevAPI.dll 216 0x918b786e18b0 \CMApi 216 0x918b786e1a40 \$Directory 216 0x918b786e1bd0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b786e1d60 \Users\santa\Documents 216 0x918b786e1ef0 \Windows\System32\en-US\twext.dll.mui 216 0x918b786e2080 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b786e2210 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData 216 0x918b786e23a0 \Users\santa\Documents 216 0x918b786e2850 \Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi 216 0x918b786e29e0 \$Directory 216 0x918b786e2b70 \Windows\System32\en-US\playtomenu.dll.mui 216 0x918b786e2d00 \$Directory 216 0x918b786e2e90 \Users\santa\Videos 216 0x918b786e31b0 \Users\santa\Pictures 216 0x918b786e3660 \Users\santa\Music 216 0x918b786e37f0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\edb.log 216 0x918b786e3980 \Users\santa\Pictures 216 0x918b786e3e30 \Program Files\Windows Photo Viewer\PhotoViewer.dll 216 0x918b786e4600 \Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi 216 0x918b786e4790 \Users\santa\Music 216 0x918b786e4920 \Users\santa\Videos 216 0x918b786e4ab0 \$Directory 216 0x918b786e4dd0 \Users\santa\OneDrive 216 0x918b786e50f0 \Users\santa\OneDrive 216 0x918b786e5280 \wkssvc 216 0x918b786e5410 \Windows\System32\en-US\ntshrui.dll.mui 216 0x918b786e55a0 \Windows\System32\playtomenu.dll 216 0x918b786e5730 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\key4.db 216 0x918b786e58c0 \Windows\System32\networkexplorer.dll 216 0x918b786e5a50 \Windows\SysWOW64\rasadhlp.dll 216 0x918b786e5be0 \Windows\System32\WinBioDatabase\51F39552-1075-4199-B513-0C10EA185DB0.DAT 216 0x918b786e6220 \Windows\System32\WinMetadata\Windows.System.winmd 216 0x918b786e63b0 \Windows\SysWOW64\MP3DMOD.DLL 216 0x918b786e66d0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\storage.sqlite 216 0x918b786e6860 \Windows\Registration\R000000000006.clb 216 0x918b786e6b80 \Windows\SysWOW64\OnDemandConnRouteHelper.dll 216 0x918b786e6d10 \$Directory 216 0x918b786e6ea0 \Windows\SysWOW64\mfplat.dll 216 0x918b786e7990 \Windows\SysWOW64\MSAudDecMFT.dll 216 0x918b786e7b20 \Windows\SysWOW64\xmllite.dll 216 0x918b786e7e40 \Windows\SysWOW64\RTWorkQ.dll 216 0x918b786e82f0 \LOCAL\cubeb-pipe-4576-0 216 0x918b786e8930 \Windows\System32\d3d9.dll 216 0x918b786e8de0 \gecko-crash-server-pipe.4576 216 0x918b786e9100 \$Directory 216 0x918b786e9290 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b786e95b0 \Windows\System32\winevt\Logs\Microsoft-Windows-WER-PayloadHealth%4Operational.evtx 216 0x918b786e9740 \$Directory 216 0x918b786e98d0 \Windows\Fonts\StaticCache.dat 216 0x918b786e9a60 \$Directory 216 0x918b786e9d80 \$Directory 216 0x918b786ea230 \Windows\System32\en-US\tquery.dll.mui 216 0x918b786ea3c0 \Windows\System32\en-US\cmd.exe.mui 216 0x918b786ea550 \Windows 216 0x918b786ea6e0 \Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi 216 0x918b786ea870 \$Directory 216 0x918b786eaa00 \Windows\System32\cmd.exe 216 0x918b786eab90 \Windows\SysWOW64\mf.dll 216 0x918b786ead20 \$Directory 216 0x918b786eb360 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\CacheStorage\CacheStorage.jfm 216 0x918b786eb4f0 \$Directory 216 0x918b786eb680 \$Directory 216 0x918b786eb810 \Windows\System32\CompatTelRunner.exe 216 0x918b786eb9a0 \$Directory 216 0x918b786ebb30 \Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi 216 0x918b786ebe50 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786ec170 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\MetaData 216 0x918b786ec490 \Windows\SysWOW64\d3d11.dll 216 0x918b786ec620 \gecko.4576.3988.8426202675842789959 216 0x918b786ec7b0 \Windows\SysWOW64\msdmo.dll 216 0x918b786ec940 \$Directory 216 0x918b786ecad0 \Windows\System32\SettingsHandlers_nt.dll 216 0x918b786ecc60 \gecko.4576.3988.8426202675842789959 216 0x918b786ecdf0 \ProgramData\Microsoft\Windows\OneSettings\CTAC.json 216 0x918b786ed110 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.edb 216 0x918b786ed430 \Windows\SysWOW64\winhttp.dll 216 0x918b786ed5c0 \Windows\System32\en-US\d2d1.dll.mui 216 0x918b786ed750 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db 216 0x918b786ed8e0 \Windows\System32\en-US\winmm.dll.mui 216 0x918b786eda70 \Windows\SysWOW64\dxva2.dll 216 0x918b786edc00 \Windows\SysWOW64\evr.dll 216 0x918b786edd90 \Windows\System32\DeviceCensus.exe 216 0x918b786ee0b0 \Windows\System32\themeui.dll 216 0x918b786ee3d0 \Program Files (x86)\Mozilla Firefox\nssckbi.dll 216 0x918b786ee6f0 \Windows\System32\ErrorDetailsCore.dll 216 0x918b786ee880 \Windows\SysWOW64\Windows.Security.Integrity.dll 216 0x918b786eea10 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 216 0x918b786eeba0 \Windows\System32\MusNotification.exe 216 0x918b786eeec0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.jfm 216 0x918b786ef1e0 \Program Files (x86)\Mozilla Firefox 216 0x918b786ef690 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.edb 216 0x918b786ef820 \Windows\System32\en-US\Conhost.exe.mui 216 0x918b786ef9b0 \Windows\SysWOW64\d2d1.dll 216 0x918b786efe60 \Users\santa 216 0x918b786f0180 \$Directory 216 0x918b786f0310 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.jfm 216 0x918b786f04a0 \Windows\System32\en-US\webservices.dll.mui 216 0x918b786f07c0 \Windows\Prefetch\MICROSOFTEDGEUPDATE.EXE-96674210.pf 216 0x918b786f0950 \Server 216 0x918b786f0c70 \Reference 216 0x918b786f1120 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.jfm 216 0x918b786f12b0 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.edb 216 0x918b786f1440 \Windows\System32\en-US\winnlsres.dll.mui 216 0x918b786f15d0 \Windows\System32\en-US\wininet.dll.mui 216 0x918b786f2250 \Users\santa\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db 216 0x918b786f2700 \Windows\System32\conhost.exe 216 0x918b786f2bb0 \LOCAL\cubeb-pipe-4576-0 216 0x918b786f2d40 \CMApi 216 0x918b786f2ed0 \Windows\System32\en-US\shell32.dll.mui 216 0x918b786f31f0 \$ConvertToNonresident 216 0x918b786f3380 \Program Files (x86)\Mozilla Firefox\firefox.exe 216 0x918b786f3510 \$Directory 216 0x918b786f36a0 \$ConvertToNonresident 216 0x918b786f3830 \Windows 216 0x918b786f39c0 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\S-1-5-21-1046918562-1299961717-1331875240-1001-MergedResources-1.pri 216 0x918b786f3b50 \MsFteWds 216 0x918b786f3e70 \Windows\Registration\R000000000006.clb 216 0x918b786f4320 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\plum.sqlite-wal 216 0x918b786f4640 \gecko.4576.3988.5212297437992786329 216 0x918b786f47d0 \gecko.4576.3988.5212297437992786329 216 0x918b786f4960 \Windows 216 0x918b786f4af0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\plum.sqlite-shm 216 0x918b786f4c80 \Users\santa\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log 216 0x918b786f5130 \Connect 216 0x918b786f52c0 \Windows\System32\en-US\propsys.dll.mui 216 0x918b786f5450 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\plum.sqlite 216 0x918b786f5770 \Input 216 0x918b786f5a90 \Output 216 0x918b786f5c20 \Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx 216 0x918b786f63f0 \$Directory 216 0x918b786f68a0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\Ecs.dat 216 0x918b786f6a30 \Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.1.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll 216 0x918b786f6d50 \Windows\System32\en-US\usosvc.dll.mui 216 0x918b786f7200 \Windows\System32\WinMetadata\Windows.Web.winmd 216 0x918b786f7520 \Windows 216 0x918b786f7840 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState\DiagOutputDir\log-2023-11-17-15-54-57-0.txt 216 0x918b786f79d0 \Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.30_none_a1435978519dce7f 216 0x918b786f7b60 \Windows\System32\WordBreakers.dll 216 0x918b786f7e80 \Windows\System32\en-US\mswsock.dll.mui 216 0x918b786f8330 \Connect 216 0x918b786f87e0 \Windows\SystemResources\imageres.dll.mun 216 0x918b786f8e20 \Program Files (x86)\Mozilla Firefox\osclientcerts.dll 216 0x918b786f9460 \Windows\SysWOW64\ntasn1.dll 216 0x918b786f95f0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cookies.sqlite-wal 216 0x918b786f9910 \Windows\System32\en-US\dnsapi.dll.mui 216 0x918b786f9aa0 \Windows\System32\en-US\crypt32.dll.mui 216 0x918b786f9dc0 \Users\santa\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData 216 0x918b786fa0e0 \Windows\Logs\CBS\CBS.log 216 0x918b786fa400 \Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll 216 0x918b786fa720 \Windows\Fonts\segoeui.ttf 216 0x918b786faa40 \Windows\SysWOW64\avrt.dll 216 0x918b786fabd0 \MmThread 216 0x918b786faef0 \CMApi 216 0x918b786fb080 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cookies.sqlite 216 0x918b786fb3a0 \Users\santa\AppData\Roaming\Mozilla\Firefox\Profiles\888jya8e.default-release\cookies.sqlite-shm 216 0x918b786fb530 \Windows\Fonts\segoeui.ttf 216 0x918b786fb6c0 \Windows\SysWOW64\ncrypt.dll 216 0x918b786fbd00 \Windows\System32\wosc.dll 216 0x918b786fbe90 \Windows\SysWOW64\Windows.StateRepositoryCore.dll 216 0x918b786fcca0 \CMNotify 216 0x918b78d25d20 \Windows\System32\drivers\bindflt.sys 216 0x918b78d2f580 \Device\HarddiskVolume4\Windows\System32\config\COMPONENTS{fd9a35c2-49fe-11e9-aa2c-248a07783950}.TxR 216 0x918b78d31ae0 \Windows\System32\config\COMPONENTS{fd9a35c2-49fe-11e9-aa2c-248a07783950}.TxR.blf 216 0x918b78d365a0 \Windows\System32\config\COMPONENTS{fd9a35c2-49fe-11e9-aa2c-248a07783950}.TxR.0.regtrans-ms 216 0x918b78d3bbe0 \Windows\System32\config\COMPONENTS{fd9a35c2-49fe-11e9-aa2c-248a07783950}.TxR.1.regtrans-ms 216 0x918b78d3ce90 \Windows\System32\config\COMPONENTS{fd9a35c2-49fe-11e9-aa2c-248a07783950}.TxR.2.regtrans-ms 216 0x918b78d4a350 \Windows\System32\config\DRIVERS 216 0x918b78d4abf0 \Windows\System32\config\DRIVERS.LOG2 216 0x918b78d4b770 \Windows\System32\config\DRIVERS{fd9a35cb-49fe-11e9-aa2c-248a07783950}.TM.blf 216 0x918b78d4b8e0 \Windows\System32\config\DRIVERS{fd9a35cb-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000001.regtrans-ms 216 0x918b78d4ba50 \Windows\System32\config\DRIVERS.LOG1 216 0x918b78d4bd30 \Windows\System32\config\DRIVERS{fd9a35cb-49fe-11e9-aa2c-248a07783950}.TMContainer00000000000000000002.regtrans-ms 216 0x918b78d4e850 \Windows\Logs\WindowsUpdate\WindowsUpdate.20231117.155111.221.2.etl 216 0x918b78d4f540 \Device\HarddiskVolume4\Windows\System32\config\DRIVERS{fd9a35cb-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b78d50960 \Device\HarddiskVolume4\Windows\System32\config\DRIVERS{fd9a35cb-49fe-11e9-aa2c-248a07783950}.TM 216 0x918b79269d60 \$ConvertToNonresident 216