From 7d6bb8d2187426ae13710b0540222eec07053bdf Mon Sep 17 00:00:00 2001
From: Daracy <34067643+Dara-cy@users.noreply.github.com>
Date: Sun, 5 May 2024 18:56:17 +0700
Subject: [PATCH] new config for redline

---
 {advance_Redline => redline_2}/Helper.bat     |   0
 .../MemoryzeAuditScript.xml                   |  77 +++++++++---------
 {advance_Redline => redline_2}/Readme.txt     |   0
 .../RunRedlineAudit.bat                       |   0
 {advance_Redline => redline_2}/elevate.cmd    |   0
 {advance_Redline => redline_2}/elevate.vbs    |   0
 .../finishAnalysis.js                         |   0
 .../getNextSessionFolder.js                   |   0
 {advance_Redline => redline_2}/getPath.js     |   0
 .../x64/api-ms-win-core-console-l1-1-0.dll    | Bin
 .../x64/api-ms-win-core-datetime-l1-1-0.dll   | Bin
 .../x64/api-ms-win-core-debug-l1-1-0.dll      | Bin
 .../api-ms-win-core-errorhandling-l1-1-0.dll  | Bin
 .../x64/api-ms-win-core-file-l1-1-0.dll       | Bin
 .../x64/api-ms-win-core-file-l1-2-0.dll       | Bin
 .../x64/api-ms-win-core-file-l2-1-0.dll       | Bin
 .../x64/api-ms-win-core-handle-l1-1-0.dll     | Bin
 .../x64/api-ms-win-core-heap-l1-1-0.dll       | Bin
 .../api-ms-win-core-interlocked-l1-1-0.dll    | Bin
 .../api-ms-win-core-libraryloader-l1-1-0.dll  | Bin
 .../api-ms-win-core-localization-l1-2-0.dll   | Bin
 .../x64/api-ms-win-core-memory-l1-1-0.dll     | Bin
 .../x64/api-ms-win-core-namedpipe-l1-1-0.dll  | Bin
 ...-ms-win-core-processenvironment-l1-1-0.dll | Bin
 .../api-ms-win-core-processthreads-l1-1-0.dll | Bin
 .../api-ms-win-core-processthreads-l1-1-1.dll | Bin
 .../x64/api-ms-win-core-profile-l1-1-0.dll    | Bin
 .../x64/api-ms-win-core-rtlsupport-l1-1-0.dll | Bin
 .../x64/api-ms-win-core-string-l1-1-0.dll     | Bin
 .../x64/api-ms-win-core-synch-l1-1-0.dll      | Bin
 .../x64/api-ms-win-core-synch-l1-2-0.dll      | Bin
 .../x64/api-ms-win-core-sysinfo-l1-1-0.dll    | Bin
 .../x64/api-ms-win-core-timezone-l1-1-0.dll   | Bin
 .../x64/api-ms-win-core-util-l1-1-0.dll       | Bin
 .../x64/api-ms-win-crt-conio-l1-1-0.dll       | Bin
 .../x64/api-ms-win-crt-convert-l1-1-0.dll     | Bin
 .../x64/api-ms-win-crt-environment-l1-1-0.dll | Bin
 .../x64/api-ms-win-crt-filesystem-l1-1-0.dll  | Bin
 .../x64/api-ms-win-crt-heap-l1-1-0.dll        | Bin
 .../x64/api-ms-win-crt-locale-l1-1-0.dll      | Bin
 .../x64/api-ms-win-crt-math-l1-1-0.dll        | Bin
 .../x64/api-ms-win-crt-multibyte-l1-1-0.dll   | Bin
 .../x64/api-ms-win-crt-private-l1-1-0.dll     | Bin
 .../x64/api-ms-win-crt-process-l1-1-0.dll     | Bin
 .../x64/api-ms-win-crt-runtime-l1-1-0.dll     | Bin
 .../x64/api-ms-win-crt-stdio-l1-1-0.dll       | Bin
 .../x64/api-ms-win-crt-string-l1-1-0.dll      | Bin
 .../x64/api-ms-win-crt-time-l1-1-0.dll        | Bin
 .../x64/api-ms-win-crt-utility-l1-1-0.dll     | Bin
 {advance_Redline => redline_2}/x64/audits.dll | Bin
 .../x64/concrt140.dll                         | Bin
 .../x64/libcrypto-1_1-x64.dll                 | Bin
 .../x64/libssl-1_1-x64.dll                    | Bin
 {advance_Redline => redline_2}/x64/libuv.dll  | Bin
 .../x64/msvcp140.dll                          | Bin
 {advance_Redline => redline_2}/x64/mxCore.dll | Bin
 .../x64/ucrtbase.dll                          | Bin
 .../x64/vcruntime140.dll                      | Bin
 {advance_Redline => redline_2}/x64/xagt.exe   | Bin
 {advance_Redline => redline_2}/x64/zlib1.dll  | Bin
 .../x86/api-ms-win-core-console-l1-1-0.dll    | Bin
 .../x86/api-ms-win-core-datetime-l1-1-0.dll   | Bin
 .../x86/api-ms-win-core-debug-l1-1-0.dll      | Bin
 .../api-ms-win-core-errorhandling-l1-1-0.dll  | Bin
 .../x86/api-ms-win-core-file-l1-1-0.dll       | Bin
 .../x86/api-ms-win-core-file-l1-2-0.dll       | Bin
 .../x86/api-ms-win-core-file-l2-1-0.dll       | Bin
 .../x86/api-ms-win-core-handle-l1-1-0.dll     | Bin
 .../x86/api-ms-win-core-heap-l1-1-0.dll       | Bin
 .../api-ms-win-core-interlocked-l1-1-0.dll    | Bin
 .../api-ms-win-core-libraryloader-l1-1-0.dll  | Bin
 .../api-ms-win-core-localization-l1-2-0.dll   | Bin
 .../x86/api-ms-win-core-memory-l1-1-0.dll     | Bin
 .../x86/api-ms-win-core-namedpipe-l1-1-0.dll  | Bin
 ...-ms-win-core-processenvironment-l1-1-0.dll | Bin
 .../api-ms-win-core-processthreads-l1-1-0.dll | Bin
 .../api-ms-win-core-processthreads-l1-1-1.dll | Bin
 .../x86/api-ms-win-core-profile-l1-1-0.dll    | Bin
 .../x86/api-ms-win-core-rtlsupport-l1-1-0.dll | Bin
 .../x86/api-ms-win-core-string-l1-1-0.dll     | Bin
 .../x86/api-ms-win-core-synch-l1-1-0.dll      | Bin
 .../x86/api-ms-win-core-synch-l1-2-0.dll      | Bin
 .../x86/api-ms-win-core-sysinfo-l1-1-0.dll    | Bin
 .../x86/api-ms-win-core-timezone-l1-1-0.dll   | Bin
 .../x86/api-ms-win-core-util-l1-1-0.dll       | Bin
 .../x86/api-ms-win-crt-conio-l1-1-0.dll       | Bin
 .../x86/api-ms-win-crt-convert-l1-1-0.dll     | Bin
 .../x86/api-ms-win-crt-environment-l1-1-0.dll | Bin
 .../x86/api-ms-win-crt-filesystem-l1-1-0.dll  | Bin
 .../x86/api-ms-win-crt-heap-l1-1-0.dll        | Bin
 .../x86/api-ms-win-crt-locale-l1-1-0.dll      | Bin
 .../x86/api-ms-win-crt-math-l1-1-0.dll        | Bin
 .../x86/api-ms-win-crt-multibyte-l1-1-0.dll   | Bin
 .../x86/api-ms-win-crt-private-l1-1-0.dll     | Bin
 .../x86/api-ms-win-crt-process-l1-1-0.dll     | Bin
 .../x86/api-ms-win-crt-runtime-l1-1-0.dll     | Bin
 .../x86/api-ms-win-crt-stdio-l1-1-0.dll       | Bin
 .../x86/api-ms-win-crt-string-l1-1-0.dll      | Bin
 .../x86/api-ms-win-crt-time-l1-1-0.dll        | Bin
 .../x86/api-ms-win-crt-utility-l1-1-0.dll     | Bin
 {advance_Redline => redline_2}/x86/audits.dll | Bin
 .../x86/concrt140.dll                         | Bin
 .../x86/libcrypto-1_1.dll                     | Bin
 .../x86/libssl-1_1.dll                        | Bin
 {advance_Redline => redline_2}/x86/libuv.dll  | Bin
 .../x86/msvcp140.dll                          | Bin
 {advance_Redline => redline_2}/x86/mxCore.dll | Bin
 .../x86/ucrtbase.dll                          | Bin
 .../x86/vcruntime140.dll                      | Bin
 {advance_Redline => redline_2}/x86/xagt.exe   | Bin
 {advance_Redline => redline_2}/x86/zlib1.dll  | Bin
 111 files changed, 37 insertions(+), 40 deletions(-)
 rename {advance_Redline => redline_2}/Helper.bat (100%)
 rename {advance_Redline => redline_2}/MemoryzeAuditScript.xml (85%)
 rename {advance_Redline => redline_2}/Readme.txt (100%)
 rename {advance_Redline => redline_2}/RunRedlineAudit.bat (100%)
 rename {advance_Redline => redline_2}/elevate.cmd (100%)
 rename {advance_Redline => redline_2}/elevate.vbs (100%)
 rename {advance_Redline => redline_2}/finishAnalysis.js (100%)
 rename {advance_Redline => redline_2}/getNextSessionFolder.js (100%)
 rename {advance_Redline => redline_2}/getPath.js (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-console-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-datetime-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-debug-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-errorhandling-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-file-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-file-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-file-l2-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-handle-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-heap-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-interlocked-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-libraryloader-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-localization-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-memory-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-namedpipe-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-processenvironment-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-processthreads-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-processthreads-l1-1-1.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-profile-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-rtlsupport-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-string-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-synch-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-synch-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-sysinfo-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-timezone-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-core-util-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-conio-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-convert-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-environment-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-filesystem-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-heap-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-locale-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-math-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-multibyte-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-private-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-process-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-runtime-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-stdio-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-string-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-time-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/api-ms-win-crt-utility-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x64/audits.dll (100%)
 rename {advance_Redline => redline_2}/x64/concrt140.dll (100%)
 rename {advance_Redline => redline_2}/x64/libcrypto-1_1-x64.dll (100%)
 rename {advance_Redline => redline_2}/x64/libssl-1_1-x64.dll (100%)
 rename {advance_Redline => redline_2}/x64/libuv.dll (100%)
 rename {advance_Redline => redline_2}/x64/msvcp140.dll (100%)
 rename {advance_Redline => redline_2}/x64/mxCore.dll (100%)
 rename {advance_Redline => redline_2}/x64/ucrtbase.dll (100%)
 rename {advance_Redline => redline_2}/x64/vcruntime140.dll (100%)
 rename {advance_Redline => redline_2}/x64/xagt.exe (100%)
 rename {advance_Redline => redline_2}/x64/zlib1.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-console-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-datetime-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-debug-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-errorhandling-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-file-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-file-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-file-l2-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-handle-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-heap-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-interlocked-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-libraryloader-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-localization-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-memory-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-namedpipe-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-processenvironment-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-processthreads-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-processthreads-l1-1-1.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-profile-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-rtlsupport-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-string-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-synch-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-synch-l1-2-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-sysinfo-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-timezone-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-core-util-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-conio-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-convert-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-environment-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-filesystem-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-heap-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-locale-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-math-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-multibyte-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-private-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-process-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-runtime-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-stdio-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-string-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-time-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/api-ms-win-crt-utility-l1-1-0.dll (100%)
 rename {advance_Redline => redline_2}/x86/audits.dll (100%)
 rename {advance_Redline => redline_2}/x86/concrt140.dll (100%)
 rename {advance_Redline => redline_2}/x86/libcrypto-1_1.dll (100%)
 rename {advance_Redline => redline_2}/x86/libssl-1_1.dll (100%)
 rename {advance_Redline => redline_2}/x86/libuv.dll (100%)
 rename {advance_Redline => redline_2}/x86/msvcp140.dll (100%)
 rename {advance_Redline => redline_2}/x86/mxCore.dll (100%)
 rename {advance_Redline => redline_2}/x86/ucrtbase.dll (100%)
 rename {advance_Redline => redline_2}/x86/vcruntime140.dll (100%)
 rename {advance_Redline => redline_2}/x86/xagt.exe (100%)
 rename {advance_Redline => redline_2}/x86/zlib1.dll (100%)

diff --git a/advance_Redline/Helper.bat b/redline_2/Helper.bat
similarity index 100%
rename from advance_Redline/Helper.bat
rename to redline_2/Helper.bat
diff --git a/advance_Redline/MemoryzeAuditScript.xml b/redline_2/MemoryzeAuditScript.xml
similarity index 85%
rename from advance_Redline/MemoryzeAuditScript.xml
rename to redline_2/MemoryzeAuditScript.xml
index a885673..c790ca8 100644
--- a/advance_Redline/MemoryzeAuditScript.xml
+++ b/redline_2/MemoryzeAuditScript.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
-<script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" id="urn:uuid:48bb9c4e-67f2-49d4-bfd0-787e7e46086e" chaining="implicit">
+<script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" id="urn:uuid:39241cbf-9620-498b-ae07-a50d8973e585" chaining="implicit">
   <commands>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:7f9ab486-70cb-4db6-86b9-2bfd0c3ab9fd">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:d246e0b4-9118-482a-a3cb-4c462f0b95ca">
       <module name="w32memory-acquisition" version="1.4.62.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -12,7 +12,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:90404373-72f2-4b09-9465-8d875713e42b">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:6c620bc9-bbaf-463e-9579-46f34980fed5">
       <module name="w32drivers-signature" version="2.1.4.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -32,7 +32,7 @@
             <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="SHA256">
-            <value xsi:type="xsd:boolean">false</value>
+            <value xsi:type="xsd:boolean">true</value>
           </param>
           <param name="strings">
             <value xsi:type="xsd:boolean">false</value>
@@ -47,14 +47,14 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:daf63e5a-5c3a-45ef-b413-5fef3c77c037">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:ecaa2214-19f4-4ff7-914a-cd849773fee7">
       <module name="w32drivers-modulelist" version="1.4.46.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters />
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:361a57ef-0b56-42e2-98bd-e0518f3000fb">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:54ca609f-a587-4ad9-ab09-a6d9846ead82">
       <module name="w32kernel-hookdetection" version="1.4.46.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -77,7 +77,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:537d87a1-d8a7-4200-9156-d540ea332a04">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:89833c3b-c485-4ce5-9698-c1b6ceca2309">
       <module name="w32processes-memory" version="2.1.4.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -111,7 +111,7 @@
             <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="SHA256">
-            <value xsi:type="xsd:boolean">false</value>
+            <value xsi:type="xsd:boolean">true</value>
           </param>
           <param name="MemD5">
             <value xsi:type="xsd:boolean">false</value>
@@ -123,14 +123,14 @@
             <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="raw mode">
-            <value xsi:type="xsd:boolean">false</value>
+            <value xsi:type="xsd:boolean">true</value>
           </param>
           <param name="Content Regex" />
         </parameters>
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:09f69663-91d9-46d3-80c2-8e7918845efd">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:04b93326-b052-450b-9a91-44df224d86ab">
       <module name="w32system" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -141,7 +141,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:27085475-29fc-4c5a-8e12-23707df39b98">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:02cd090e-8780-43de-928e-e9d7ce971f0c">
       <module name="w32disks" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -152,7 +152,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:adb80bf9-0a32-4ceb-8668-42ce68be6d06">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:c538fcf7-7ff8-4125-b559-22cc98baaa39">
       <module name="w32eventlogs" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -165,7 +165,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:f26f94e7-8e97-456b-924b-6ce1fa95be3d">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:b6d4903d-10f2-4580-8fcd-dad8e170390c">
       <module name="w32apifiles" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -177,10 +177,10 @@
             <value xsi:type="xsd:boolean">true</value>
           </param>
           <param name="SHA1">
-            <value xsi:type="xsd:boolean">true</value>
+            <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="SHA256">
-            <value xsi:type="xsd:boolean">true</value>
+            <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="Preserve Times">
             <value xsi:type="xsd:boolean">false</value>
@@ -213,7 +213,7 @@
             <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="Strings">
-            <value xsi:type="xsd:boolean">true</value>
+            <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="Include Files">
             <value xsi:type="xsd:boolean">true</value>
@@ -225,7 +225,7 @@
             <value xsi:type="xsd:boolean">true</value>
           </param>
           <param name="Get Resource Data">
-            <value xsi:type="xsd:boolean">true</value>
+            <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="Get Version Info">
             <value xsi:type="xsd:boolean">true</value>
@@ -234,14 +234,11 @@
           <param name="Prevent Hibernation">
             <value xsi:type="xsd:boolean">true</value>
           </param>
-          <param name="shortest matched string">
-            <value xsi:type="xsd:int">8</value>
-          </param>
         </parameters>
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:16b3f56f-818e-4097-9c22-332892169a69">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:65fa495e-422a-418a-9203-56c776b13d02">
       <module name="w32network-arp" version="1.4.34.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -252,7 +249,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:48d7709f-3ef4-4713-b339-93cfb08619ca">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:0ab6efe3-f5d3-4f9c-9cbb-5e1dd5af4388">
       <module name="w32network-dns" version="1.4.34.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -263,7 +260,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:e086b1bb-b028-4af6-afbd-b7d924b58c5c">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:3dbf867a-b882-4b9d-8239-738ffb3d9bbd">
       <module name="w32network-route" version="1.4.34.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -274,7 +271,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:b158b8f6-d5b1-4ee4-abce-998ae32f1a1a">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:584fe15f-0fdd-45f6-9963-243f8bdc554a">
       <module name="w32ports" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -285,7 +282,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:5f876183-de38-4cfe-ac81-e799b59dca3a">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:2bf69b99-c0b3-4cfc-8dca-04b3c7708a5c">
       <module name="w32scripting-persistence" version="1.4.45.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -333,7 +330,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:1986e3bf-9ce8-474b-b61d-7ef11cb7c394">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:1815fe53-26b8-4bac-8518-164b80ae5c3b">
       <module name="w32prefetch" version="1.4.34.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -344,7 +341,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:10616305-dfc0-4349-a8e6-7997f78d73ff">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:5e212b76-8e5b-4056-97f2-a0d705fb8c16">
       <module name="w32hivelist" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -355,7 +352,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:13de33e5-baac-426f-87b4-99c35a21bded">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:4843086b-4200-41e7-a416-6ac583934a1a">
       <module name="w32registryapi" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -370,7 +367,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:490ca69a-387e-4f50-8fe1-57061c5ee551">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:97fc60d1-5848-4ae9-b8c2-207aa07dbb9b">
       <module name="w32services" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -399,7 +396,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:8de65b27-9b00-4f69-b8d0-1101ee93e82b">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:0161cd62-4578-4cc9-b353-0348e1ddc4fc">
       <module name="w32systemrestore" version="1.4.41.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -410,7 +407,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:fbf41eec-017b-4414-9152-dfc643dca7ee">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:6261bfdd-1aa0-4995-b4c6-8f9632ae321f">
       <module name="w32tasks" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -439,7 +436,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:d59aab09-53c7-49c6-9929-abc6588410ae">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:ba6b6446-b893-4ca3-8743-0fea1473800b">
       <module name="w32useraccounts" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -450,7 +447,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:a8464c41-3625-40ec-bbd5-e366a24cca03">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:44a4c36c-26b7-4d16-9a35-5771f04d266a">
       <module name="w32volumes" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -461,7 +458,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:7ac7761c-2480-475c-b8f9-074e90a983c8">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:046ba451-c9cc-4b7a-a0a0-ed5bef2c7c05">
       <module name="cookiehistory" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -474,7 +471,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:de294798-ab18-484c-8fcd-4febc97a9498">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:bc9a8650-c323-4e7c-85f7-02242044230f">
       <module name="filedownloadhistory" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -487,7 +484,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:7a521f5f-07fb-4c41-9f77-33430ed0cf83">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:b4261316-3d74-4bc2-9a3a-d09288d5667b">
       <module name="formhistory" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -500,7 +497,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:938696df-9954-44b9-8b7c-0c4c7f1550aa">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:2a9e55fa-fe10-4250-9e19-2ffdd0147444">
       <module name="urlhistory" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -510,7 +507,7 @@
             <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="GetIndexedPageContent">
-            <value xsi:type="xsd:boolean">true</value>
+            <value xsi:type="xsd:boolean">false</value>
           </param>
           <param name="Prevent Hibernation">
             <value xsi:type="xsd:boolean">true</value>
@@ -519,7 +516,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:4c655fa2-4bc8-4fbf-b6dd-f7751b110361">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:d14d45f1-3041-49ad-bda1-e29d70f64eec">
       <module name="w32processes-API" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
@@ -530,7 +527,7 @@
       </config>
       <filters />
     </command>
-    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:dea71c7c-551d-41f6-b9c8-7329cbaaed6d">
+    <command xsi:type="ExecuteModuleCommand" id="urn:uuid:8537ad3c-28df-44e4-8239-406404c6e507">
       <module name="w32processes-handle" version="1.4.36.0" />
       <config xsi:type="ParameterListModuleConfig">
         <parameters>
diff --git a/advance_Redline/Readme.txt b/redline_2/Readme.txt
similarity index 100%
rename from advance_Redline/Readme.txt
rename to redline_2/Readme.txt
diff --git a/advance_Redline/RunRedlineAudit.bat b/redline_2/RunRedlineAudit.bat
similarity index 100%
rename from advance_Redline/RunRedlineAudit.bat
rename to redline_2/RunRedlineAudit.bat
diff --git a/advance_Redline/elevate.cmd b/redline_2/elevate.cmd
similarity index 100%
rename from advance_Redline/elevate.cmd
rename to redline_2/elevate.cmd
diff --git a/advance_Redline/elevate.vbs b/redline_2/elevate.vbs
similarity index 100%
rename from advance_Redline/elevate.vbs
rename to redline_2/elevate.vbs
diff --git a/advance_Redline/finishAnalysis.js b/redline_2/finishAnalysis.js
similarity index 100%
rename from advance_Redline/finishAnalysis.js
rename to redline_2/finishAnalysis.js
diff --git a/advance_Redline/getNextSessionFolder.js b/redline_2/getNextSessionFolder.js
similarity index 100%
rename from advance_Redline/getNextSessionFolder.js
rename to redline_2/getNextSessionFolder.js
diff --git a/advance_Redline/getPath.js b/redline_2/getPath.js
similarity index 100%
rename from advance_Redline/getPath.js
rename to redline_2/getPath.js
diff --git a/advance_Redline/x64/api-ms-win-core-console-l1-1-0.dll b/redline_2/x64/api-ms-win-core-console-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-console-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-console-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-datetime-l1-1-0.dll b/redline_2/x64/api-ms-win-core-datetime-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-datetime-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-datetime-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-debug-l1-1-0.dll b/redline_2/x64/api-ms-win-core-debug-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-debug-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-debug-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-errorhandling-l1-1-0.dll b/redline_2/x64/api-ms-win-core-errorhandling-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-errorhandling-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-errorhandling-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-file-l1-1-0.dll b/redline_2/x64/api-ms-win-core-file-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-file-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-file-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-file-l1-2-0.dll b/redline_2/x64/api-ms-win-core-file-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-file-l1-2-0.dll
rename to redline_2/x64/api-ms-win-core-file-l1-2-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-file-l2-1-0.dll b/redline_2/x64/api-ms-win-core-file-l2-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-file-l2-1-0.dll
rename to redline_2/x64/api-ms-win-core-file-l2-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-handle-l1-1-0.dll b/redline_2/x64/api-ms-win-core-handle-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-handle-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-handle-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-heap-l1-1-0.dll b/redline_2/x64/api-ms-win-core-heap-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-heap-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-heap-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-interlocked-l1-1-0.dll b/redline_2/x64/api-ms-win-core-interlocked-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-interlocked-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-interlocked-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-libraryloader-l1-1-0.dll b/redline_2/x64/api-ms-win-core-libraryloader-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-libraryloader-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-libraryloader-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-localization-l1-2-0.dll b/redline_2/x64/api-ms-win-core-localization-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-localization-l1-2-0.dll
rename to redline_2/x64/api-ms-win-core-localization-l1-2-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-memory-l1-1-0.dll b/redline_2/x64/api-ms-win-core-memory-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-memory-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-memory-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-namedpipe-l1-1-0.dll b/redline_2/x64/api-ms-win-core-namedpipe-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-namedpipe-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-namedpipe-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-processenvironment-l1-1-0.dll b/redline_2/x64/api-ms-win-core-processenvironment-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-processenvironment-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-processenvironment-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-processthreads-l1-1-0.dll b/redline_2/x64/api-ms-win-core-processthreads-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-processthreads-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-processthreads-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-processthreads-l1-1-1.dll b/redline_2/x64/api-ms-win-core-processthreads-l1-1-1.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-processthreads-l1-1-1.dll
rename to redline_2/x64/api-ms-win-core-processthreads-l1-1-1.dll
diff --git a/advance_Redline/x64/api-ms-win-core-profile-l1-1-0.dll b/redline_2/x64/api-ms-win-core-profile-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-profile-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-profile-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-rtlsupport-l1-1-0.dll b/redline_2/x64/api-ms-win-core-rtlsupport-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-rtlsupport-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-rtlsupport-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-string-l1-1-0.dll b/redline_2/x64/api-ms-win-core-string-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-string-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-string-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-synch-l1-1-0.dll b/redline_2/x64/api-ms-win-core-synch-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-synch-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-synch-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-synch-l1-2-0.dll b/redline_2/x64/api-ms-win-core-synch-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-synch-l1-2-0.dll
rename to redline_2/x64/api-ms-win-core-synch-l1-2-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-sysinfo-l1-1-0.dll b/redline_2/x64/api-ms-win-core-sysinfo-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-sysinfo-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-sysinfo-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-timezone-l1-1-0.dll b/redline_2/x64/api-ms-win-core-timezone-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-timezone-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-timezone-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-core-util-l1-1-0.dll b/redline_2/x64/api-ms-win-core-util-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-core-util-l1-1-0.dll
rename to redline_2/x64/api-ms-win-core-util-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-conio-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-conio-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-conio-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-conio-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-convert-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-convert-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-convert-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-convert-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-environment-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-environment-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-environment-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-environment-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-filesystem-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-filesystem-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-filesystem-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-filesystem-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-heap-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-heap-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-heap-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-heap-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-locale-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-locale-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-locale-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-locale-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-math-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-math-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-math-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-math-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-multibyte-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-multibyte-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-multibyte-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-multibyte-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-private-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-private-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-private-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-private-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-process-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-process-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-process-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-process-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-runtime-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-runtime-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-runtime-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-runtime-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-stdio-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-stdio-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-stdio-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-stdio-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-string-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-string-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-string-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-string-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-time-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-time-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-time-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-time-l1-1-0.dll
diff --git a/advance_Redline/x64/api-ms-win-crt-utility-l1-1-0.dll b/redline_2/x64/api-ms-win-crt-utility-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x64/api-ms-win-crt-utility-l1-1-0.dll
rename to redline_2/x64/api-ms-win-crt-utility-l1-1-0.dll
diff --git a/advance_Redline/x64/audits.dll b/redline_2/x64/audits.dll
similarity index 100%
rename from advance_Redline/x64/audits.dll
rename to redline_2/x64/audits.dll
diff --git a/advance_Redline/x64/concrt140.dll b/redline_2/x64/concrt140.dll
similarity index 100%
rename from advance_Redline/x64/concrt140.dll
rename to redline_2/x64/concrt140.dll
diff --git a/advance_Redline/x64/libcrypto-1_1-x64.dll b/redline_2/x64/libcrypto-1_1-x64.dll
similarity index 100%
rename from advance_Redline/x64/libcrypto-1_1-x64.dll
rename to redline_2/x64/libcrypto-1_1-x64.dll
diff --git a/advance_Redline/x64/libssl-1_1-x64.dll b/redline_2/x64/libssl-1_1-x64.dll
similarity index 100%
rename from advance_Redline/x64/libssl-1_1-x64.dll
rename to redline_2/x64/libssl-1_1-x64.dll
diff --git a/advance_Redline/x64/libuv.dll b/redline_2/x64/libuv.dll
similarity index 100%
rename from advance_Redline/x64/libuv.dll
rename to redline_2/x64/libuv.dll
diff --git a/advance_Redline/x64/msvcp140.dll b/redline_2/x64/msvcp140.dll
similarity index 100%
rename from advance_Redline/x64/msvcp140.dll
rename to redline_2/x64/msvcp140.dll
diff --git a/advance_Redline/x64/mxCore.dll b/redline_2/x64/mxCore.dll
similarity index 100%
rename from advance_Redline/x64/mxCore.dll
rename to redline_2/x64/mxCore.dll
diff --git a/advance_Redline/x64/ucrtbase.dll b/redline_2/x64/ucrtbase.dll
similarity index 100%
rename from advance_Redline/x64/ucrtbase.dll
rename to redline_2/x64/ucrtbase.dll
diff --git a/advance_Redline/x64/vcruntime140.dll b/redline_2/x64/vcruntime140.dll
similarity index 100%
rename from advance_Redline/x64/vcruntime140.dll
rename to redline_2/x64/vcruntime140.dll
diff --git a/advance_Redline/x64/xagt.exe b/redline_2/x64/xagt.exe
similarity index 100%
rename from advance_Redline/x64/xagt.exe
rename to redline_2/x64/xagt.exe
diff --git a/advance_Redline/x64/zlib1.dll b/redline_2/x64/zlib1.dll
similarity index 100%
rename from advance_Redline/x64/zlib1.dll
rename to redline_2/x64/zlib1.dll
diff --git a/advance_Redline/x86/api-ms-win-core-console-l1-1-0.dll b/redline_2/x86/api-ms-win-core-console-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-console-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-console-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-datetime-l1-1-0.dll b/redline_2/x86/api-ms-win-core-datetime-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-datetime-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-datetime-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-debug-l1-1-0.dll b/redline_2/x86/api-ms-win-core-debug-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-debug-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-debug-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-errorhandling-l1-1-0.dll b/redline_2/x86/api-ms-win-core-errorhandling-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-errorhandling-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-errorhandling-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-file-l1-1-0.dll b/redline_2/x86/api-ms-win-core-file-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-file-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-file-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-file-l1-2-0.dll b/redline_2/x86/api-ms-win-core-file-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-file-l1-2-0.dll
rename to redline_2/x86/api-ms-win-core-file-l1-2-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-file-l2-1-0.dll b/redline_2/x86/api-ms-win-core-file-l2-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-file-l2-1-0.dll
rename to redline_2/x86/api-ms-win-core-file-l2-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-handle-l1-1-0.dll b/redline_2/x86/api-ms-win-core-handle-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-handle-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-handle-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-heap-l1-1-0.dll b/redline_2/x86/api-ms-win-core-heap-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-heap-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-heap-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-interlocked-l1-1-0.dll b/redline_2/x86/api-ms-win-core-interlocked-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-interlocked-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-interlocked-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-libraryloader-l1-1-0.dll b/redline_2/x86/api-ms-win-core-libraryloader-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-libraryloader-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-libraryloader-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-localization-l1-2-0.dll b/redline_2/x86/api-ms-win-core-localization-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-localization-l1-2-0.dll
rename to redline_2/x86/api-ms-win-core-localization-l1-2-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-memory-l1-1-0.dll b/redline_2/x86/api-ms-win-core-memory-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-memory-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-memory-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-namedpipe-l1-1-0.dll b/redline_2/x86/api-ms-win-core-namedpipe-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-namedpipe-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-namedpipe-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-processenvironment-l1-1-0.dll b/redline_2/x86/api-ms-win-core-processenvironment-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-processenvironment-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-processenvironment-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-processthreads-l1-1-0.dll b/redline_2/x86/api-ms-win-core-processthreads-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-processthreads-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-processthreads-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-processthreads-l1-1-1.dll b/redline_2/x86/api-ms-win-core-processthreads-l1-1-1.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-processthreads-l1-1-1.dll
rename to redline_2/x86/api-ms-win-core-processthreads-l1-1-1.dll
diff --git a/advance_Redline/x86/api-ms-win-core-profile-l1-1-0.dll b/redline_2/x86/api-ms-win-core-profile-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-profile-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-profile-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-rtlsupport-l1-1-0.dll b/redline_2/x86/api-ms-win-core-rtlsupport-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-rtlsupport-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-rtlsupport-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-string-l1-1-0.dll b/redline_2/x86/api-ms-win-core-string-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-string-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-string-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-synch-l1-1-0.dll b/redline_2/x86/api-ms-win-core-synch-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-synch-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-synch-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-synch-l1-2-0.dll b/redline_2/x86/api-ms-win-core-synch-l1-2-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-synch-l1-2-0.dll
rename to redline_2/x86/api-ms-win-core-synch-l1-2-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-sysinfo-l1-1-0.dll b/redline_2/x86/api-ms-win-core-sysinfo-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-sysinfo-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-sysinfo-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-timezone-l1-1-0.dll b/redline_2/x86/api-ms-win-core-timezone-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-timezone-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-timezone-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-core-util-l1-1-0.dll b/redline_2/x86/api-ms-win-core-util-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-core-util-l1-1-0.dll
rename to redline_2/x86/api-ms-win-core-util-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-conio-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-conio-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-conio-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-conio-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-convert-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-convert-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-convert-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-convert-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-environment-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-environment-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-environment-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-environment-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-filesystem-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-filesystem-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-filesystem-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-filesystem-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-heap-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-heap-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-heap-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-heap-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-locale-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-locale-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-locale-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-locale-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-math-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-math-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-math-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-math-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-multibyte-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-multibyte-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-multibyte-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-multibyte-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-private-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-private-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-private-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-private-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-process-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-process-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-process-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-process-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-runtime-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-runtime-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-runtime-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-runtime-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-stdio-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-stdio-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-stdio-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-stdio-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-string-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-string-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-string-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-string-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-time-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-time-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-time-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-time-l1-1-0.dll
diff --git a/advance_Redline/x86/api-ms-win-crt-utility-l1-1-0.dll b/redline_2/x86/api-ms-win-crt-utility-l1-1-0.dll
similarity index 100%
rename from advance_Redline/x86/api-ms-win-crt-utility-l1-1-0.dll
rename to redline_2/x86/api-ms-win-crt-utility-l1-1-0.dll
diff --git a/advance_Redline/x86/audits.dll b/redline_2/x86/audits.dll
similarity index 100%
rename from advance_Redline/x86/audits.dll
rename to redline_2/x86/audits.dll
diff --git a/advance_Redline/x86/concrt140.dll b/redline_2/x86/concrt140.dll
similarity index 100%
rename from advance_Redline/x86/concrt140.dll
rename to redline_2/x86/concrt140.dll
diff --git a/advance_Redline/x86/libcrypto-1_1.dll b/redline_2/x86/libcrypto-1_1.dll
similarity index 100%
rename from advance_Redline/x86/libcrypto-1_1.dll
rename to redline_2/x86/libcrypto-1_1.dll
diff --git a/advance_Redline/x86/libssl-1_1.dll b/redline_2/x86/libssl-1_1.dll
similarity index 100%
rename from advance_Redline/x86/libssl-1_1.dll
rename to redline_2/x86/libssl-1_1.dll
diff --git a/advance_Redline/x86/libuv.dll b/redline_2/x86/libuv.dll
similarity index 100%
rename from advance_Redline/x86/libuv.dll
rename to redline_2/x86/libuv.dll
diff --git a/advance_Redline/x86/msvcp140.dll b/redline_2/x86/msvcp140.dll
similarity index 100%
rename from advance_Redline/x86/msvcp140.dll
rename to redline_2/x86/msvcp140.dll
diff --git a/advance_Redline/x86/mxCore.dll b/redline_2/x86/mxCore.dll
similarity index 100%
rename from advance_Redline/x86/mxCore.dll
rename to redline_2/x86/mxCore.dll
diff --git a/advance_Redline/x86/ucrtbase.dll b/redline_2/x86/ucrtbase.dll
similarity index 100%
rename from advance_Redline/x86/ucrtbase.dll
rename to redline_2/x86/ucrtbase.dll
diff --git a/advance_Redline/x86/vcruntime140.dll b/redline_2/x86/vcruntime140.dll
similarity index 100%
rename from advance_Redline/x86/vcruntime140.dll
rename to redline_2/x86/vcruntime140.dll
diff --git a/advance_Redline/x86/xagt.exe b/redline_2/x86/xagt.exe
similarity index 100%
rename from advance_Redline/x86/xagt.exe
rename to redline_2/x86/xagt.exe
diff --git a/advance_Redline/x86/zlib1.dll b/redline_2/x86/zlib1.dll
similarity index 100%
rename from advance_Redline/x86/zlib1.dll
rename to redline_2/x86/zlib1.dll