Module: LogiBolt.exe, 64-bit Full path: C:\Program Files\Logi\LogiBolt\LogiBolt.exe PID: 18004 Parent PID: 11936 (Explorer.EXE) Priority: 8 Threads: 138 Owner: AGRYNCO-NB\agrynco (S-1-5-21-4255264900-3681165211-3101920415-1001) Session: 1 Started at: 04.12.2023 20:38:35 Uptime: 09:42:39.6280528 Command Line: "C:\Program Files\Logi\LogiBolt\LogiBolt.exe" --startup Current Directory: C:\Windows\system32\ Environment: =::=::\ ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\agrynco\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=AGRYNCO-NB ComSpec=C:\Windows\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData EFC_11936=1 FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\agrynco IGCCSVC_DB=AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOJ66MrrVw0+QBhqk5hoEKwQAAAACAAAAAAAQZgAAAAEAACAAAADnIlH5GScq5R1YwQo2Cdo8Ywd0ZnJUWgTOe7r4V5F63wAAAAAOgAAAAAIAACAAAAAlDR5jYnr48atTqrib8QkVE8gaMuCWSNJWtk+jRzAnqmAAAAALixtyTpkBnS9kEaVJMR5ea2pX1V5u/MVPU0mJfqqQjVqIIvyG3dc/oZ+f7BajWsnfH7FhM0r+7l9Y5zMMoZkm2KAtRIvw/7Ty5HukYLvfOe223gFueFWm34eioL7L3xRAAAAAJzbevzwd+31hEaN3Oa+gjRBOMxyfyX5U0mEeaqvaPv/Ds59UhBmINpbz6//2aDTGdkpe40Lp2WLhU71srp61hw== JetBrains Rider=C:\Program Files\JetBrains\JetBrains Rider 2023.2.3\bin; LOCALAPPDATA=C:\Users\agrynco\AppData\Local LOGONSERVER=\\AGRYNCO-NB NUMBER_OF_PROCESSORS=20 NVM_HOME=C:\Users\agrynco\AppData\Roaming\nvm NVM_SYMLINK=C:\Program Files\nodejs OneDrive=C:\Users\agrynco\OneDrive OneDriveConsumer=C:\Users\agrynco\OneDrive OS=Windows_NT Path=C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\dotnet\;C:\Program Files\LINQPad7;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Users\agrynco\AppData\Roaming\nvm;C:\Program Files\nodejs;C:\Program Files\WireGuard\;C:\Program Files (x86)\Microsoft SQL Server\160\DTS\Binn\;C:\Program Files\TortoiseGit\bin;C:\Program Files\Docker\Docker\resources\bin;C:\Program Files\PowerShell\7\;C:\Users\agrynco\AppData\Local\Microsoft\WindowsApps;C:\Users\agrynco\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\agrynco\.dotnet\tools;C:\Program Files\JetBrains\JetBrains Rider 2023.2.3\bin;;C:\Users\agrynco\AppData\Roaming\nvm;C:\Program Files\nodejs;C:\Program Files\Azure Data Studio\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC POWERSHELL_DISTRIBUTION_CHANNEL=MSI:Windows 10 Pro PROCESSOR_ARCHITECTURE=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 154 Stepping 3, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=9a03 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public SESSIONNAME=Console SONAR_TOKEN=sqp_4ba776407397ab3d628d0eea2a02bc040832cad0 SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\agrynco\AppData\Local\Temp TMP=C:\Users\agrynco\AppData\Local\Temp USERDOMAIN=AGRYNCO-NB USERDOMAIN_ROAMINGPROFILE=AGRYNCO-NB USERNAME=agrynco USERPROFILE=C:\Users\agrynco windir=C:\Windows ZES_ENABLE_SYSMAN=1 GDI Objects: 13 USER Objects: 43 Processor Time: 00:00:01.1093750 0% Privileged Time: 00:00:00.7187500 0% User Time: 00:00:00.3906250 0% Handle Count: 820 Page File Bytes: 25387008 Page File Bytes Peak: 55037952 Working Set: 56647680 Working Set Peak: 69484544 Pool Nonpaged Bytes: 50456 Pool Paged Bytes: 555656 Private Bytes: 25387008 Page Faults: 25883 0/sec Virtual Bytes: 4784615424 Virtual Bytes Peak: 5044215808 IO Data Bytes: 263443 0/sec IO Read Bytes: 248186 0/sec IO Write Bytes: 15257 0/sec IO Other Bytes: 1018248 0/sec IO Data Operations: 3279 0/sec IO Read Operations: 3218 0/sec IO Write Operations: 61 0/sec IO Other Operations: 21037 0/sec Window title: 楷摮睯慟㙦㌶戴ⴴ㐹㕤㐭ㄲⵡ㘹捥㈭昶㙤慤戶㘸f HWND: 0x406de Window style: 84000000 WS_POPUP WS_CLIPSIBLINGS Extended style: 00080088 WS_EX_TOPMOST WS_EX_TOOLWINDOW WS_EX_LAYERED Modules: Base Size Path (version info is not displayed) 00007FF757040000 1575000 C:\Program Files\Logi\LogiBolt\LogiBolt.exe 00007FF87BE10000 217000 C:\Windows\SYSTEM32\ntdll.dll 00007FF87AD80000 C4000 C:\Windows\System32\KERNEL32.DLL 00007FF879480000 3A5000 C:\Windows\System32\KERNELBASE.dll 00007FF879B60000 71000 C:\Windows\System32\WS2_32.dll 00007FF87AF00000 117000 C:\Windows\System32\RPCRT4.dll 00007FF879310000 166000 C:\Windows\System32\CRYPT32.dll 00007FF879950000 111000 C:\Windows\System32\ucrtbase.dll 00007FF87A980000 B1000 C:\Windows\System32\ADVAPI32.dll 00007FF87ACA0000 A7000 C:\Windows\System32\msvcrt.dll 00007FF87ABD0000 A6000 C:\Windows\System32\sechost.dll 00007FF87BA00000 1AE000 C:\Windows\System32\USER32.dll 00007FF878AE0000 2D000 C:\Windows\SYSTEM32\ncrypt.dll 00007FF879240000 26000 C:\Windows\System32\win32u.dll 00007FF87AD50000 29000 C:\Windows\System32\GDI32.dll 00007FF879830000 119000 C:\Windows\System32\gdi32full.dll 00007FF879270000 9A000 C:\Windows\System32\msvcp_win.dll 00007FF87B070000 474000 C:\Windows\System32\SETUPAPI.dll 00007FF879AF0000 6C000 C:\Windows\System32\WINTRUST.dll 00007FF801AA0000 5C6000 C:\Program Files\Logi\LogiBolt\Qt5Core.dll 00007FF876660000 233000 C:\Windows\SYSTEM32\dbghelp.dll 00007FF879BE0000 859000 C:\Windows\System32\SHELL32.dll 00007FF87A5E0000 389000 C:\Windows\System32\combase.dll 00007FF8013E0000 6BB000 C:\Program Files\Logi\LogiBolt\Qt5Gui.dll 00007FF87A440000 1A0000 C:\Windows\System32\ole32.dll 00007FF87B500000 D7000 C:\Windows\System32\OLEAUT32.dll 00007FF86CBB0000 A000 C:\Windows\SYSTEM32\VERSION.dll 00007FF872820000 137000 C:\Windows\SYSTEM32\WINHTTP.dll 00007FF877C30000 2D000 C:\Windows\SYSTEM32\IPHLPAPI.DLL 00007FF8786A0000 69000 C:\Windows\SYSTEM32\MSWSOCK.dll 00007FF804D50000 91000 C:\Program Files\Logi\LogiBolt\MSVCP140.dll 00007FF864340000 293000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_270c5ae97388e100\COMCTL32.dll 00007FF800E90000 541000 C:\Program Files\Logi\LogiBolt\Qt5Widgets.dll 00007FF8707C0000 4D000 C:\Program Files\Logi\LogiBolt\CONCRT140.dll 00007FF85D4D0000 19000 C:\Program Files\Logi\LogiBolt\VCRUNTIME140.dll 00007FF85D4C0000 C000 C:\Program Files\Logi\LogiBolt\VCRUNTIME140_1.dll 00007FF878740000 2C000 C:\Windows\SYSTEM32\USERENV.dll 00007FF86D1B0000 1E000 C:\Windows\SYSTEM32\MPR.dll 00007FF870780000 34000 C:\Windows\SYSTEM32\WINMM.dll 00007FF85B0D0000 19000 C:\Windows\SYSTEM32\NETAPI32.dll 00007FF85D480000 9000 C:\Program Files\Logi\LogiBolt\MSVCP140_1.dll 00007FF8763B0000 F8000 C:\Windows\SYSTEM32\dxgi.dll 00007FF875480000 257000 C:\Windows\SYSTEM32\d3d11.dll 00007FF876210000 AB000 C:\Windows\SYSTEM32\UxTheme.dll 00007FF8764C0000 2B000 C:\Windows\SYSTEM32\dwmapi.dll 00007FF877C20000 C000 C:\Windows\SYSTEM32\NETUTILS.DLL 00007FF878B10000 28000 C:\Windows\SYSTEM32\BCRYPT.DLL 00007FF86D0F0000 28000 C:\Windows\SYSTEM32\SRVCLI.DLL 00007FF8789D0000 C000 C:\Windows\SYSTEM32\CRYPTBASE.DLL 00007FF87BBB0000 31000 C:\Windows\System32\IMM32.DLL 00007FF878AA0000 37000 C:\Windows\SYSTEM32\NTASN1.dll 00007FF878E20000 12000 C:\Windows\SYSTEM32\MSASN1.dll 00007FF856620000 17000 C:\Windows\system32\napinsp.dll 00007FF856600000 1B000 C:\Windows\system32\pnrpnsp.dll 00007FF877CA0000 F9000 C:\Windows\SYSTEM32\DNSAPI.dll 00007FF87B660000 9000 C:\Windows\System32\NSI.dll 00007FF856380000 11000 C:\Windows\System32\winrnr.dll 00007FF870B00000 15000 C:\Windows\system32\wshbth.dll 00007FF856350000 21000 C:\Windows\system32\nlansp_c.dll 00007FF878490000 42000 C:\Windows\SYSTEM32\SspiCli.dll 00007FF87AAD0000 F3000 C:\Windows\System32\shcore.dll 00007FF8789F0000 1B000 C:\Windows\SYSTEM32\CRYPTSP.dll 00007FF8781B0000 35000 C:\Windows\system32\rsaenh.dll 00007FF879A70000 7A000 C:\Windows\System32\bcryptPrimitives.dll 00007FF877060000 8F4000 C:\Windows\SYSTEM32\windows.storage.dll 00007FF876F20000 13E000 C:\Windows\SYSTEM32\wintypes.dll 00007FF87B8A0000 5E000 C:\Windows\System32\shlwapi.dll 00007FF878190000 18000 C:\Windows\SYSTEM32\kernel.appcore.dll 00007FF87BC80000 14F000 C:\Windows\System32\MSCTF.dll 00007FF878E90000 A000 C:\Windows\SYSTEM32\DPAPI.dll 00007FF866BE0000 6A000 C:\Windows\system32\ncryptprov.dll 00007FF8790B0000 26000 C:\Windows\SYSTEM32\profapi.dll 00007FF800D20000 16D000 C:\Program Files\Logi\LogiBolt\platforms\qwindows.dll 00007FF877FE0000 14000 C:\Windows\SYSTEM32\WTSAPI32.dll 00007FF877F90000 4D000 C:\Windows\SYSTEM32\powrprof.dll 00007FF877F70000 13000 C:\Windows\SYSTEM32\UMPDC.dll 00007FF843540000 26000 C:\Program Files\Logi\LogiBolt\styles\qwindowsvistastyle.dll 00007FF871F40000 19000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL 00007FF871F20000 1F000 C:\Windows\SYSTEM32\dhcpcsvc.DLL 00007FF8764F0000 D000 C:\Windows\SYSTEM32\WINNSI.DLL 00007FF878000000 C000 C:\Windows\SYSTEM32\secur32.dll 00007FF8718A0000 A000 C:\Windows\System32\rasadhlp.dll 00007FF875200000 273000 C:\Windows\system32\dwrite.dll 00007FF847CD0000 D000 C:\Program Files\Logi\LogiBolt\imageformats\qgif.dll 00007FF847CC0000 F000 C:\Program Files\Logi\LogiBolt\imageformats\qicns.dll 00007FF843530000 D000 C:\Program Files\Logi\LogiBolt\imageformats\qico.dll 00007FF800CB0000 6B000 C:\Program Files\Logi\LogiBolt\imageformats\qjpeg.dll 00007FF843520000 C000 C:\Program Files\Logi\LogiBolt\imageformats\qsvg.dll 00007FF800C50000 54000 C:\Program Files\Logi\LogiBolt\Qt5Svg.dll 00007FF843510000 C000 C:\Program Files\Logi\LogiBolt\imageformats\qtga.dll 00007FF800BE0000 63000 C:\Program Files\Logi\LogiBolt\imageformats\qtiff.dll 00007FF843500000 B000 C:\Program Files\Logi\LogiBolt\imageformats\qwbmp.dll 00007FF800B50000 83000 C:\Program Files\Logi\LogiBolt\imageformats\qwebp.dll 00007FF870B70000 83000 C:\Windows\System32\fwpuclnt.dll 00007FF878080000 AD000 C:\Windows\system32\schannel.DLL 00007FF8563A0000 27000 C:\Windows\system32\ncryptsslp.dll 00007FF878EA0000 4E000 C:\Windows\SYSTEM32\cfgmgr32.dll 00007FF878E40000 2C000 C:\Windows\SYSTEM32\DEVOBJ.dll 00007FF844930000 1A9000 C:\Windows\system32\d3d9.dll 00007FF876530000 36000 C:\Windows\SYSTEM32\dxcore.dll 00007FF8736C0000 4A000 C:\Windows\SYSTEM32\directxdatabasehelper.dll 00007FF86D420000 14A000 C:\Windows\SYSTEM32\textinputframework.dll 00007FF875E60000 133000 C:\Windows\SYSTEM32\CoreMessaging.dll 00007FF86F5C0000 36C000 C:\Windows\SYSTEM32\CoreUIComponents.dll 00007FF864220000 69000 C:\Windows\system32\Oleacc.dll 00007FF844AE0000 445000 C:\Windows\system32\UIAutomationCore.dll 00007FF87AE50000 B0000 C:\Windows\System32\clbcatq.dll 00007FF878FF0000 A3000 C:\Windows\SYSTEM32\sxs.dll 00007FF877960000 E000 C:\Windows\SYSTEM32\hid.dll 00007FF8738A0000 37000 C:\Windows\SYSTEM32\BluetoothApis.dll 00007FF83F9D0000 44000 C:\Windows\SYSTEM32\bthprops.cpl 00007FF874260000 101000 C:\Windows\SYSTEM32\PROPSYS.dll 00007FF876140000 97000 C:\Windows\SYSTEM32\apphelp.dll 00007FF8579A0000 28000 C:\Windows\SYSTEM32\edputil.dll 00007FF859480000 1F0000 C:\Windows\SYSTEM32\urlmon.dll 00007FF863E40000 2BC000 C:\Windows\SYSTEM32\iertutil.dll 00007FF86D0B0000 15000 C:\Windows\SYSTEM32\virtdisk.dll 00007FF878920000 4B000 C:\Windows\SYSTEM32\Wldp.dll