Created
January 9, 2025 09:32
-
-
Save Ansen/bb1a87e6fee80d11472eb79a565b6155 to your computer and use it in GitHub Desktop.
Huorong Security Log about BingWallpaperApp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 【1】2025-01-09 17:17:10,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Default\History | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【2】2025-01-09 17:16:57,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【3】2025-01-09 17:16:57,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【4】2025-01-09 17:16:57,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\History | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【5】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【6】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【7】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【8】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【9】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【10】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【11】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【12】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【13】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【14】2025-01-09 17:16:55,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-火狐浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\gpyupl6h.default\places.sqlite | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【15】2025-01-09 17:16:53,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【16】2025-01-09 17:16:48,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:2784 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:24824 | |
| 父进程:C:\Windows\SysWOW64\rundll32.exe | |
| 父进程命令行:rundll32.exe "C:\Windows\Installer\MSI78AF.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_92306375 19 CustomActions!CustomActions.CustomActions.StartApp | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【17】2025-01-09 17:15:22,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-谷歌浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:13616 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:8556 | |
| 父进程:C:\Windows\explorer.exe | |
| 父进程命令行:C:\Windows\Explorer.EXE | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【18】2025-01-09 17:15:22,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:13616 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:8556 | |
| 父进程:C:\Windows\explorer.exe | |
| 父进程命令行:C:\Windows\Explorer.EXE | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| 【19】2025-01-09 17:15:22,系统防护,自定义防护,BingWallpaperApp.exe触犯自定义防护规则, 已阻止 | |
| 触犯规则:隐私-edge浏览器[防被读取] | |
| 操作类型:【读取】 | |
| 操作文件:C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Local State | |
| 操作结果:已阻止 | |
| 进程ID:13616 | |
| 操作进程:C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe | |
| 操作进程命令行:"C:\Users\xxxx\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe" | |
| 父进程ID:8556 | |
| 父进程:C:\Windows\explorer.exe | |
| 父进程命令行:C:\Windows\Explorer.EXE | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment