1.    22 Aug 2016 #1
    Join Date : Aug 2016
    Canada
    Posts : 23
    Microsoft Windows 10 Home, 64 bit

    suspicious action was blocked


    My kaspersky total security 2016 just detected these(pls see attached file). There were about 82 of these yesterday August 21 but also I had that as many on August 6 and July 31 or maybe even before that. Under 'action' there are many types (perform code injection, duplicate internal process handle, read memory from other processes, and access memory of other processes). I also had this on August 21(pls see attached file) this one is under 'detected objects'. I do not know what it is that is only the second time kaspersky detected that.
    Attached Thumbnails Attached Thumbnails kaspersky.jpg   kaspersky 2.jpg   kaspersky 3.jpg  
      My ComputerSystem Spec
  2.    23 Aug 2016 #2
    Join Date : Oct 2014
    Posts : 338
    Win 10 Home Build 1703 64bit

    Kaspersky Lab Forum -> Kaspersky Internet Security Anti-Virus for Windows


    Since no replies here, you may want to post on the Kaspersky Forum.
      My ComputerSystem Spec
  3.    23 Aug 2016 #3
    Join Date : Aug 2016
    Canada
    Posts : 23
    Microsoft Windows 10 Home, 64 bit
    Thread Starter

    In kaspersky forum they only allow 300kb of attachment file. I have 3 400kb of attachments ----- that is the reason why I did not continue posting on the kaspersky forum.
      My ComputerSystem Spec
  4.    23 Aug 2016 #4
    Join Date : Apr 2015
    Posts : 12,582
    W10Prox64

    Hi.
    I would scan the identified web address at virustotal.com and see how many detections it finds. That site may be compromised and attacking you through your Chrome browser.

    Put a link to this thread in your Kaspersky thread so people can come here and see your screenshots.

    That's about all I can suggest.
      My ComputerSystem Spec
  5.    23 Aug 2016 #5
    Join Date : Oct 2014
    Posts : 338
    Win 10 Home Build 1703 64bit

    Quote Originally Posted by chito View Post
    In kaspersky forum they only allow 300kb of attachment file. I have 3 400kb of attachments ----- that is the reason why I did not continue posting on the kaspersky forum.

    I have not used Kasperksy for about 2 years. But before they had a scan .exe file you could run on your system and then post it to the forum. Is this still available ?

    Or it seems one of the Kaspersky mods or members could give you some info just based on the message. Surely, others may have seen a similar issue.

    If not available and no info can be obtained from Virustotal (as suggested by simrick), suggest a System Restore and then another scan. Sometimes, if you are infected System Restore will not function. In that case, a Reset may be required (can still save your files).

    Interesting case, please keep us updated.
      My ComputerSystem Spec
  6.    24 Aug 2016 #6
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 16,132
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    To check all the processes currently running with VirusTotal:

    D/L & run Sysinternals Process Explorer. This is a stand alone program, extract & click on the .exe to run it.

    Process Explorer

    When the program is running, go to Options/VirusTotal.com/Check VirusTotal.com & click. This will create another column, submit all the currently running processes to VirusTotal & show the results.

    Click image for larger version. 

Name:	Capture.PNG 
Views:	1 
Size:	14.3 KB 
ID:	97912

    Also, with this program you will be able to better examine the aspects of the processes in question.

    The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

    The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
      My ComputerSystem Spec
  7.    24 Aug 2016 #7
    Join Date : Aug 2016
    Canada
    Posts : 23
    Microsoft Windows 10 Home, 64 bit
    Thread Starter

    object detected/blocked


    I am not much worried about the 'detected object(file) cannot be disinfected' because I already asked geeksquad.com about that problem and they said that is fine. Kaspersky is blocking the virus and not getting into my computer. I just want to know what it is because I have had that 'detected object(file) cannot be disinfected' only twice since I bought this computer ----- I think it was from the videos I watched in youtube. I watched those videos on youtube on aug 7 then I had this 'object detected then blocked' (pls see attached file) on aug 9. Also, kaspersky kept detecting those five objects under detected objects (see attached file). Geeksquad agents said my computer is fine. I just want to know why kaspersky is detecting them once or twice about once in a week since aug 9.
    Attached Thumbnails Attached Thumbnails download blocked.jpg   kaspersky 3.jpg  
      My ComputerSystem Spec
  8.    24 Aug 2016 #8
    Join Date : Aug 2015
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)

    Hi:

    Geeksquad agents said my computer is fine.
    I'm not sure that would the definitive expert opinion about one's computer security. <just sayin'>

    I am a long-time KIS user and have never seen events like those in your screenshots. It's worrisome for some sort of infection.
    @simrick's suggestion about posting a link to this thread in your topic at KL forum is a good one.

    Another suggestion -- if folks here are stumped -- would be to open a help desk ticket with KL tech support. They will be able to collect logs, traces and other data to help get to the bottom of your issue.

    MM
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Solved suspicious Windows.old file
I have a custom built computer that has only had W10 on it. 2 weeks ago I couldn't get on the Internet and it took several techs to figure out why - it was some kind of malware that didn't show up in any scans, put "Killer" in the systray and...
General Support
Solved Suspicious Activity - Yahoo Mail
Received notice from Yahoo that one of my accts was noted to have suspicious activity. Per contact with Yahoo, this can be caused by sending multiple emails or the acct may have been hacked and someone is using the address to send emails. ...
Browsers and Email
Suspicious Tray icon!
Hello friends, I am new here. I need help regarding the tray icon on my PC. I am using windows 10. I have noticed the tray icon as shown in the image below. It looks like a lock. I cant do anything about it. I tried right click, middle and...
General Support
Solved Suspicious AppData Profile
I am wondering what this Chinese profile is, it looks suspicious to me. 23579
General Support
Solved Suspicious update
Anyone have any knowledge on this update? KB3016656? I see this in the "Installed Updates" but not in Windows update history. Googling comes up with several inaccessible links to a Chinese facebook page. I wonder if others have it, and...
Windows Updates and Activation
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 15:31.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums