Windows 10: suspicious action was blocked
suspicious action was blocked
My kaspersky total security 2016 just detected these(pls see attached file). There were about 82 of these yesterday August 21 but also I had that as many on August 6 and July 31 or maybe even before that. Under 'action' there are many types (perform code injection, duplicate internal process handle, read memory from other processes, and access memory of other processes). I also had this on August 21(pls see attached file) this one is under 'detected objects'. I do not know what it is that is only the second time kaspersky detected that.
In kaspersky forum they only allow 300kb of attachment file. I have 3 400kb of attachments ----- that is the reason why I did not continue posting on the kaspersky forum.
I would scan the identified web address at virustotal.com and see how many detections it finds. That site may be compromised and attacking you through your Chrome browser.
Put a link to this thread in your Kaspersky thread so people can come here and see your screenshots.
That's about all I can suggest.
I have not used Kasperksy for about 2 years. But before they had a scan .exe file you could run on your system and then post it to the forum. Is this still available ?
Or it seems one of the Kaspersky mods or members could give you some info just based on the message. Surely, others may have seen a similar issue.
If not available and no info can be obtained from Virustotal (as suggested by simrick), suggest a System Restore and then another scan. Sometimes, if you are infected System Restore will not function. In that case, a Reset may be required (can still save your files).
Interesting case, please keep us updated.
ADHD Senior Member
To check all the processes currently running with VirusTotal:
D/L & run Sysinternals Process Explorer. This is a stand alone program, extract & click on the .exe to run it.
When the program is running, go to Options/VirusTotal.com/Check VirusTotal.com & click. This will create another column, submit all the currently running processes to VirusTotal & show the results.
Also, with this program you will be able to better examine the aspects of the processes in question.
The Process Explorer
display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer
is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer
is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer
also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer
make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
I am not much worried about the 'detected object(file) cannot be disinfected' because I already asked geeksquad.com about that problem and they said that is fine. Kaspersky is blocking the virus and not getting into my computer. I just want to know what it is because I have had that 'detected object(file) cannot be disinfected' only twice since I bought this computer ----- I think it was from the videos I watched in youtube. I watched those videos on youtube on aug 7 then I had this 'object detected then blocked' (pls see attached file) on aug 9. Also, kaspersky kept detecting those five objects under detected objects (see attached file). Geeksquad agents said my computer is fine. I just want to know why kaspersky is detecting them once or twice about once in a week since aug 9.
I'm not sure that would the definitive expert opinion about one's computer security. <just sayin'>
Geeksquad agents said my computer is fine.
I am a long-time KIS user and have never seen events like those in your screenshots. It's worrisome for some sort of infection.
@simrick's suggestion about posting a link to this thread in your topic at KL forum is a good one.
Another suggestion -- if folks here are stumped -- would be to open a help desk ticket with KL tech support. They will be able to collect logs, traces and other data to help get to the bottom of your issue.
I have a custom built computer that has only had W10 on it. 2 weeks ago I couldn't get on the Internet and it took several techs to figure out why - it was some kind of malware that didn't show up in any scans, put "Killer" in the systray and...
Received notice from Yahoo that one of my accts was noted to have suspicious activity.
Per contact with Yahoo, this can be caused by sending multiple emails or the acct may have been hacked and someone is using the address to send emails.
I am new here.
I need help regarding the tray icon on my PC.
I am using windows 10. I have noticed the tray icon as shown in the image below. It looks like a lock. I cant do anything about it. I tried right click, middle and...
I am wondering what this Chinese profile is, it looks suspicious to me.
Anyone have any knowledge on this update?
I see this in the "Installed Updates" but not in Windows update history.
Googling comes up with several inaccessible links to a Chinese facebook page.
I wonder if others have it, and...