Windows 10: suspicious action was blocked


  1. Posts : 23
    Microsoft Windows 10 Home, 64 bit
       22 Aug 2016 #1

    suspicious action was blocked


    My kaspersky total security 2016 just detected these(pls see attached file). There were about 82 of these yesterday August 21 but also I had that as many on August 6 and July 31 or maybe even before that. Under 'action' there are many types (perform code injection, duplicate internal process handle, read memory from other processes, and access memory of other processes). I also had this on August 21(pls see attached file) this one is under 'detected objects'. I do not know what it is that is only the second time kaspersky detected that.
    Attached Thumbnails Attached Thumbnails kaspersky.jpg   kaspersky 2.jpg   kaspersky 3.jpg  
      My ComputerSystem Spec


  2. Posts : 295
    Win 10 Home Build 1703 64bit
       23 Aug 2016 #2

    Kaspersky Lab Forum -> Kaspersky Internet Security Anti-Virus for Windows


    Since no replies here, you may want to post on the Kaspersky Forum.
      My ComputerSystem Spec


  3. Posts : 23
    Microsoft Windows 10 Home, 64 bit
    Thread Starter
       23 Aug 2016 #3

    In kaspersky forum they only allow 300kb of attachment file. I have 3 400kb of attachments ----- that is the reason why I did not continue posting on the kaspersky forum.
      My ComputerSystem Spec


  4. Posts : 11,966
    W10Prox64
       23 Aug 2016 #4

    Hi.
    I would scan the identified web address at virustotal.com and see how many detections it finds. That site may be compromised and attacking you through your Chrome browser.

    Put a link to this thread in your Kaspersky thread so people can come here and see your screenshots.

    That's about all I can suggest.
      My ComputerSystem Spec


  5. Posts : 295
    Win 10 Home Build 1703 64bit
       23 Aug 2016 #5

    chito said: View Post
    In kaspersky forum they only allow 300kb of attachment file. I have 3 400kb of attachments ----- that is the reason why I did not continue posting on the kaspersky forum.

    I have not used Kasperksy for about 2 years. But before they had a scan .exe file you could run on your system and then post it to the forum. Is this still available ?

    Or it seems one of the Kaspersky mods or members could give you some info just based on the message. Surely, others may have seen a similar issue.

    If not available and no info can be obtained from Virustotal (as suggested by simrick), suggest a System Restore and then another scan. Sometimes, if you are infected System Restore will not function. In that case, a Reset may be required (can still save your files).

    Interesting case, please keep us updated.
      My ComputerSystem Spec


  6. Posts : 14,578
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       24 Aug 2016 #6

    To check all the processes currently running with VirusTotal:

    D/L & run Sysinternals Process Explorer. This is a stand alone program, extract & click on the .exe to run it.

    Process Explorer

    When the program is running, go to Options/VirusTotal.com/Check VirusTotal.com & click. This will create another column, submit all the currently running processes to VirusTotal & show the results.

    Click image for larger version. 

Name:	Capture.PNG 
Views:	1 
Size:	14.3 KB 
ID:	97912

    Also, with this program you will be able to better examine the aspects of the processes in question.

    The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

    The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
      My ComputerSystem Spec


  7. Posts : 23
    Microsoft Windows 10 Home, 64 bit
    Thread Starter
       24 Aug 2016 #7

    object detected/blocked


    I am not much worried about the 'detected object(file) cannot be disinfected' because I already asked geeksquad.com about that problem and they said that is fine. Kaspersky is blocking the virus and not getting into my computer. I just want to know what it is because I have had that 'detected object(file) cannot be disinfected' only twice since I bought this computer ----- I think it was from the videos I watched in youtube. I watched those videos on youtube on aug 7 then I had this 'object detected then blocked' (pls see attached file) on aug 9. Also, kaspersky kept detecting those five objects under detected objects (see attached file). Geeksquad agents said my computer is fine. I just want to know why kaspersky is detecting them once or twice about once in a week since aug 9.
    Attached Thumbnails Attached Thumbnails download blocked.jpg   kaspersky 3.jpg  
      My ComputerSystem Spec


  8. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       24 Aug 2016 #8

    Hi:

    Geeksquad agents said my computer is fine.
    I'm not sure that would the definitive expert opinion about one's computer security. <just sayin'>

    I am a long-time KIS user and have never seen events like those in your screenshots. It's worrisome for some sort of infection.
    @simrick's suggestion about posting a link to this thread in your topic at KL forum is a good one.

    Another suggestion -- if folks here are stumped -- would be to open a help desk ticket with KL tech support. They will be able to collect logs, traces and other data to help get to the bottom of your issue.

    MM
      My ComputerSystem Spec


 

Related Threads
Solved suspicious Windows.old file in General Support
I have a custom built computer that has only had W10 on it. 2 weeks ago I couldn't get on the Internet and it took several techs to figure out why - it was some kind of malware that didn't show up in any scans, put "Killer" in the systray and...
Solved Suspicious Activity - Yahoo Mail in Browsers and Email
Received notice from Yahoo that one of my accts was noted to have suspicious activity. Per contact with Yahoo, this can be caused by sending multiple emails or the acct may have been hacked and someone is using the address to send emails. ...
Suspicious Tray icon! in General Support
Hello friends, I am new here. I need help regarding the tray icon on my PC. I am using windows 10. I have noticed the tray icon as shown in the image below. It looks like a lock. I cant do anything about it. I tried right click, middle and...
Solved Suspicious AppData Profile in General Support
I am wondering what this Chinese profile is, it looks suspicious to me. 23579
Solved Suspicious update in Windows Updates and Activation
Anyone have any knowledge on this update? KB3016656? I see this in the "Installed Updates" but not in Windows update history. Googling comes up with several inaccessible links to a Chinese facebook page. I wonder if others have it, and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:49.
Find Us