Suspicious activity has been blocked: Read memory of other process.
But they are Windows process: WMI Host and Gaming Services.
Best answer by Flood and Flood's wife
- Was a "Protected" browser, & or SafeMoney browser active at the time the events were logged?
Kaspersky application logs "Suspicious action was blocked" events, for normal system processes when SafeMoney/Protected browser is active.
According to the Kaspersky Lab Technical Experts, this "known" issue, is not an issue, it is "by design"...
(imo), this specific event should be documented, many folks have been concerned upon finding it in the Kaspersky application reports (see my attached report)
15.09.2019 11.21.36 Suspicious action was blocked WMI Provider Host Action: Read memory from other processes Application: WMI Provider Host Application path: C:\Windows\System32\wbem\WmiPrvSE.exe Time: 15/09/2019 11:21 AM
- To check/test, clear Kaspersky application reports, open a Protected/SafeMoney browser, recheck reports.