Advice Request Is Kaspersky Causing System Crash

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Your connection home network should set as Trusted in KIS/KTS and not public... apart from that, as I said I have OS Armor (default settings) + KTS2019a and no issues... execpt some from OSA using services.msc and other that I added exclusions...
 

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
Your connection home network should set as Trusted in KIS/KTS and not public... apart from that, as I said I have OS Armor (default settings) + KTS2019a and no issues... execpt some from OSA using services.msc and other that I added exclusions...

I've been using home network set as public from the KIS 2014 ver. Never happens any prob, I'm still using it as public. Crash only happens when I set KIS to notify on conn to net,new mac addr & change in mapping bet mac and IP. KIS used to work well with these notification enabled, but now it's causing some problems.

BTW, which one do you think better, security wise - Trusted or public?
 
  • Like
Reactions: harlan4096
F

ForgottenSeer 58943

Networks in firewalls should always be set to 'Public' except under a few conditions. Public setting initiates a more paranoid stance from firewalls compared to trusted/private.

This doesn't apply in enterprise environments where such a setting can cause applications, DC, Radius and other failures. But in 99% of home environments, public setting would be without issue.
 

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
Public setting initiates a more paranoid stance from firewalls compared to trusted/private

You bet. My intranet is full of hackers. I've asked my ISP to take some actions against them & even I've provided them those IP. but, my ISP refused to take any action as they are also paying d same amount as of mine.
MAC spoofing is old school but still some of them are trying that on me. So,you may get how desperate they are to access my connection.
 
  • Like
Reactions: harlan4096
F

ForgottenSeer 58943

You bet. My intranet is full of hackers. I've asked my ISP to take some actions against them & even I've provided them those IP. but, my ISP refused to take any action as they are also paying d same amount as of mine.
MAC spoofing is old school but still some of them are trying that on me. So,you may get how desperate they are to access my connection.

Do you have a shared connection or something? If so, then yes, you are at great risk. Not only MAC spoofing but ARP spoofing, Pineapples, Evil Twins and other crap. If you can't gain control of the physical device then you are pretty much reliant on your software protection obviously. Depending on your setup, you may want to try a Fingbox on your network to give you some granular control and RogueAP/Spoofing protection. Ultimately though, if it's all out of your control then I would go with a full-time VPN for most every device you can put a VPN on and take a paranoid stance on your software firewall and WiFi settings.

Just some tips.
 

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
Do you have a shared connection or something? If so, then yes, you are at great risk. Not only MAC spoofing but ARP spoofing, Pineapples, Evil Twins and other crap. If you can't gain control of the physical device then you are pretty much reliant on your software protection obviously. Depending on your setup, you may want to try a Fingbox on your network to give you some granular control and RogueAP/Spoofing protection. Ultimately though, if it's all out of your control then I would go with a full-time VPN for most every device you can put a VPN on and take a paranoid stance on your software firewall and WiFi settings.

Just some tips.

I've noticed lots of ARP cache poisoning for sure. Yea, VPN has some upper-hand against evil twin & some other MITM attack. I do pentest every now & then, it's not that easy for them to social engineer me. Our login page is currently showing ads as my ISP is greedy bastard & the login page is unencrypted, I've some serious concerns about it.

Anyway thanks for your suggestions.
 
F

ForgottenSeer 58943

I've noticed lots of ARP cache poisoning for sure. Yea, VPN has some upper-hand against evil twin & some other MITM attack. I do pentest every now & then, it's not that easy for them to social engineer me. Our login page is currently showing ads as my ISP is greedy bastard & the login page is unencrypted, I've some serious concerns about it.

Anyway thanks for your suggestions.

Sounds like a strange setup. Watch for those captive portals (login page as you said), often they can be used to install a locally generated RCA which can be super bad news. Your ISP may be doing a Paxfire like redirect on NXDs and other things too if they are really sleazy. If you are in the USA you'll have additional things to contend with like ATT's Groundbreaker and local Quantum IS servers to manipulate packets. It's all pretty much crap right now.

We've been working on a highly encrypted mesh network system to bypass groundbreaker and other things. A few firms are also working on various things relating to this. I think the general thought is, we're losing the internet and need something better with security as the primary focus. goTenna type of stuff but less off the shelf, even though MURS based encrypted goTenna is exciting for consumers.

Anyway back on topic.. Kaspersky firewall should serve you well.
 
Last edited by a moderator:

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
If you are in the USA

Nope,I ain't from USA.

Your ISP may be doing a Paxfire like redirect on NXDs

Whether that is true or not regarding my ISP, I can't ensure.

ATT's Groundbreaker and local Quantum IS servers to manipulate packets.

If packets manipulation will be a daily drama for me, I will leave internet for ever. Man, that's some scary shits. Sorry for the wording, but I'm really scared about that kinda environment. & there are many story about how to mitigate TCP state manipulation, but neither of those can satisfy my hacking mind. Encryption provides protection for sure, but if somehow they got a way to leverage the tunnel,then encryption is just on paper. Man, I don't know that 'land of free' imposes this kinda hurdles.

we're losing the internet and need something better with security as the primary focus

Future of internet is becoming gloomy day by day. First they say we don't need privacy all we need is security, now security is going away.

btw,as far as I know mesh networking is for wireless lan. isn't it? If yes, is there anything equivalent for ethernet?
 
  • Like
Reactions: Weebarra

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
it crashed again,but it was minor not a bsod & that also during update. but after reboot something happens, it enables some notifications on its own which I've disabled. those notifications are 2018-06-10_13-45-52.png. It seems kaspersky ain't liking it. Since then no crash occurs.
 
  • Like
Reactions: harlan4096

MeltdownEnemy

Level 7
Verified
Well-known
Jan 25, 2018
300
HAHAHA or it is a bad MS development or the failures are caused on purpose by Os developers updates so that you can't use any personal protection of third parties, I think the best thing is not to update anything for several months, W10 has many customers very angry.
 
  • Like
Reactions: oldschool

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
3 consecutive crashes have happened just now. This time only workaround happens to be restoring default settings. Man,I'm having some time with this version. Somewhere,I read kaspersky was thinking about changing their logo in the past also. But they didn't do. I don't know whether that was related to stability or not. I'm jst exhausted now.
 
  • Like
Reactions: MeltdownEnemy

MeltdownEnemy

Level 7
Verified
Well-known
Jan 25, 2018
300
3 consecutive crashes have happened just now. This time only workaround happens to be restoring default settings. Man,I'm having some time with this version. Somewhere,I read kaspersky was thinking about changing their logo in the past also. But they didn't do. I don't know whether that was related to stability or not. I'm jst exhausted now.

you know what I think about this? microsoft is in something more fat, I think they are experimenting with people to evolve their system with their artificial intelligence program through excessive telemetry that we can not see, the tests on our pc's do not stop in conjunction with the BSOD crashes and slowdowns, even if you have a custom configuration using HKLM .REG to prevent telemetry tasks, later when the system is updated the windows and its bypass are returned to be allowed through any firewall product and all the registries return to as it had been before personalization. They are forcing their arbitrariness in the swollen cumulative package so that their ·"AI"· takes control of the our system remotely, greetings congratulations soon our pc will generate an automated HELLRAISER that will predict our movements.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
KFA 2019 doesn't cause this problem on my main system. & in several Virtual machines I've KFA 2018 installed & many of them are behaving awkwardly. High disk usage during update & after reboot, occasional system freeze,etc...

Let me tell you something, after this problem first occurred in KIS 2019, I saw an interesting thing. After every reboot, KIS' web antivirus component,IM antivirus component & Mail antivirus component started greyed out. Then after sometimes it turns green. But now, that ain't happening. but problem is that kaspersky is not causing the problem all the time, so it's very hard to pinpoint d culprit for me.

I thought someone on MT might also be facing d same problem & might have already identified d troublemaker. But it seems, this problem is exclusive to me. Thanks anyway for your time.
I've KFA 2019 installed & many of them are behaving awkwardly. High disk usage during update & after reboot, occasional system freeze,etc... same problem with you. I uninstalled KFA 2019 and installed avast free. Now all is perfect
 
Last edited:

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
I've KFA 2019 installed & many of them are behaving awkwardly. High disk usage during update & after reboot, occasional system freeze,etc... same problem with you. I uninstalled KFA 2019 and installed avast free. Now all is perfect

I knew it... It can't be just me. Today KIS crashed during scan & just kaspersky crashed not the system. I then re-installed KIS, it's now behaving properly. I think the problem is somehow related to the KFA 2019 system settings blockade. There were several instances in the early phase when I noticed KIS started with some components greyed out & then it turned green. & one of those components was web-anti virus. They have messed with something very critical & till now I haven't found any workaround.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
I knew it... It can't be just me. Today KIS crashed during scan & just kaspersky crashed not the system. I then re-installed KIS, it's now behaving properly. I think the problem is somehow related to the KFA 2019 system settings blockade. There were several instances in the early phase when I noticed KIS started with some components greyed out & then it turned green. & one of those components was web-anti virus. They have messed with something very critical & till now I haven't found any workaround.
I always use free software, because i like lightware solutions. I am really disappointment from KFA 2019. Many many problems and usually after update.And is not lite. Use and many ram not always, and many cpu. Now with avast and shade sandbox i am happy. Lite and my pc works perfect
 

yitworths

Level 10
Thread author
Verified
Well-known
May 31, 2015
472
May be, KIS 2019 has several bugs. At least two for sure.

1. Kaspersky starts with greyed out web antivirus,IM antivirus & Mail antivirus components. (If not try, settings>general>securitylevel>Maximum security level & then reboot)

k2018-06-13_03-21-25.pngk2018-06-13_03-21-35.png


2. If you enable cerain notifications i.e. avpui_2018-06-13_03-48-00.png under network properties, then KIS stops displaying network adapters after a reboot.avpui_2018-06-12_18-34-50.png


I've checked several times in my windows 8.1 pro x64, got the same results. I checked in a vmware guest os windows 10 pro (1803) x64, again same results.
Need some feedbacks.
 
Last edited:

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
@yitworths:

1.- I'm not getting this issues in my K2019 systems...

2.- This one I can confirm it :)

I hope patch B coming soon... anyway it's so strange :unsure: because getting 2nd issue not so long ago, so probably after a W10 update...
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top