Kaspersky
Solved

Kaspersky is Port Scan Sweeping my pfsense firewall this comes from the WAN side [Closed]


Hi,

I have had to wipe my Entire HOME network a number of times I am an Individual, I am NOT a business.

I am close to losing my Family Pictures and home videos 50+ years

Hidden FAT32 partitions are appearing on all my connected hardware.

So I chose kaspersky because of it’s reputation to protect my Home network.

I did a Fresh Install Windows yesterday.

When I try to run a Full kaspersky Scan my PC reboots with no warning last time at 1% of scan.

I have reinstalled kaspersky, I even tried RFKill and HitManPro.

MalwareBytes refuses to turn on Malware protection.

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Please Explain

If you have any questions you know how to get a hold of me and where I live as I paid via my Bank.

Thank you

LP

icon

Best answer by Flood and Flood's wife 31 March 2020, 00:57

Hello @LinuxPusher,

Welcome back!

  • Is MalwareBytes installed?
  1. If so please note: check applications incompatible with Kaspersky Internet Security, uninstall MB, reboot, recheck all issues? 
  2. If there’s no Malwarebytes, please run a GSI & Windows Logs, attach to your reply? 

Please post back?

Thank you

Flood

Note: The Kaspersky Community has no access to your personal records or any information such as your address. 

View original

This topic has been closed for comments

14 replies

Userlevel 7
Badge +9

Hello @LinuxPusher,

Welcome back!

  • Is MalwareBytes installed?
  1. If so please note: check applications incompatible with Kaspersky Internet Security, uninstall MB, reboot, recheck all issues? 
  2. If there’s no Malwarebytes, please run a GSI & Windows Logs, attach to your reply? 

Please post back?

Thank you

Flood

Note: The Kaspersky Community has no access to your personal records or any information such as your address. 

Userlevel 7
Badge +8

Also, if using MalWareBytes Premium + Kaspersky, You should disable ransomware protection in MWBytes… and/or even create exclusions for their services in both products, since MWBytes now perfoms as a full security suite and can interfere with Kaspersky protection services.

Userlevel 7
Badge +5

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?

Hello @LinuxPusher,

Welcome back!

  • Is MalwareBytes installed?
  1. If so please note: check applications incompatible with Kaspersky Internet Security, uninstall MB, reboot, recheck all issues? 
  2. If there’s no Malwarebytes, please run a GSI & Windows Logs, attach to your reply? 

Please post back?

Thank you

Flood

Note: The Kaspersky Community has no access to your personal records or any information such as your address. 


I have attached

I Removed MalwareBytes

I used O-O Shut Up win 10 to stop update to 1909 ? as people are reporting system crashes

Thank You Very Much

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?


I will try to locate the file, I used Snort Lookup and discovered Kaspersky scans.

I will add to this post when and if I can locate it.

Thank You Very Much

EDIT: File Attached

Also ClamAV on Parted Magic thumb drive found these before Fresh windows 10 install

2 attached

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?


I will try to locate the file, I used Snort Lookup and discovered Kaspersky scans.

I will add to this post when and if I can locate it.

Thank You Very Much

EDIT: File Attached


EDIT 2: Second log attached

Userlevel 7
Badge +5

Hi @LinuxPusher, I checked the logs, it looks like a false positive on the side of Snort. As it detectes as Portsweep a lot of other IP addresses, like Facebook. etc.

Regarding the issue with PC crashing at 1% of scan, please submit a ticket to technical support at my.kaspersky.com, we will request additional information and investigate this issue further. 

Meanwhile you can scan the system via Kaspersky Rescure Disk. 

Read before using: https://support.kaspersky.com/14231

Download here: https://www.kaspersky.com/downloads/thank-you/free-rescue-disk

 

Hi @LinuxPusher, I checked the logs, it looks like a false positive on the side of Snort. As it detectes as Portsweep a lot of other IP addresses, like Facebook. etc.

Regarding the issue with PC crashing at 1% of scan, please submit a ticket to technical support at my.kaspersky.com, we will request additional information and investigate this issue further. 

Meanwhile you can scan the system via Kaspersky Rescure Disk. 

Read before using: https://support.kaspersky.com/14231

Download here: https://www.kaspersky.com/downloads/thank-you/free-rescue-disk

 

I ran Rescue disk, possibly improperly, it found nothing to report.

I will follow the instructions to the letter latter today or tonight.

Thank you Very much for your help “ Everyone “

LP

EDIT: I just Disabled Windows Defender with task manager in start up tab.

kaspersky failed at 1% of Full scan again

My PC rebooted when I was Not looking

I think it may have something to do with ProtonVPN being connected at the time of the scan

I disconnected my VPN and the full scan seems to be working now

I do not remember if I was connected to ProtonVPN last time the scan failed.

Also my Task Manager Startup tab was empty so I added a folder Startup to appdata

My PC updated to 1909 and broke things.

Userlevel 7
Badge +4

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

Hi I used a System Image to roll back to Version 1809 and added O-o shut up windows 10, I also used windows power shell to remove M$ crapware.

Defender keeps fixing itself, I would like to rip it out by the roots.

It seems to be ok For now until M$ rams that garbage back into my PC at which point I will Re image.

Thank you 

Userlevel 7
Badge +4

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

Hi I used a System Image to roll back to Version 1809 and added O-o shut up windows 10, I also used windows power shell to remove M$ crapware.

Defender keeps fixing itself, I would like to rip it out by the roots.

It seems to be ok For now until M$ rams that garbage back into my PC at which point I will Re image.

Thank you 


Hello,

Thank you for replying back. We would close this topic as “Solved”. Have a nice weekend!

Best regards.