Kaspersky is Port Scan Sweeping my pfsense firewall this comes from the WAN side [Closed]

[LinuxPusher]

Hi,

I have had to wipe my Entire HOME network a number of times I am an Individual, I am NOT a business.

I am close to losing my Family Pictures and home videos 50+ years

Hidden FAT32 partitions are appearing on all my connected hardware.

So I chose kaspersky because of it’s reputation to protect my Home network.

I did a Fresh Install Windows yesterday.

When I try to run a Full kaspersky Scan my PC reboots with no warning last time at 1% of scan.

I have reinstalled kaspersky, I even tried RFKill and HitManPro.

MalwareBytes refuses to turn on Malware protection.

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Please Explain

If you have any questions you know how to get a hold of me and where I live as I paid via my Bank.

Thank you

LP

[Flood and Flood's wife]

Hello @LinuxPusher,

Welcome back!

• Is MalwareBytes installed?

1. If so please note: check applications incompatible with Kaspersky Internet Security, uninstall MB, reboot, recheck all issues? 
2. If there’s no Malwarebytes, please run a GSI & Windows Logs, attach to your reply? 

Please post back?

Thank you

Flood

Note: The Kaspersky Community has no access to your personal records or any information such as your address. 

[harlan4096]

Also, if using MalWareBytes Premium + Kaspersky, You should disable ransomware protection in MWBytes… and/or even create exclusions for their services in both products, since MWBytes now perfoms as a full security suite and can interfere with Kaspersky protection services.

[Igor Kurzin]

  LinuxPusher said:

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?

[LinuxPusher]

  FLOOD said:

Hello @LinuxPusher,

Welcome back!

• Is MalwareBytes installed?

1. If so please note: check applications incompatible with Kaspersky Internet Security, uninstall MB, reboot, recheck all issues? 
2. If there’s no Malwarebytes, please run a GSI & Windows Logs, attach to your reply? 

Please post back?

Thank you

Flood

Note: The Kaspersky Community has no access to your personal records or any information such as your address. 

I have attached

I Removed MalwareBytes

I used O-O Shut Up win 10 to stop update to 1909 ? as people are reporting system crashes

Thank You Very Much

[LinuxPusher]

  Igor Kurzin said:

  LinuxPusher said:

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?

I will try to locate the file, I used Snort Lookup and discovered Kaspersky scans.

I will add to this post when and if I can locate it.

Thank You Very Much

EDIT: File Attached

[LinuxPusher]

Also ClamAV on Parted Magic thumb drive found these before Fresh windows 10 install

2 attached

[LinuxPusher]

  LinuxPusher said:

  Igor Kurzin said:

  LinuxPusher said:

What I don’t understand is why Kaspersky it performing Port Sweeps on my pfsense firewall.

Hi, 

Can you provide more details, a log extract from pfsense firewall, for example?

I will try to locate the file, I used Snort Lookup and discovered Kaspersky scans.

I will add to this post when and if I can locate it.

Thank You Very Much

EDIT: File Attached

EDIT 2: Second log attached

[Igor Kurzin]

Hi @LinuxPusher, I checked the logs, it looks like a false positive on the side of Snort. As it detectes as Portsweep a lot of other IP addresses, like Facebook. etc.

Regarding the issue with PC crashing at 1% of scan, please submit a ticket to technical support at my.kaspersky.com, we will request additional information and investigate this issue further. 

Meanwhile you can scan the system via Kaspersky Rescure Disk. 

Read before using: https://support.kaspersky.com/14231

Download here: https://www.kaspersky.com/downloads/thank-you/free-rescue-disk

 

[LinuxPusher]

  Igor Kurzin said:

Hi @LinuxPusher, I checked the logs, it looks like a false positive on the side of Snort. As it detectes as Portsweep a lot of other IP addresses, like Facebook. etc.

Regarding the issue with PC crashing at 1% of scan, please submit a ticket to technical support at my.kaspersky.com, we will request additional information and investigate this issue further. 

Meanwhile you can scan the system via Kaspersky Rescure Disk. 

Read before using: https://support.kaspersky.com/14231

Download here: https://www.kaspersky.com/downloads/thank-you/free-rescue-disk

 

I ran Rescue disk, possibly improperly, it found nothing to report.

I will follow the instructions to the letter latter today or tonight.

Thank you Very much for your help “ Everyone “

LP

EDIT: I just Disabled Windows Defender with task manager in start up tab.

[LinuxPusher]

kaspersky failed at 1% of Full scan again

My PC rebooted when I was Not looking

I think it may have something to do with ProtonVPN being connected at the time of the scan

I disconnected my VPN and the full scan seems to be working now

I do not remember if I was connected to ProtonVPN last time the scan failed.

[LinuxPusher]

Also my Task Manager Startup tab was empty so I added a folder Startup to appdata

My PC updated to 1909 and broke things.

[Wesly.Zhang]

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

[LinuxPusher]

  Wesly.Zhang said:

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

Hi I used a System Image to roll back to Version 1809 and added O-o shut up windows 10, I also used windows power shell to remove M$ crapware.

Defender keeps fixing itself, I would like to rip it out by the roots.

It seems to be ok For now until M$ rams that garbage back into my PC at which point I will Re image.

Thank you 

[Wesly.Zhang]

  LinuxPusher said:

  Wesly.Zhang said:

Hello,

How about this issue now? Solved??? Let me know the result.

Regards.

Hi I used a System Image to roll back to Version 1809 and added O-o shut up windows 10, I also used windows power shell to remove M$ crapware.

Defender keeps fixing itself, I would like to rip it out by the roots.

It seems to be ok For now until M$ rams that garbage back into my PC at which point I will Re image.

Thank you 

Hello,

Thank you for replying back. We would close this topic as “Solved”. Have a nice weekend!

Best regards.