Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 14186 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Turning on Web Protection destroys PC's

Scott2020

Hello.  Yesterday I installed Sophos 9.5 and created a new av and hips policy for a test group.  As part of the group I turned on the new features, but under "web protection" I had set "block access to malicious websites" left OFF.  I decided to try this out, so I turned it ON and pushed out to my test group.  Seconds after the update, I had 3 machines crash with svchost.exe errors, and an NTAUTHORITY process with a 60 second countdown trying to shut the machine down.

We restarted these machines and now we can't log into them.  There are several svchost.exe errors and then random critical errors preventing us from doing anything on the machines.

On one machine I was able to boot with last known good configuration and recovered it.

These are Windows XP SP3 machines with the latest Windows updates.  No firewall or other AV turned on.

Anyone else have this problem?

:3825


This thread was automatically locked due to age.
Parents
  • 0

    Hi Scott2020,

    Sorry to hear you're having problems. As explained by my colleague Jon above, the most effective approach here would be to talk to Support direct. This is simply to get you the fastest possible response, so we can get your systems back up and working to full effectiveness. We would like to document the outcome here in this thread, but safeguarding your environment comes first. If at all possible, we'll put in another reply to your post that documents how to deal with this situation, for any other SophosTalk reader who sees the same thing. Otherwise, get in first, and give us your impressions of the outcome.

    Cheers,

    spike

    :3837
Reply
  • 0

    Hi Scott2020,

    Sorry to hear you're having problems. As explained by my colleague Jon above, the most effective approach here would be to talk to Support direct. This is simply to get you the fastest possible response, so we can get your systems back up and working to full effectiveness. We would like to document the outcome here in this thread, but safeguarding your environment comes first. If at all possible, we'll put in another reply to your post that documents how to deal with this situation, for any other SophosTalk reader who sees the same thing. Otherwise, get in first, and give us your impressions of the outcome.

    Cheers,

    spike

    :3837
Children
No Data
Unfiltered HTML