Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 14182 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Turning on Web Protection destroys PC's

Scott2020

Hello.  Yesterday I installed Sophos 9.5 and created a new av and hips policy for a test group.  As part of the group I turned on the new features, but under "web protection" I had set "block access to malicious websites" left OFF.  I decided to try this out, so I turned it ON and pushed out to my test group.  Seconds after the update, I had 3 machines crash with svchost.exe errors, and an NTAUTHORITY process with a 60 second countdown trying to shut the machine down.

We restarted these machines and now we can't log into them.  There are several svchost.exe errors and then random critical errors preventing us from doing anything on the machines.

On one machine I was able to boot with last known good configuration and recovered it.

These are Windows XP SP3 machines with the latest Windows updates.  No firewall or other AV turned on.

Anyone else have this problem?

:3825


This thread was automatically locked due to age.
Parents
  • 0

    No, not yet but it is somewhat my fault.  I haven't had time to work on their troubleshooting steps yet.  Part of the problem is that I can't even get into Windows to run the things they wanted me to run.  First support made me run a scan using their boot CD because they thought the machines were already infected, but they were not.  I was able to run version 9.5 without any problems, and still have about 100 machines running 9.5 and they are working great.  It is just turning on the web protection that started taking them out.  I feel your pain, but I'm glad it isn't just me!

    :4017
Reply
  • 0

    No, not yet but it is somewhat my fault.  I haven't had time to work on their troubleshooting steps yet.  Part of the problem is that I can't even get into Windows to run the things they wanted me to run.  First support made me run a scan using their boot CD because they thought the machines were already infected, but they were not.  I was able to run version 9.5 without any problems, and still have about 100 machines running 9.5 and they are working great.  It is just turning on the web protection that started taking them out.  I feel your pain, but I'm glad it isn't just me!

    :4017
Children
No Data
Unfiltered HTML