"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
We'd love to hear about it! Click here to go to the product suggestion community
Following on from the latest round of Windows updates last week, I found web browsing really laggy. After checking/changing/troubeshooting network configs to no avail, I decided to see if Sophos was the cause. Long story short, I have narrowed this down to the Web Protection Content Scanning setting - if I turn this off, everything works nicely, set it to "As on-access scanning" and I get issues on all browser (my primary ones are Chrome and Firefox latest versions).
An example of a web page that won't doesn't load properly:
With the content scanning on, the page appears to load, but clicking on the video simply displays a spinner. Turn conent scanning off, reload page, click play and the video plays.
Other pages simply don't complete loading, so either do not display, or the web browser continues trying to load the remaining components in the background (for what seems like forever). Another example:
And here's a site I can't get to display at all unless I turn off conent scanning (or keep stopping/reloading until I get some content):
From what I can tell from Firefox debug, the issue on that site is with image files (e.g. logo.png never loads).
Any ideas? And what are we risking turning off the content scanning option, albeit leaving the rest of Web control enabled?
Sophos version: 10.6.4.1150
Windows 10 version: 1607 build 14393.953
Okay, this is now fixed by doing the following:
Now I can keep the content scanning option set to On or As on-access scanning; all previous problem websites appear to work as expected now.
Hope this helps someone else at some point.
Hi,I have Windows 10 (Version 10.0.15061) with SAV 10.7.1.32 (swi_fc.exe is 188.8.131.527) and I don't really see the issues you mention. Obviously it's not the same setup but the Web protection component wouldn't be much different if at all. Is it still 3.6 in 10.6.4?
http://www.thebooksage.com/ and the video at www.bbc.co.uk/.../39323706 both load OK for me in Chrome and FF.
I followed the steps regarding www.bowers-wilkins.co.uk. If I visit this page in Chrome with the Developer Tools open with "Disable cache", click on the link for:
www.bowers-wilkins.co.uk/.../P7.htmlthe total download is 3.4MB and takes 11.31 seconds.
Sorting by time columns I see a GET request to this URL just timeout after 30 seconds: getrockerbox.com/.../xyz.js
Trying another URL:www.bowers-wilkins.co.uk/.../P5-Wireless.htmlThis downloads 11.7MB and takes 22.50 seconds to fully load the page.
Again the same xjz.js fails, other URLs of note are:dl.groovygecko.net/.../P5-Wireless.mp4 (4MB - 15.7 seconds)dl.groovygecko.net/.../P5-Wireless-Sound-Notes.mp4 (3.1MB - 15.7 seconds)Although these large media files are being downloaded they don't cause me any issues with the site and links appear to work.As for information on the endpoint proxy component, it performs three features:1. Web Control (if licensed/enabled) - This is your categorizations, where the swi_service process makes SXL look-ups to the cloud to classify sites by category, e.g. Gambling, Spam, Business, etc..
2. Web Protection, which has 2 sub-features: 2.1 Download scanning (locally buffered and scanned content) 2.2 Malicious website lookups (again swi_service performing live lookups)
In reply to jak:
Problem fixed by full uninstall and reinstall. However, the extra info you have provided is also useful for future troubleshooting.