Sophos blocking access to the internet?

What is the OS?

If you disable Web control (if enabled) and web protection features (download scanning and malicious website lookups) does it work again?  If it's Windows 7 you will need to reboot again after disabling them to allow the LSP to be removed.

Regards,

Jak

You are correct. I disabled the both of them and am able to search now. Whats the reason behind that? And is there an easy fix?

On Windows 10, the technology used is the Windows Filtering Platform (WFP).  There could be another piece of software on the computer using a similar hooking technique causing a conflict.  Is there any other software on this computer that might be interested in hooking network traffic that isn't on the others?

In an admin prompt, running:

netsh wfp show filters 

might be useful to see.  If you do provide the output file, it might be worth linking a Pastebin.

Regards,

Jak

Hi Jak, thanks again for the help. I ran the command like you suggested but the filters.xml is a pretty big file. Any suggestions on what I should be looking for? 

A list of products

Name Version
Microsoft Visual Basic PowerPacks 1.2 9.0.30729
Intel(R) IPP Run-Time Installer 7.0 for Windows 7.00.0000
Microsoft Access database engine 2010 (English) 14.0.4763.1000
Office 16 Click-to-Run Extensibility Component 16.0.7369.2127
Office 16 Click-to-Run Localization Component 16.0.7369.2127
Office 16 Click-to-Run Extensibility Component 64-bit Registration 16.0.7369.2127
Office 16 Click-to-Run Licensing Component 16.0.7369.2127
Sophos Management Communications System 2.0.2.3
Toshiba TSP for Windows x64 8.0.12
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 12.0.21005
Dolby Audio X2 Windows API SDK 0.6.3.44
ScreenConnect Client (c0c1e269ae6e3da0) 6.2.12963.6312
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 12.0.21005
Sophos Anti-Virus 10.6.4.1150
Adobe Refresh Manager 1.8.0
Adobe Reader XI (11.0.20) 11.0.20
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 12.0.21005
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 9.0.21022
Jabra PC Suite 2.10.3050 2.10.3050.0
CCMComInterface 8.00.0005
Microsoft MapPoint North America 2013 19.0.18.1100
Dolby Audio X2 Windows APP 0.6.3.48

Sophos AutoUpdate 5.4.0.724
Google Update Helper 1.3.33.5
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 10.0.30319

No applications stand out from that list as something I would be immediately concerned about.

I was going to initially look at the providers section at the bottom of filters.xml.

Beyond that, I suppose, things to check include:

Using Process Explorer - https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx for ease:

1. The "Sophos Web Filter" service (swi_filter.exe) is running.

2. There is a child process of swi_filter.exe called swi_fc.exe.

3. If you look at the TCP tab of the swi_fc.exe process it should be listening on a port e.g. 12080.  This is the local proxy listening.

4. The browser processes, e.g. chrome.exe should be connecting to that local port and swi_fc.exe should be connecting out to the target sites. E.g.:

Chrome.exe:12345 -> 12080:swi_fc.exe:12346 -> 80:google.com

where 12345, 12346 are ephemeral ports assigned by the OS.

Regards,

Jak

Hi Jak, just posting here to help anyone else that may come across the same issue. It turns out that there was an old install of Malwarebytes on the machine that was conflicting with Sophos. I uninstalled it and everything is working as it should be. Thanks again for the help. 

Hi Jak, just posting here to help anyone else that may come across the same issue. It turns out that there was an old install of Malwarebytes on the machine that was conflicting with Sophos. I uninstalled it and everything is working as it should be. Thanks again for the help.