Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 3537 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint 10: Cannot access Router web configuration properly

AVUserR

Hi everyone,

since update to SAV10 I have a problem with access to my router's web configuration.

First of all, this is a home setting, not a company setting; I am using SAV on a university campus license, so I have no direct access to Sophos support. I tried my universities helpdesk, but they couldn't help me with my problem, google and Sophos Knowledge base also couldn't (or i was looking fpr the wrong keywords), so I'd pretty much appreciate if somepone has an idea.

Problem: Accessing my Router's web configuration (http://192.168.0.1) is _very_ slow since the upgrade to SAV10, no prblems with previous versions. After logging in, some of the displayed information is missing (e.g. I cannot connect/disconnect from and to WAn anymore), every access inside the Router's web menu is also incredibly slow.

First I thought it to be a problem with the router, but that has been excluded meanwhile.

The problem will occur from any of my PCs, wireless or ethernet cable connected. They all do run Win7 x64.

Booting to a Linux desktop -> problem solved, no troubles with access to the router anymore.

Disabling several scanning options from SAV10 (e.g. web protection and live protection) -> no change, still having problems.

Disabling ALL scanning options from SAV10, incl. On-Access-Scans -> Router page loads fast now, but will not show login data fields anymore.

Uninstalling SAV10 -> Problem solved, normal access to my Router's web configuration interface

Re-Installing SAV10 with current installation package -> Problem back there.

I am Using SAV10 stand-alone, installed from installer without Client firewall.

Any ideas on what to do about this problem? Help would be really apprecciated :-)

:19745


This thread was automatically locked due to age.
  • 0

    HI,

    The most likely component in the LSP based on the nature of the problem.

    Did you restart the machine after disabling Web protection (set both to off)?  If not can you try that?

    Also try disabling the "Sophos Live Protection" option again I would suggest a reboot.

    Be good to identify exactly which option helps.

    What is the model number and manufacturer of the router out of interest?

    Regards,

    Jak

    :19751
  • 0

    Tanks a lot for your effort to help me with my problem.

    Well, I've disabled both SLP as well as Web Protection options and did a full reboot, checked that the options were still set to disabled (they were) and still had the same problem.

    The router in question is a DLINK DIR-655, HArdwere Rev A2, Firmware 1.34EU (no help with upgrading to 1.35).

    Do you have any other ideas? As told before, problem on 3 computers with a fresh and clean Win7-Setup and with no "unusual" modifications or options or third party addons, so I'd explect more people to have this problem (which they obviously don't)...

    :19757
  • 0

    Hmm, how about...

    Remove the Sophos detoured entry, that is to do as follows:

    Remove the path to the sophos dll from:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows \AppInit_DLLs

    and if on a 64-bit machine:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows \AppInit_DLLs

    If you only have one dll in each of the above, i.e. Sophos, it might be easier to set LoadAppInit_DLLs (under same key) to 0 for both locations to make it easier to revert. 

    Then reboot, does removing detoured from the equation help?  This will stop your broswer loading this dll.

    Regards,

    Jak

    :19763
  • 0

    I've set both entries to Zero on my Win7 x64, did a full reboot - still no difference, problem persists as described before :-( Any more ideas on why that might be?

    :19781
  • 0

    Hmm, I still suspect the LSP to be the most likely candidate here.

    Have you tried using Chrome?  Does that work, could it just be an IE prob?

    Also, if you try Chrome and in the address bar type:

    chrome://net-internals/#serviceProviders

    This will show you the LSPs loaded, is "Sophos Web Intelligence " listed?

    Running in a command prompt:

    netsh winsock show catalog > winsock.txt

    Will also confirm this.

    Jak

     

    :19785
  • 0

    Thanks a lot for your ongoing efforts to help me!

    It is not a browser related Problem, it happens in IE, FF and Chrome. Though the registry entries have been removed, there's still SWI-LSP loaded.

    It of course also appears in the command line output.

    :19799
  • 0

    HI,


    I tested disbaling the following:

    1. "Enable Live Protection" under "Sophos Live Protection".
    2. "Block access to malicious websites" set to "Off" under "Web protection"
    3. "Download scanning" set to "Off" under "Web protection"
    4. Turned off Web Contol in SEC, If you're standalone you won't have this option.

    I then rebooted, started up Chrome and under "chrome://net-internals/#serviceProviders " the Sophos LSP had gone.  Can yoiu try the site again once Chrome shows the LSP not being loaded?

    Regards,

    Jak

    :19839
  • 0

    Hi Jak,

    sorry, had to work and no time to check this out in the last couple of days, but:

    Thank you, that did the trick! Unfortunaly, I have no malicious web site protection for now, I hope that a sophos Update will fix this issue in the future. For now, I'll have to be extra careful or switch to another product.

    Thanks a lot!

    :20053