Thread Info
  • State Suggested Answer
  • +10 person also asked this people also asked this
  • Locked Locked
  • Replies 26 replies
  • Answers 1 answer
  • Subscribers 20 subscribers
  • Views 46477 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deadlock Detected Scanning

Anthony Stevens

Hi,

I have seen recently been seeing errors on the Endpoint Console with an error code a049001e saying 'Deadlock detected while asynchronously scanning file " " for user " "'. The error in question has occurred for about 60 computers.

I can't see anything online with regards to this error with a fix or how to troubleshoot this and was wondering if this is a new error that has occurred, after the result of an update. Or has this been an error that has occurred in the past please. Any help or advice on this would be appreciated please?

Kind Regards,
Anthony.



This thread was automatically locked due to age.
  • 0

    Hello;

    We are experiencing this as well but we do not run any Citrix applications or server.  Why would this be affecting us?  

    Thank you.  

    Wendy

  • 0 in reply to Yashraj S

    Hi Yashraj, 

    I'm having the same issue. Can you assist? Thanks!

    Teri

  • 0 in reply to Mel Lawrence

    Thanks Mel.  I read that solution as that it came from Citrix NOT Sophos and it it is turning off functionality of Sophos that it is a workaround until Sophos can fix what is causing the issue.  

  • 0 in reply to richbsec

    Hi richbsec,

    Unfortunately this didn't work for us in the end, we had to apply the suggested reg key to disable asynchronous scanning. After applying the exclusion, look out for Sophos not being able to update, or apply the policy in time for session use. On the Sophos Console I saw "Awaiting Policy Transfer" errors across all Virtual Desktop servers, it was taking over 3 hours for the policy to apply and even then would still pick out random files to deadlock, some dlls for an application, Adobe Reader.exe. Really random experience!

    I hope the exclusion works for you, but if not the Sophos suggested reg key workaround has definitely resolved our issues. The reg key suggestion is higher up in this thread. 

    Mel.

  • 0

    We are also experiencing a049001e Deadlock detected while asynchronously scanning file "C:\Users\...\ntuser.ini" on Citrix servers.  We are going to add a file scanning exclusion for ntuser.ini for the interim until Sophos addresses the problem that occurred after their software update.  

  • 0 in reply to Yashraj S

    We have updated the exclusions on the Sophos policy to bypass ntuser.ini - this was the file that was deadlocked. After conferring with the rest of my Team, it didn't seem suitable to rollout the suggested reg fix.

    So far so good, logins seem to have returned to normal for us for now but I'll be keeping a watchful eye on the Sophos console. It would be good to know what happened to cause this issue, I can see from around 4pm on 19/08 it started.

     

  • 0 in reply to Mel Lawrence

    Hi  

    We're aware of this and this is actively being investigated by our development team. We will definitely update this thread once there is a fix available. 

    Thanks,
    Yashraj Singha
    Manager | Global Community Support
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0 in reply to Shweta

    Hi

    Following this thread as we started to notice this in our environment on Thursday 20/08 from around 6am too, most noticeable in our Citrix environment, it’s slowing logins at the interactive session hand off. Logins have gone from 60 seconds to anything up to 10 minutes. WS2016 (1607) Citrix Virtual Desktop and Apps 7.15LTSR CU3.

     I’ll try the suggested fix but please can you inform me when there is an official fix..

    Thanks,

    Mel.

  • 0 in reply to Evan Prohaska

    Hi  

    Our team is currently investigating this issue, we will update the information once available.  I would suggest you implement the workaround as mentioned in this thread and see if it fixes the issue.

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • +1

    Since Sophos is not fixing the issue we came across a fix for the last time this happened to Citrix when Sophos deployed an update that caused this issue.

     

    Symptoms or Error

    While login or launching a ICA session , UPM profile takes long time to login due Sophos Anti Virus 

    Solution

    Created registry change to disable asynchronous Scanning for Sophos Anti Virus: 
    Instructions: 
    Under: 
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SavService\Application 
    Create a new REG_DWORD called: DisableAsyncScans with a value of: 1 
Unfiltered HTML