Community
User Guides
Support
Community
Help Forums
English Forum
General
About our Community
General Discussion
News and Feedback
Products
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Beta programs
Feature Requests
Finnish Forum (Tukifoorumi)
Tuotteet Kotiin
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Muut tietoturvatuotteet
Support Articles
Language
English
Suomi
Deutsch
Français
日本語
Svenska
Dansk
Italiano
Nederlands
Norsk
Polski
中文 (繁體)
Products & Services
F-Secure TOTAL
F-Secure SAFE / Internet Security / Anti-Virus
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Common topics
User Guides
Support
Login
|
Register
After upgrading to Server Security 14.00 or Client Security 14.10 the NTUSER.DAT file is getting corrupted - F-Secure Community
<main> <article class="userContent"> <h3 data-version="6" data-article="000012303">Issue:</h3> <p></p><ul><li>After upgrading Server Security to version 14.00, the NTUSER.DAT file is often corrupted when loading server-based profiles</li><li>Same issue with upgrade to Client Security 14.10 </li></ul><h3>Resolution:</h3> <p></p><div>Avdaemon.dll is doing multiple service tasks. One of tasks is the setting conversion and resolving paths environment profiles e.g. %desktop% using user profile and loads each profile into memory.<br>In this case Windows cannot find the local profile and is logging the user with a temporary profile. Changes you make to this profile will be lost when you log off.<br>Ransomware loads user profile aka ntuser.dat to resolve protected path. It seems that it is doing it, even if anti-Ransomware is off.<br><br>This issue will be fixed in the next versions of the products. <br><br>Currently we have hotfix FSCS1410-HF11 that fixes the issue, but before applying the hotfix, which contains a new avdaemon.dll file, make sure the steps below help you resolve the issue: <ol><li><a rel="nofollow" href="https://www.f-secure.com/en/web/business_global/support/support-request#productGroup=For%20Business">Contact</a> F-Secure support and we will provide you with the hotfix FSCS1410-HF11 and the new avdaemon.dll file</li><li>Rename avdaemon.dll on one of the affected hosts and restart fshoster service to see if this helps. The avdaemon.dll is located here: C:\Program Files (x86)\F-Secure\Client Security and C:\Program Files (x86)\F-Secure\Server Security</li><li>If the renaming avdaemon.dll solves the issue, replace the avdaemon.dll file with the fixed version and restart the fshoster service</li><li>If the replacement helped, you can apply hotfix FSCS1410-HF11 on all of your affected clients</li></ol><p>Follow these steps to install the hotfix to centrally managed computers:</p> <ol><li>Log into F-Secure Policy Manager Console </li><li>Select <b>Installation</b> tab</li><li>Click <b>Installation packages </b></li><li><b>Import </b>the hotfix jar file</li><li>Select appropriate domain or host from the <b>Domain Tree</b></li><li>press <b>Install</b> </li><li>Select this hotfix FSCS1410-HF11</li><li>Distribute policies</li></ol></div> <p>Article no: 000012303</p> </article> </main>