Avast made some changes to the ransomware protection (RWP) during tha last days which will lead to serious problems using this component on remote desktop servers (RDS) also in conjunction with Citrix XenApp/Daas!
What we know untill today:
1. Avast released 22.12 at the end of december and some micro updates regarding RWP on january 9th! -->
https://forum.avast.com/index.php?topic=322139.msg1698357#msg16983572. Customers with RDS and also RDS in conjunction with Citrix XenApp/Daas will experiencing trouble when using roaming profiles. Some kind of users with this roaming profiles will get stuck! This leads to ghost sessions as discribed:
https://www.reddit.com/r/Citrix/comments/gfd7ao/ghost_sessions_haunting_me/ or
https://support.citrix.com/article/CTX461016/are-all-known-issues-recorded-in-1912-cu4-fixed-with-cu5 or
https://www.if-tech.de/citrix/updates-citrix-ghost-sessions-upgrade-1912-cu4-cr-2112/3. Disableing the RWP will solve this problem although it is possible that some profiles may get currupted from the problem. So it could be possible that some RDS user profiles needs to be recreated.
4. Customers with FSLogix will not experiencing this problem.
5. Customers with RDS Windows Server 2012R2 and 2016 having this problem
6. There is a known Bug that will make RWP monitor folders that did not have configured to be monitored... Support say this has been solved this week but I did still see clients where RWP reports detections that would not have been made if RWP would work as expected. Im still working on this case with the support!
I will not create a support case for this issue since after almot 2 years of working with the support I know how this will end.
As an avast partner hosting 85 clients within the hub with over 3400 client I expect Avast to take their own action...
