Avast WEBforum

Business Products => Avast Business => Topic started by: Tom610 on December 15, 2022, 01:23:49 PM

Title: Avast clients and Microsoft Distributed File System (DFS)
Post by: Tom610 on December 15, 2022, 01:23:49 PM
Has anyone experienced similar problems?

We use Microsoft DFS pretty often within our customer networks.

Both Avast ransomware and behavior shield seem to have a problem with those path in a way that the Avast client is detecting DFS path with a randome number. This would result in detection path like:

Ransomware shield:   
App: \\DFSCLIENT\;M:000000000008DF59\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe
App: \\DFSCLIENT\;M:000000000008A61A\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe

Behavior shield:
App: \\DFSCLIENT\;M:00000000035672AE\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe

In all 3 cases the correct UNC path would be \\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe in case the DFS path is a domain based DFS, which we often use.

We deal with 80 Hub customer/tenants with more than 3.000 avast clients and almost 80% of them are using DFS!

I already have a case open regarding behavior shield not working with path exclusions. But this topic here is either related to this or it is a problem for itself...

Can anyone confirm this problem?