Has anyone experienced similar problems?
We use Microsoft DFS pretty often within our customer networks.
Both Avast ransomware and behavior shield seem to have a problem with those path in a way that the Avast client is detecting DFS path with a randome number. This would result in detection path like:
Ransomware shield:
App: \\DFSCLIENT\;M:000000000008DF59\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe
App: \\DFSCLIENT\;M:000000000008A61A\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe
Behavior shield:
App: \\DFSCLIENT\;M:00000000035672AE\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe
In all 3 cases the correct UNC path would be \\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe in case the DFS path is a domain based DFS, which we often use.
We deal with 80 Hub customer/tenants with more than 3.000 avast clients and almost 80% of them are using DFS!
I already have a case open regarding behavior shield not working with path exclusions. But this topic here is either related to this or it is a problem for itself...
Can anyone confirm this problem?
