Has anyone experienced similar problems?

We use Microsoft DFS pretty often within our customer networks.

Both Avast ransomware and behavior shield seem to have a problem with those path in a way that the Avast client is detecting DFS path with a randome number. This would result in detection path like:

Ransomware shield:
App: \DFSCLIENT;M:000000000008DF59\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe
App: \DFSCLIENT;M:000000000008A61A\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe

Behavior shield:
App: \DFSCLIENT;M:00000000035672AE\customerdomain.LOKAL\DFS\foldername1\applicationname2.exe

In all 3 cases the correct UNC path would be \customerdomain.LOKAL\DFS\foldername1\applicationname2.exe in case the DFS path is a domain based DFS, which we often use.

We deal with 80 Hub customer/tenants with more than 3.000 avast clients and almost 80% of them are using DFS!

I already have a case open regarding behavior shield not working with path exclusions. But this topic here is either related to this or it is a problem for itself…

Can anyone confirm this problem?