diff --git a/rules/windows/builtin/code_integrity/win_codeintegrity_attempted_dll_load.yml b/rules/windows/builtin/code_integrity/win_codeintegrity_attempted_dll_load.yml
index b21eab87e..54a67922c 100644
--- a/rules/windows/builtin/code_integrity/win_codeintegrity_attempted_dll_load.yml
+++ b/rules/windows/builtin/code_integrity/win_codeintegrity_attempted_dll_load.yml
@@ -53,8 +53,8 @@ detection:
         ValidatedPolicy: 1
     filter_avast:
         FileNameBuffer|endswith:
-            - 'Program Files\Avast Software\Avast\aswAMSI.dll'
-            - 'Program Files (x86)\Avast Software\Avast\aswAMSI.dll'
+            - '\Program Files\Avast Software\Avast\aswAMSI.dll'
+            - '\Program Files (x86)\Avast Software\Avast\aswAMSI.dll'
         ProcessNameBuffer|endswith: '\Windows\System32\SIHClient.exe'
         RequestedPolicy: 12
         ValidatedPolicy: 1