Acronis update 40107 blocked as malicious and boot disk disabled

eturk

New update from Acronis is being blocked by BitDefender as malicious.

Advanced Threat Defense (ATD) then goes after 20 applications. On reboot, the boot disk is disabled, requiring a Startup Repair.

Update file is first on this list, for PC: https://www.acronis.com/en-us/support/updates/

I submitted the file to BitDefender

-------------------------

Critical issue in BitDefender:

BSoD:

Alexandru_BD

Hello @eturk,

Thank you for reporting this and for submitting your findings to the Bitdefender Labs for analysis.

For more context regarding powershell detections, check my comment in the thread below:

https://community.bitdefender.com/en/discussion/92875/atd-keeps-blocking-powershell-how-to-get-rid-of-it

Regards

SeriousHoax

As you can see from the code that Bitdefender has blocked, Acronis tries to add one of its file into Microsoft Defender's exclusion list. Any legit software shouldn't do it. This is a tactic used by many malware to bypass Microsoft Defender. So it makes it kind of obvious for Bitdefender's behavior blocker to get triggered by it.