Hetzelfde W10 heeft alles gedelete
Warning High
IMO, that’s a pathetic response from Creality. Their claims of a false-positive are contrary to the analysis of the file in question by VirusTotal…
Creality says that 22 security vendors are wrong. Their recommendations to turn off security software and/or wait for the next version are stunning.
I could give them the benefit of the doubt and assume this was unintentional. However, this is quite generous considering the findings just in this thread, Regardless, Creality, you made a mistake. It’s not so much the mistake itself but how you respond and make it right. You are not handling this well and savvy users are taking note.
Acknowledge the problem, pull the affected version before any more damage is done, apologize to your customers, hold your R&D team accountable, and release a version without this malware.
1 Like
Didn’t get that on my Scan..
Not a lot of Dutch speakers here. I took the liberty of running translate:
”The same problem occurred here after installing the update the day before yesterday. I performed a comprehensive Windows scan, which took about 7 hours. Everything was checked, and the adware was removed by Windows 11 Security. I don’t think any further action is needed.”
I agree. Once Windows security quarantines Remove-Edge.exe, Creality Print comes up clean. I’ve been using the clean ed version of Creality Print 7 for several days and I have not run across any issues yet.
To reiterate, once Remove-Edge.exe is removed or isolated, The software appears to be safe to use.
Dutch translate: “Ik ben het ermee eens. Zodra Windows-beveiliging Remove-Edge.exe in quarantaine plaatst, blijkt Creality Print geen problemen te veroorzaken. Ik gebruik de schone versie van Creality Print 7 nu al een paar dagen en ben nog geen problemen tegengekomen.
Kortom, zodra Remove-Edge.exe is verwijderd of geïsoleerd, lijkt de software veilig te gebruiken.”
Which file did you test? Only Remove-Edge.exe, which is bundled with the Creality-7 package causes the alarm. Only 1/3 (roughly) of the virus checkers detect it. Many virus detectors will remove or isolate Remove-Edge.exe silently. There is a very good chance your virus detection has done its job and you are good to go.
1 Like
I would agree that those 22 security vendors are indeed wrong.
Take a look at the github link I posted earlier, thats the project and source code to that application.
Chances are that its not going to run it on your computer anyway, but it is harmless anyhow.
and @PBusardo @Crealitykiwi We may just be squabbling about the definition of Malware. Virus checkers use several methods to determine if a file is infected. Different Virus checkers use some or many of the methods. Most of the methods are marginally effective depending on how sophisticated the virus is. anything that has a virus signature, can be re-programmed to avoid that signature. One method of virus detection that is very hard to fool is “heuristics”. Heuristic’s, in the virus detection world, means detecting a virus by its behavior, not by depending entirely on the virus signature.
The question becomes; If it is not listed as a virus, but it acts like a virus, is it a virus? That is a legitimate question and a source of considerable debate in the security community. Many say it is a false positive if the file is not proven to be a virus in a lab environment. Others say (myself included) “if it walks like a duck and quacks like a duck, it is a duck”. Remove-Edge.exe behaves like the Tnega virus. I do not care if it is the exact code match for Tnega. It sends information to five domains, four of which are not listed in common DNS. That is unacceptable to me. If you consider that a false positive, that is O.k. It is really a matter of what sort of chances you are willing to take with the information on your computer (and in many cases across your network). If you are printing toys for friends and their children, on a computer with no crittical personal information, then; no harm, no foul, no virus. If you work on original designs for an employer (especially a government employer). this is a really big deal. Definitely a virus. Even though I’m retired, my mindset falls in the latter camp. I do have valuable information on the computer that I use to print. I just can’t take the chance.
With all that said, the actual behavior of Remove-Edge.exe is easy to manage as many have observed. My real frustration (which has escalated to anger) here is Creality’ s behavior. First and foremost, Creality has been too opaque about an important issue. Their response to me and to @PBusardo is out right disdainful. Second this clearly demonstrates that they are not managing their software repository with responsibility and diligence. this version, containing this code, clearly should have never reached the commit stage. Now we have a trust issue. I no longer have confidence that Creality can safely manage an open source software repository and even if this is a just an isolated lapse of responsibility and diligence, the Companies response was counter-productive. In my experience it appears that Creality is allowing marketing to over-ride Engineering. That is almost always very bad for the end user, and that is us.
I am so disappointed. I have a well made K2. Not everyone was so lucky. Crealitys’ manufacturing consistency is a separate issue. I enjoy my K2, but now I can’t trust Creality. That changes my hobby into a job managing software releases and computer security. That really pisses me off.
1 Like
McAfee is one software that I would never trust! It’s been determined that Creality has tried to sneak some adware into their software. The next little while should be interesting!
1 Like
My question is whether it does anything harmful, im not a developer, but did you check the source code in the link i provided?
It appears its simply used to uninstall edge in order to address issues when updating or installing edge/webview.
Télécharger le fichier exe de creality print 7.
Créer une exception dans windows Defender pour pouvoir exécuter le fichier d’installation.
Il sera possible d’utiliser creality Print 7.
Attention, pour certains modèles il y a des erreurs de code Klipper qui produisent un plantage et une extinction de la K2 plus.
Je suis donc revenu à la version 6 ! Mails le passage au micrologiciel 1.1.4.8 n’est pas tout à fait compatible avec la version 6 : pas d’affichage du temps restant et erreurs de report des températures …
Bref, Creality ne semble plus une compagnie très fiable …
Dommage !
1 Like
Yes, I checked the code. I disagree with your analysis. Harm is usually not obvious. Information stealers try to stay under the radar as much as possible. They often run for years before anyone finds them.
I very strongly recommend removing the file Remove-Edge.exe immediately after installation.
Je recommande vivement de supprimer le fichier Remove-Edge.exe immédiatement après l’installation.
Beste Gozmon, bedankt voor het vertalen. Mijn K1C werkt prima met de software 7.0.04127 prima nadat de Edge file verwijderd is. Excusus dat ik niet in Engels kan reageren. Maar les 1 is nooit de virussoftware uitschakelen. Tevens moeten ze met een nieuwe update komen zo spoedig mogelijk.
1 Like
From what I can tell its just a compiled python script, the code definitely appears to remove a bunch of files and registry entries related to Microsoft edge.
Well, hmmm. I tried the download again, and it downloaded and installed with no errors. I did a search for the “Remove-Edge.exe” file and it was no longer there. I can’t tell if Creality fixed the download, or Windows Defender got smarter?
FYI… No issues with this release/install file:
I forwarded your suggestion to the R&D team, and they’ve released a new software package. Please download it using this link; this version will not trigger false alarms.
1 Like
If you’re dealing with a Windows Defender alert when installing Creality Print v7.0.0.4127, it’s likely Defender is detecting something it thinks is suspicious (like “Remove-Edge.exe”). Many users have reported similar detections, and it often turns out to be a false positive rather than actual malware.
For general help with taking screenshots (which can be useful when reporting issues or saving logs), here’s a simple step‑by‑step guide:
And here’s the community thread with more details on this Defender alert:
Im using creality print 7 on linux mint right now.
1 Like
This is strictly a Windows issue. You are totally safe in Linux land.