Possible ransomware detected when opening Creality slicer



  • I got a Possible ransomware detected when I opened the Creality Slicer.
    ransom.jpg

    Managing Acronis Active Protection
    When the Acronis Active Protection service is on, it monitors the processes running on your computer by using the real-time mode.
    When it detects a third-party process that tries to encrypt your files or mine cryptocurrency, the service informs you about it and asks if you want to allow the process to continue or block the process. Refer to Acronis Active Protection for details.

    Am I the only one??? , should I click Trust ???

    I dont get this message with Cura 4.8
    Thanks
    Dov



  • @dovk179
    I don't really know what it could be. From how it works, there could be an actual ransomware, as Acronis found a process encrypting files with no evident reason. By the way, I can't see why a ransomware should encrypt the files of the program it (possibly) came with.



  • @Stefano
    Acronis did not accuse any problem in the installation. Only when I executed the program to open it.
    My defender also did not accused any problem, I also scanned the SD That came with the printer.

    This are the files that where recuperated after blocking the program.
    Acronis Active protection.jpg
    The following is the address for acronis Active protection
    C:\Acronis Active Protection Storage\Cura.exe_1100\Users\Owner\AppData\Roaming\cura\4.2

    f62cbaf9-4ec4-48a3-9ad5-432a4c6a3cdf-image.png
    Dov



  • @dovk179
    I'm using Windows Defender and it didn't trigger any alarm for ransomware when installing Creality Slicer. By the way, I actually don't see any reason for using it in place of the much more up to date Cura 4.8.
    I see that Acronis detected operations on 26 files: are those files supposed to be accessed by Creality Slicer or are they system or personal files?



Copyright © 2020 Shenzhen Creality 3D Technology Co., Ltd All Rights Reserved.