blender

Hello, We are in the process of reviewing this application. Please keep in contact with us through your ticket you opened. You and the PUP Reconsideration team can continue the discussion there. For reference, the ticket number is 2587256 I'll close this thread. Thank you,

The detection was only added recently. You can create a help ticket here: https://support.malwarebytes.com/community/contactsupport/pages/home-support

Hello, This is not a False Positive. Please see this article: https://www.malwarebytes.com/pup/ If you want to keep the program, you can add it to exclusions. Windows Update can update your system drivers though as well as the computer manufacturer. If you need assistance setting up exclusions, you can contact support for help.

Hello, Sometimes it takes time for them to reply. I'll contact the ones responsible for that mailbox & they should reply before too long. Thank you for your patience. Locking this topic so communication can continue in your ticket.

It's all good. We get emails of post reports so they can be dealt with quickly.

Hello, Can you zip/attach a couple dll or exe files from this directory on the USB drive please? D:\x64\SOURCES\ They have to be zipped or they will be rejected here. It is quite possible there is some sort of encryption/protection on the USB to prevent anything else from tampering with it (including removal of files which is what MBAM was trying to do because a rule matched making it act on the file as though it were infected) Thank you

What was the file referenced in the 0xc0000225 error message you keep getting? Not sure I want to (or can) get into t-shooting session here but will throw a site at you I found looking up that error code which might steer you in the right direction. https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/windows-failed-to-start-status-0xc0000225/4ea8f97e-10df-4bbb-ac0f-5402a6b164b4?auth=1 Some of the responses touch on UEFI mode. Might want to check BIOS to see if it is set up like that. According to the materiel.net site, the USB key does not support UEFI mode.

Thank you for the site info. No, we don't believe the file to be a threat but we're still looking at it to determine why it looks like it is corrupted. Is this the Windows 10 Home 32/64 bit USB key?

Hello again, Next update this will be fixed.

Indeed that was the same file I found in search. Thanks. Think I found the file that is known clean/non corrupt for comparison. Compare the "details" with this one: https://www.virustotal.com/#/file/ab9047b9e8ed56e76609458da89ac641eb2a9fa90c8ea02c031e32ceaa378be9/details Notice how VT can pull up version info, digital signature, Sections and all that.. your file from the link you posted it cannot. How did this USB get created? I'm curious because the rule that is hitting on your file is a few years old & first time we are seeing it reported & I am interested in how that file got mangled. Is there a site you can direct me to that you used to help with creating this USB ? Thanks

Think I found the file on virustotal. We're looking into it. First glance the file looks to be corrupt & I question its ability to be executed by Windows if you did successfully re-install the OS.

Hello, can you copy the win32ui.dll to someplace on your machine, zip it & attach here please? If that is difficult, please scan it at https://www.virustotal.com/#/home/upload & post the resulting link Thanks!

Sweet! Thanks for the update.

Let's try this: 1. Totally exit/shutdown Malwarebytes. 2. Go to here in explorer: 3. C:\ProgramData\Malwarebytes\MBAMService 4. delete the following file only: hubblecache. it doesn't have a file extension 5. Then you can restart MBAM and the cache file will rebuild on the next scan.

Fixed it again. No detections here. Can you confirm please? Might take 10 minutes for your copy of MBAM to "see" the update.