hexaae

Correct. I use them mainly to fix old games through MS Application Compatibility Tool... I have created many "fix-it" guides on Steam too ;) I'll remove files manually "the old way" thank you (didn't know KpRm!). Thanks for the advices too (I already use KeePass, I'm the Italian translator :))... Keep up the good work (and please add wildcards for exclusions in MWB ASAP! :D) P.S. About exclusions... is there a way to backup and restore them (URLs and local file locations) after a MWB reinstall?

Yep, indeed was an old codec solution... thanks, I'll probably uninstall it as I don't think is even needed today with Win 10. init.cmd is ok too, I created it to define some handy CMD aliases: Forgive my limited English (not my native tongue): didn't want to sound disrespectful. Of course I opened this thread because I know you're experienced professionals and could help me. However after those checks it's ok for me (if you tell me there's nothing else suspicious from my logs) as I'm quite confident it wasn't a malware issue but just a problem with old MWB perfectly running but not re-launching sometimes because MBAMService was stuck as mentioned in one of your changelogs. Will report and continue (?) this thread if it happens again or I notice other strange things, thank you for your time and patience!

Thank you for support. I'll divide the arguments in paragraphs for convenience: a. yes I installed XVid years ago from the official site... and never noticed strange behaviour: Xvid - CheckUpdate.exe - Program Information (bleepingcomputer.com) It's not trustworthy? I can exclude it from AutoRuns of course... I attached those two scripts anyway. b. those Edge push notifications are ok for me (yes I remember them and I'm aware) and never experienced strange popups or adware issues. c. about the script: DISM and sfc /scannow are ok, already checked and they didn't report strange errors... I really don't want to RESET all other mentioned programs and cache... should I really do that? It's a bit exaggerated in my humble opinion as I never encountered problems. Really, besides this strange behaviour that brought me here opening this thread (please, consider I was using an old MWB 4.5.4) with the randomly stuck MBAMService on manually quitting MWB and some random crashes of mbamtray.exe I've never seen nothing suspicious on this PC (and I'm the kind of tech savvy guy using always UAC at max level, sandboxed apps on first download with VBox, I usually don't use cracks and pirated software etc.). If there's nothing else suspicious from my mbst-grab-results I'd prefer to leave things as they are, hoping the new MWB 4.5.7 fixed once and for all my small issue with your anti-malware. XVid-scripts.zip

I quitted Malwarebytes. I ran MBST and selected CLEAN. It removed MWB, then asked me to reinstall it (no reboot in the process), so I proceeded and after MWB re-installation I clicked on Complete button in the window of MWB installer that didn't go away by itself. At this point MBST popped up a warning "Installation aborted" (?!!!!). Then asked me to install MWB Privacy VPN... (?) Repeated the CLEAN process. This time removed MWB and asked me to reboot. After restart MBST auto-started again on login and I reinstalled MWB again. Once again clicking Complete button in the installer generated a "Installation aborted" warning from MBST (!??)... I ignored further MWB Privacy VPN install request again... Then i generated the zip. ...Anyway here are the logs and requested files. mbst-clean-results.txt mbst-grab-results.zip

P.S. From Release History & News – Malwarebytes Support MBAM-6138: MBAMService was stuck in a Stopped or Pending state. (4.5.6) MBAM-6181: Program Tray icons freezing or crashing. (4.5.5) which match perfectly with my issue here... 😟

Exactly my experience. Thanks, now I know it's better to manually check in Settings > Information > Search for updates every now and then.

Thank you for the heads-up, I manually entered Settings > Information tab and clicked on Search for updates... and it actually got updated to 4.5.7 (why it didn't this automatically?)

Oh... I expected it to check program updates automatically (as it always did). I have all updates options enabled... Isn't this last version?

Just noticed that after manually quitting MWB from Windows 10 traybar (to test if happened again) it logged this error: Descrizione Percorso dell'applicazione che ha generato l'errore: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Firma del problema Nome evento problema: APPCRASH Nome applicazione: mbamtray.exe Versione applicazione: 4.0.0.1250 Timestamp applicazione: 62023b8a Nome modulo con errori: Qt5Core.dll Versione modulo con errori: 5.14.1.0 Timestamp modulo con errori: 603971ce Codice eccezione: c0000005 Offset eccezione: 0000000000219dc5 Versione SO: 10.0.19043.2.0.0.256.48 ID impostazioni locali: 1040 Informazioni aggiuntive 1: 47ff Ulteriori informazioni 2: 47ff1f85764ba318c5732db295c7709d Ulteriori informazioni 3: 9d43 Ulteriori informazioni 4: 9d437f5bf4fafe3bd0dadd96a8df2ac8 But I can't reproduce if I re-run and quit again MWB... Mmmh, something is unstable in the UI/service components after latest MWB updates IMHO.

I finally rebooted PC. Everything back to normal and MWB service running fine. Full MWB Premium scan attached found nothing. MWB results.txt

ESET Online full scan (both C: and D:, 1M+ files!) also found nothing.

It found nothing (2 false positives, I didn't run in the last 5 months at least). Attached. The strange thing is that while running it said "Detected infected files: 29" (scanned more than 800'000), but the final log is just this attached. What does it mean? It deleted/removed those other files without logging? WHAT FILES detected as the 29??? I hope it didn't delete important false positive files without logging... Can you please explain what did you see in mbst-grab-results.zip to say this (so I can double-check those things you found suspicious)? My suspect: since it always happened only AFTER I quit MWB (it happened just a pair of times in the last 2-3 weeks and I use MWB Premium every day), my suspect is that's just a bug in MWB/Windows: if you notice the service from the picture above says: "Service status: Stopping..." ("Arresto in corso" in Italian) and is stuck there, which explains why it fails to re-launch MWB, and why if I reboot it starts working again (with real-time and rootkit protection on, and everything perfectly running as usual)... and then full MWB scan says there is nothing. The problem happened just a pair of times only after I manually quit MWB from the traybar and then tried to re-launch it. Currently checking also with ESET Online Scanner... msert.log

Can I disconnect from the Net while Microsoft Safety Scanner is scanning to be safer?

Ok will do... I made a scan in the meanwhile with F-Secure online and did not detect anything... Also Defender quick scan didn't find anything. Are you sure? After I got it first time the other week and rebooted, I started a MWB full scan and found nothing BTW...

Sometimes randomly after I quit MWB, and then try to re-launch it I get the error "Unable to connect the service" (?). All I did in these cases was a reboot and everything went back to normal, but still happened a pair of times in a week.... I don't think I'm infected (I did nothing dangerous), and Windows Defender does not report anything strange... I've noticed Service is actually without options (Restart, Stop...): Attached my mbst-grab-results... mbst-grab-results.zip