Hi 1PW, this isn't a database update this time, although I did also wonder how well database updates are verified. It's a program version update and an executable, 2 executables in fact. A previously privileged, signed, 20,447,074-byte "mbam-setup.exe" matching the "mbam-setup-2.0.4.1028.exe" you posted above spawned an unsigned, 706,560-byte "mbam-setup.tmp" https://www.virustotal.com/en/file/6c0465ce64c07e729c399a338705941d77727c7d089430957df3e91a416e9d2a/analysis/ which then requested elevated privileges. And an unsigned executable requesting elevated privileges made me wonder.