ErkkiRuohtula

Found a workaround: turning off one of the checks in realtime protection, "Suojaus heikkouksiä hyödyntäviltä ohjelmilta" (guess in English it is "protection from programs exploiting vulnerabilities").

Upgraded LibreOffice on Windows 7 to version 7.3.3 but it is now unable to start. Malwarebytes does not like something it does: Malware.Exploit.Agent.Generic, C:\Windows\system32\cmd.exe \c ver, Estetty, 0, 392684, 0.0.0, , ("Estetty" means "prevented, this machine is localized to Finnish). Exported report attached. This is bad, because LibreOffice is what I use for most of my documents. Until this is resolved, I have to use other machines where I have not done the upgrade. (But note many users may not have this option). Is there workaround? Like telling Malwarebytes to not check this thing for LibreOffice. libreoffice-false-positive.txt

Thanks, Porthos. Here are the files. The text file is a log from the event page about trying to run zip. I could not locate the json file it refers to. This machine is localized in Finnish, and so is the report (sorry) but you can probably guess which item is which from the data. zip-unzip.zip

Is it OK to attach them on this forum, or should they be mailed somewhere?

Just started using Malwarebytes on a particular Windows 7 machine, did a scan with the AI on, and it flagged 2 programs (zip.exe and unzip.exe), both of which I know to be safe, because I had compiled them from sources with the OpenWatcom compiler. Trying to run also immediately quarantined them. No harm done, i simply added them to the allow-list of the Malwarebytes program. From the other messages on this forum, it looks like flagging self-compiled programs is a common problem here. Is it useful to send them as samples?