Granta

Enclosed. Ran the sequence again, so the latest occurrence should be at the end (start?) of the file. mbae-default.log

No log (not via a scan), but reproduced by setting LO7 to start with windows. Worked fine with LO 6, but LO 7 generates the following ... Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 09/11/2020 Protection Event Time: 11:28 Log File: a0028356-227e-11eb-be4d-f0bf97dbc171.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.32658 Licence: Premium -System Information- OS: Windows 10 (Build 19041.610) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.0.lnk, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: LibreOffice Protection Layer: Application Behavior Protection Protection Technique: Exploit payload macro process blocked File Name: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.0.lnk URL: (end)

Another one ... Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 09/11/2020 Protection Event Time: 11:28 Log File: a0028356-227e-11eb-be4d-f0bf97dbc171.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.32658 Licence: Premium -System Information- OS: Windows 10 (Build 19041.610) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.0.lnk, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: LibreOffice Protection Layer: Application Behavior Protection Protection Technique: Exploit payload macro process blocked File Name: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.0.lnk URL: (end)