RESOLVED - Updated to local 7.1.0+6396, Malwarebytes reports ransomware in php-cgi.exe

I have just Updated my env to local 7.1.0+6396, on running adminer Malwarebytes reports ransomware in php-cgi.exe and has quarantined it.
Has anyone else had this - is it a false positive. I would appreciate comments before taking the exe out of quarantine.
I checked the SHA1 key against the downloaded install image and it checks out OK.

What steps can be taken to replicate the issue? Feel free to include screenshots, videos, etc

System Details

  • Local Version: 7.1.0+6396

  • Operating System (OS) and OS version: Windows 11 (updated to latest levels)

FYI - I reported this to Malwarebytes as a false positive, updated my malwarebytes with today’s updates and it no longer reports the ransomware false positive.

Topic can be closed.

1 Like

Glad to hear! Thanks for reporting back, we appreciate it.

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.