grdft

The screen dump:

Here's probably a false positive on the latest Beta 6: What I was doing: Running XAMPP7 and updated plugins on a localhost install of Wordpress (latest 4.4.2), when Anti-Ransomware detected ransomware activity (see attached screen dump). This was when I fired the autoupdate on the Duplicator plugin from within the Wordpress Admin Dashboard. I have been running the Ransomware betas for some weeks now, and I'm certain I have done this before, on previous betas - updating plugins in localhost Wordpress, without Ransomware beeing triggered. Geir httpd.zip Malwarebytes Anti-Ransomware.zip