ElPiedra

Thanks for reporting - we have fixed this fp, so it won't be detected anymore. Thx!

Hi LarryS, The ransomware "Mischa" is detected by MBARW (by behavioral patterns). Dropper (containing both payloads) is detected by MBAM (depending on it's packing) known samples are added to the detection, but with time attackers can make changes in order to counteract. For more info, please see this post: I have MBAM and MBAE. Why do I need Anti-Ransomware? by!

Hi Gwaren, Can you provide us the exact file that was detected (zip and attach) as well please so we can ensure complete fix for this false positive? If needed, here is how to do: Thanks!

Hi Denise17742, The FP with 'Hijack.Host' It was fixed in the update: v2016.01.22.07 and in the next push v2016.01.22.08 in the next hours Thanks for reporting!

This should be fixed shortly when the following update goes live. v2016.01.22.08 Tnks!

Please update to database v2016.01.22.08 - this has the revised rules to fix this. Thanks for reporting!

Ok, the other users reporting similar cases: https://forums.malwarebytes.org/index.php?/topic/177645-hijackhost-false-positive/ Are using SpyBot S&D, you also use it?

Thank you for the report. We'll have a look & fix if necessary. Questions: You may be using the antivirus Qihoo 360 Total Security ?? Tnks!

Great!... after optimization my db size is 7.85 MB.