General Category > General Discussion

What is MalPE??

<< < (3/3)

Azurien:
Hello

Well, if you dont mind can you give me a step by step on how to get them? I only have the options to either restore or delete them on roguekiller so I don't know how to get them from the quarantine.

edit: just found them inside the roguekiller folder... do you need the .meta ones as well?

edit 2: the files in question have the same info as the log, just out of curiosity, how will these files actually help with the roguekiller detections and such? Just trying to expand my knowledge base and understand a little bit more about the information that can be gathered by studying and analysing these type of files.

Curson:
Hi Azurien,

You need to restore them, then zip them from the Explorer, not RogueKiller.
MalPE uses PE (Portable Excecutable) characteristics to define a file as malicious. By manually analysing them, we will be able to determine what triggered the false detection and improve the detection engine.

Regards.

Navigation

[0] Message Index

[*] Previous page

Go to full version