Software feedback > RogueKiller PREMIUM

Does Rogus Killer guard against Purple Fox Roootkit / Worm?

See for example

Hi Mark,

Welcome to forum.

We were not able to get any Purple Fox malware payloads, so I can't answer you with certainty.
However, I can provide you some insights at what point, RogueKiller will trigger an alert. I will refer to the Guardicore tehnical as a reference.

The MSI/MOE installer being launched from a SMB drive will normally be detected as [Suspicious.Path].
The encrypted file containing the rootkit will be detected by MalPE, our heuristic engine.

Unfortunately, Guardicore does not provide any indication about the DLL payloads (winupdate64/winupdate32), so I don't have any clue about them.



[0] Message Index

Go to full version