General Category > General Discussion

What is MalPE??

(1/3) > >>

Azurien:
Hello, I've been noticing something weird over the few days... I do regular scans with RogueKiller and once a week it finds some MalPE (usually the MalPE.29) on some registry keys that are related to steam. Been carefull with both brownsing and such but it's been buggying me a lot... what are these MalPEs that pop up from nowhere and how harmfull are they? And if so, what to do to get rid of them in a more permanent way?

Thank you.

Curson:
Hi Azurien,

Thanks for your interest in our product.

MalPE is a new heuristic engine that detects anomalies in PE files.
In our tests, MalPE appeared to be detecting 90% of malware files, while having false positive on 2% on them. We are still working on reducing those false positives massively so these feature is still in Beta.

For the time being, I advise you to disable the use of the MalPE engine in the Settings tab.

Regards.

Azurien:
Thank you for your reply. Well 90% is good for me so I'll keep it on, since the weird issue was it only detected on registry keys of games I haven't touched in a while and it had something to do with firewall permissions. Also, 3 days ago it didn't detect anything and today it detected that so I was worried I might have been, somehow, infected.

Again, thank you for your help.

Curson:
Hi Azurien,

You are very welcome.
If you want to help us, please make an archive with all the file detected by MalPE and attach it with your next reply. Manual analysis of the files will help us improve the engine.

Regards.

Azurien:
I already deleted those but I will save future detections.

Navigation

[0] Message Index

[#] Next page

Go to full version