Author Topic: What is MalPE??  (Read 1642 times)

0 Members and 1 Guest are viewing this topic.

February 06, 2019, 06:48:23 pm

Azurien

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
What is MalPE??
« on: February 06, 2019, 06:48:23 pm »
Hello, I've been noticing something weird over the few days... I do regular scans with RogueKiller and once a week it finds some MalPE (usually the MalPE.29) on some registry keys that are related to steam. Been carefull with both brownsing and such but it's been buggying me a lot... what are these MalPEs that pop up from nowhere and how harmfull are they? And if so, what to do to get rid of them in a more permanent way?

Thank you.

Reply #1February 06, 2019, 08:10:52 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2185
  • Reputation:
    78
    • View Profile
Re: What is MalPE??
« Reply #1 on: February 06, 2019, 08:10:52 pm »
Hi Azurien,

Thanks for your interest in our product.

MalPE is a new heuristic engine that detects anomalies in PE files.
In our tests, MalPE appeared to be detecting 90% of malware files, while having false positive on 2% on them. We are still working on reducing those false positives massively so these feature is still in Beta.

For the time being, I advise you to disable the use of the MalPE engine in the Settings tab.

Regards.

Reply #2February 06, 2019, 08:16:42 pm

Azurien

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: What is MalPE??
« Reply #2 on: February 06, 2019, 08:16:42 pm »
Thank you for your reply. Well 90% is good for me so I'll keep it on, since the weird issue was it only detected on registry keys of games I haven't touched in a while and it had something to do with firewall permissions. Also, 3 days ago it didn't detect anything and today it detected that so I was worried I might have been, somehow, infected.

Again, thank you for your help.

Reply #3February 06, 2019, 08:25:39 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2185
  • Reputation:
    78
    • View Profile
Re: What is MalPE??
« Reply #3 on: February 06, 2019, 08:25:39 pm »
Hi Azurien,

You are very welcome.
If you want to help us, please make an archive with all the file detected by MalPE and attach it with your next reply. Manual analysis of the files will help us improve the engine.

Regards.

Reply #4February 06, 2019, 08:41:00 pm

Azurien

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: What is MalPE??
« Reply #4 on: February 06, 2019, 08:41:00 pm »
I already deleted those but I will save future detections.

Reply #5February 06, 2019, 09:06:05 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2185
  • Reputation:
    78
    • View Profile
Re: What is MalPE??
« Reply #5 on: February 06, 2019, 09:06:05 pm »
Hi Azurien,

Thanks.
Regards.