Emsisoft's new Mamutu pre-beta

Well, there's more than one type of throne.

 

Lusher,

I feel responsible, so comment noticed, I won't tell it anymore.

Ccsito and InnerPeace are also happy A2 users. Remember that I also like ThreatFire (posted the how to o custom rules), EQSecure (also posted the first usage explanation), WinPooch alll because they are great aps and free. GesWall Pro, DefenseWall and PRSC are also favoured by me. That is the 'luck'of having three PC's at home.

Regards K

 

Hi, folks: I am trying to stay as impartial as possible when make this post, so you are noticed. Kees, do not feel anything out of normality just because what you have been contributing to this forum, I do learn a lot from you. Your testing and experiments are helpful to end users, but not necessarily be seen as such by some. That is OK. This is an open forum, any, I mean any opinion from all sides are counted, not been discounted, as long as all terms are met . Keep up your good contributions, and enjoy others' (including mine) appreciation. Have a nice one.

 

I have seven of them at home myself.

 

Really? The name gives me visions of lying along a Polynesian seashore. LOL

 

No, No, tell it to everyone you want, as long as you really believe it. Doesn't mean we have to all agree of course.

Yes, Yes, you like all wilders members here basically like all security apps.

only 3? I have 5 excluding laptops.

 

Lusher,

You still beat us, my wife and I also have two laptops supplied (so that totals to 5). But we rarely use these privately (only VPN for work off course).

Regards

 

Finally managed to get around to running some very basic tests on this thing. My first impression was not a good one, as I do not enjoy software that forces me to provide an email address to sign up for a username and password before I can use the program.

I initially set Mamutu to its highest protection settings, but apparently Mamutu is completely unfit for its intended purpose with intelligent FP reduction turned off, as the first two things it flagged were Windows components: IE6 (backdoor trojan, lol?) and msconfig ("tries to install itself invisibly"). In both cases simply executing the programs was enough to produce the FPs. Logging seems to not work (maybe because it's a beta?), and there's no further way to find out what happened.

Still in the middle of trying to figure out the quarantine. Does Mamutu quarantine only the offending file and process it detects, or does it do a smarter job like ThreatFire and AntiBot, and clean up all related files and registry entries as well?

One interesting thing to note is that Mamutu fails against kernel unhooking malware. ThreatFire and AntiBot already defend against this, but apparently not Mamutu. Copies of Bifrose and Small were allowed to execute without so much as a squeak from Mamutu.

Not impressed so far, ThreatFire seems to be heads and shoulders above this thing. But we'll see.

 

solcroft do you think a squared anti-malware which has IDS would have the same results? i know Mamutu is pre beta but shouldn't it still be close to the IDS of a squared?

 

I have 1 computer & 7 sorobans. Banzai!

Meanwhile, back at the thread -- I like what I am reading here about Mamutu. Will give it a spin when it goes beta.

QUESTION- Does it need a reboot during installation?

 

I've never tried a2 IDS personally, so I can't comment. I do remember aigle testing it before, however, and the results were less than impressive as well.

Nope.

 

I've never tried a2 IDS personally, so I can't comment. I do remember aigle testing it before, however, and the results were less than impressive as well.

all right thanks solcroft. well aigle or Keese1958, you both test software so how does Mamutu stack up against a squared IDS? and is either one as good as say that of ThreatFire?

 

I was always wondering what MS was doing inside your PC.

 

It was a very very short play. Just few minutes and I tried few malware samples on default settings with false positive reduction option and the results were poor. Keese' experience is different though.
The sort of online activation is a big turn off BTW. 30 days trial for a sort of pre-beta is another one.

From snapshots it seems almost same as A-sq,s IDS. I once wished that they launch a behav blocker based upon a-sq,s IDS without any signature data base.
Seems they took the idea without even thanking me.

 

I'll see your 7 and raise you 3.

 

Hi all,

Mamutu conflicts with Ad Muncher. AM stops filtering web flow

Regards,

MaB

 

LOL that cracked me up

 

Wordward, Solcroft, Aigle

Mamuto looks to be the IDS component of A2 (I would guess an exact copy).

I ran A2's IDS against:
1. TrojanSimulator = Pass (autostart via server)
2. TrojanDemo = Pass (downloader activity)
3. Zapass = Pass (dll injection)
4. Regtest = Pass (first process manipulation, then auto starts)
5. Badrkdemo = Pass (install driver)
6. Securable = Pass (memory access + service instalation)

Aigle is right Mamuto is not strong against worms, that is why I use WinPooch beside it with a special A2 filter set, see https://www.wilderssecurity.com/showpost.php?p=1091240&postcount=35

Solcroft has also noticed it is has weak self protection (e.g. APT)/unhooking protection.

On the positive side:
- it is very low on resources
- is available in several languages
- provides messages (sorry Lusher) which my wife seems to read and listen to, a feat which I have not been able to accomplish in many years

It will problably become payware and will run on Vista32, so on XP and Vista32 teh free ThreatFire will be a better option (on Vista64 PRSC is the only option in this category).

Together with WinPooch it also passes DFK Treath Simulator V2.

Regards Kees

 

I can get more PCs if I really wanted to, but that would reduce the amount of living space.

 

Can someone perhaps post any screenshots of the alerts?

 

You can find some screenshots of Mamutu and the alert boxes on the new Mamutu website: http://www.mamutu.com

Btw. the Mamutu Beta is now officially published on our website.

 

I think u must consider changing its name.

 

Hi, folks: I would, if I were wearing your shoes. A name sounds like a cartoon character, a primitive culture, even worse when it can not reflect its marketing/technical properties and values. Time is still on your side. I can pronounce the name, but can not even remember it just two seconds later, let alone thinking to use it again. Take care.

 

Our intention was to avoid the typical word joinings of Virus/Spyware/Trojan/Malware with Stopper/Blocker/Protector/Sweeper/No-More, etc.

The discussion about the name confirms our idea. It's so unusual that everybody thinks about its name - positive or negative doesn't really matter. I'm sure you'll remember it better than a boring word combination.

 

Who said to use anti-spyware, virus etc- buzz words. The sound effect of Mamuta is not impressive at all.

There are other names free of these buzzz words but still with good effect and u will not forget once u listen it: Prevx, ThreatFire, CyberHawk etc