mamutu VS the four virus of king

Shutting down the program manually with the Task Manager is legit and not a flaw. If a Malware tries to do so, Mamutu should usually detect it.

We are working on a better service protection right now.

 

That's why the Intelligent Alert Reduction feature is disabled by default since version 1.5 release.

The new Community based alert reduction feature works much better and does not allow any harmful programs to be started (except the majority of Mamutu users has allowe it too).

 

wow, good news, I will waiting for the new

 

@ baerzake, is there something special going on with these viruses? How would other HIPS (with process control) react? And I´m specifically talking about the "hidden install" method. I´ve sent you a PM, btw.

@ Emsisoft, can you give a bit more info about the "program has suspicious file layout" alert? What is it all about, I never saw it before.

 

@baerzake: The community based alert reduction was introduced with version 1.5 of Mamutu, 4 weeks ago.

This is only alerted in paranoid mode. It means a not very sophisticated detection method. It just combines parameters like "Is the program packed with an exe packer?" and a few others and alerts these programs.

That's why it is disabled by default. But may help in specific cases. Normal programs are usually not packed with malware typical exe packers, e.g.

 

OK thanks for letting me know. I suppose that, just like with all other alerts, the usefulness depends on how often you will get to see it, if it´s very common, you won´t take it seriously anymore. Also, have you tested Mamutu against the file infectors yet? I really wonder what the results will be.

 

Have not dowmloaded mamutu yet so I don't know. What happens when an
application running on my computer is not yet in the 'Community data base'
and I have enabled this feature rather than Intelligent Alert Reduction - I
suppose the decision to allow/deny would be solely mine and if I make the
wrong selection others will see that the app. has been allowed @ 90%+ and
also allow ?

 

The community feature is not that simple. A minimum amount of users is required until it gives any recommendations.

Remember that not every single decision is used for the community data, only the rules you create. That means if you made a rule in wrong and change it later, it will also be 'updated' at the community.

The main reason for the community feature is the false alert reduction on very often used programs, such as updaters that act invisibly or other behavior types that are very close to malware behavior.

 

Hi,

The concept of community based data is viewed as innovative at first glance.

But the situation it is in IS a catch 22 one; If the participation of such feature is mandatory, users will feel being betrayed/spy-ed on. If leave it as optional, the base may not get minimum quorum to run it effectively.

Prevx and ThreatFire have gone thru it with a tough time. Either has been proven successfully without any hidden drawbacks.

In order for Manutu to be excelled in this regard, you need to take a different approach, both at users' and developer's level.

I like what I have seen so far with Manutu and A-squared AM. Much thanks to EMSI's generosity. And I wish their developmental work will be more revolutionary than other me-too products.

Take care.

 

@ baerzake, I´m still waiting for the malware samples.