bocl 0 Posted October 30, 2010 Report Share Posted October 30, 2010 ...somehow I am skeptical about MAMUTU's abilities to block malwares. According to description MAMUTU is able to monitor the following behaviours: Backdoor related behavior Spyware related behavior HiJacker related behavior Worm related behavior Dialer related behavior Keylogger related behavior Trojan Downloader related behavior Injection of code into other programs Manipulation of programs (patching) Invisible installations of software Invisible Rootkit processes Installation of services and drivers Creation of Autostart entries Manipulation of the Hosts file Changes of the browser settings Installation of debuggers on the system Simulated mouse and keyboard activity Direct disk sector access on harddisk Changes of the system group policies Is there ANY WAY to test all/some or any of the items mentioned above? What I mean either some links to wellknown malwares with that specific behaviour or some tests provided bu EMSISOFT. I tried specific test provided bu SpyShelter and Zemana but i did not get any reaction from Mamutu (I searched the forum and it seems like these are not real keyloggers and THAT's WHY Mamutu doesn't react. I installed then a real keylogger Ardamax Keylogger 3.5.3 but MAMUTU doesn't react at all. At this point I am VERY skeptical about MAMUTU's abilities to block malwares as long as I cannot test it myself and I cannot find consistent reviews about it! (not a german magazine!) Any help with be very much appreciated! Thanks, Claudiu Quote Link to post Share on other sites
Lynx 34 Posted October 31, 2010 Report Share Posted October 31, 2010 Hi, Claudiu as it was suggested in replies to your previous post(s) , please run tests like "Trojan Simulator" you can add “zapass” and alike to the list Properly (stressing) disable all and any security except Mamutu in order to test As it was pointed by Christian Mairoll in one of the previous similar requests of yours – yes - the your AV or other solutions may kick in earlier … but read that reply again , keeping in mind that Mamutu may be the only layer of defence because of that … so test it like the only layer As for Zemana tests … again – it was discussed here in the forum – those are completely inappropriately written tests. As I can see, you found the thread(s) like one of them The Ardamax request here is pretty much redundant, that is just double posting, which usually do not have a positive outcome. As it was said earlier regarding this matter – let's hope the developers will add their point of view Other that running some tests mentioned above, please obtain real malware (there are sites) I am sure you have the alerts that are covering almost all the list. Sure if you are maintaining safe habits – those could be alerts for the legit Software exposing similar behaviour ( yesterday MS Update installations of “Live...whatever” on Win 7 x64 fired up ~7 alerts) Do you need the logged lists that I have here for XP 32 bit & Win 7 x64? I can see most of the alerts types except "Direct disk sector access on harddisk" & "Changes of the system group policies" Install more Software you will have “Simulated mouse” (say RocketDock) … as for the keyboard – install few special legit MIDI keyboard players – you will get it... & so on & so forth So please, run suggested tests and/or install real malware (there are special sites) having ordinary backup of your data & disk image backup in place My regards Quote Link to post Share on other sites
bocl 0 Posted October 31, 2010 Author Report Share Posted October 31, 2010 Hi, can you Email me some links for real malwares , please? And if is possible , which kind of behaviour is suposed to trigger... thanks, Claudiu Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.