Maniak2000 1 Posted January 8, 2012 Report Share Posted January 8, 2012 Hello. I would like to get a bit more details about some alerts mamutu shows, can it be done? For example: Application is trying to inject code to other applications - What other application(s) exactly (path)? Program is editing (patching) other executable files - (again) what other executables exactly? Program is installing something invisibly - what exactly is it installing? (list of files?) Installation of services and drives - What services \ drivers are being installed exactly? Mofifying startup areas - What start-up area is being modified and what entry exactly is being added? Changing hosts file - what entries are being added \ deleted? Browser setting changes - what setting(s) are being changed exactly? System's group policy changes - what group policy exacly is being changed? to what (on \ off) ? Application is trying to silently send something to the internet - on what adress, port? This additional info can be added to "Details" tab and I think can help some people differentiate dangerous programs from just suspicious (for mamutu). Quote Link to post Share on other sites
Fabian Wosar 390 Posted January 12, 2012 Report Share Posted January 12, 2012 There are plans to provide a few more information. It will never be in as much detail as you suggested though primarily because people will be confused by it. If you prefer a more HIPS style approach you may want to take a look at Online Armor that provides a lot of the details you asked for. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.