15-Minute Reviews :: Mamutu v1.5.0.22

Rate This Article!

Discuss This!

Head over to the forums

Add This!

AddThis Social Bookmark Button

Today’s 15-Minute Review is on Mamutu version 1.5.0.22 by Emsi Software GmbH – a malware-monitoring software package with the capability of finding new malware on its own.

Software Description

As Giveaway of the Day states:

“Mamutu monitors in realtime all active programs for dangerous behavior and blocks malicious activities. It recognizes new and unknown Trojans, Backdoors, Keyloggers, Worms, Viruses, Spyware, Adware and Rootkits (Zero-Day attacks), without the need of daily signature updates. Mamutu gives you full control over internal system activities. It’s small but very powerful. Mamutu saves resources and does not slow down the PC.”

Quick Pros

  • Interface is clean and simple
  • Different modes to allow for different levels of control
  • Pop-up alerts are very informative
  • Community-based system is intuitive
  • Did not appear to slow system and did catch items I did try

Quick Cons

  • 19MB isn’t that small of a footprint
  • Is a bit intrusive until you get it set up your way
  • Could use a password to prevent some from tinkering with settings (Edit: See update below)
  • Does not include a scanner for looking for dormant malware

Expansion

After you have either logged on or created a new account and handling your licensing (Which itself is a bit complex but does have its benefits), the wizard-style interface takes you through a few setup steps; The most notable being the settings on how protective you want the program to be. You have a set of check boxes; Intelligent alert reduction, Community based alert reduction, and Paranoid mode. The first two are to aid in the minimizing of the alert boxes that pop up (Basing itself on either its own judgment or on the power of the communities) – The last is a setting for those who are either concerned of serious damage from their download/browsing habits, or even family members who may be a bit click-happy.

For the most part, the application does sit quietly in the System Tray. You can bring up the application’s information and settings window as well by double-clicking on the System Tray icon. The main window of the application is broken up into six different areas; Security Status, Process, Malware IDS (The actual engine and its settings), Quarantine, Logs and (more) Settings. Each of these pages are well laid out with pertinent information and settings, and is overall quite easy to understand.

During your typical use of the application, you will end up with a few pop-up windows now and then. The windows are very informative, providing you reasons why the alert has popped up (access to internet, tries to simulate mouse or keyboard activity, etc), a lengthy expansion on the reason (which so far all have been very clear and concise), suggestions based on community or ‘intelligent’ feedback (depending on settings chosen), and then four radio buttons; Allow behavior, Exclude from protection, Block program or Quarantine program. The best part here is that you can control whether the behavior is allowed but still monitored, or exclude it altogether – If managed properly, this could really help minimize performance hits on known safe applications such as retail games. The community-based management system is a very interesting concept; The application shows you what others on the internet have chosen, and there is even limits which allow for the automatic flagging of good and bad applications. While the intelligent system may be great in some instances, a community-driven support system could prove to be a lot more reliable and durable in the long run.

While the application does claim to be ‘small but very powerful’, the footprint in memory is 19MB on startup and does creep up a bit during usage (up to 25MB by the end of the review). 5 percent footprint on a 512MB system which still should have an anti-virus program in memory is a bit to chew off. The CPU usage and its direct effect on applications seems to be generally negligible; Even during application launches plus activity, Mamutu seems to creep up to about 1 percent CPU usage, and testing applications with and without the application active, there is not really a visible speed issue.

The biggest downfall with this application, which could also be its biggest strength, is its intrusiveness. If an application launched (or even running and triggers an event), a dialog box will pop up giving you details on the issue and a course of action to choose. The application is frozen until you have made an educated decision and then you can again be on your way. Once you get a good set of rules up for all of your applications however, the pop-ups should drastically cut back and allow you to work without many interruptions.

A few other concerns I’d like to note; It would be nice to see a password system applied to this application to prevent outside modification; This application could be great for schools or family members on paranoid mode if the settings couldn’t be changed easily to thwart the benefits of the application. (Edit: See update below) As well, this is a good application to aid in the blocking of currently active (or potential) malware, there is no functionality to aid with malware that may be currently dormant or even aid with poorly created rules on some applications. It may be nice to have a version of Mamutu which allows for scanning of drive space for other potential issues – An idea may be to bundle or even include within Mamutu Emsi’s a-squared Free for that true one-two punch. (Edit: See update below)

Final Verdict

While testing would have to continue to see the effectiveness of the application against real malware, it does show great promise as a shield against maliciously-written code and does have some killer functionality not seen elsewhere in a whole package. For free, you may want to pick up your copy of this application as soon as you can – a 1-year license including updates is hard to pass up, especially if you are in the market for an active malware protection package. As for paying $29.95 for one year or $39.95 for two years, the two year package does seem to be very much worth the price, comparing it against other package available on the market. There are even family packages for 3 PCs and 5 PCs to save you money – The 5-PC pack works out to be under $10 per PC a year which is a great deal.

Update

After receiving a message on the forums from Emsi the two points they mark out were checked. While the application does not have a simple password-based setup for user access to the main panel, the application does actually have a permissions-based layout within the application. This permissions-based system does offer a selection of options for each user, but as well can be incorporated with domain accounts. As well, while there is no drive scanning functionality within this tool, only the active blocker, Emsi does make a-squared Anti-Malware which offers quite a few features on top of Mamutu + a-squared Free (See the comparison chart here ) – While it would be nice to see incorporated at least some basic scanning features including fingerprint-based scan, as it is this application does provide a punch.

On a sidenote; One of my regular readers tried the application today. This user does regularly use a few different anti-virus and anti-malware tools with their system quite clean. However, this application did pick up on a malware item that was on the system that no other. After quarantine, they experienced a significant performance increase on their system.

Posted by BladedThoth on Wednesday, February 27, 2008