Mamutu Review and Zero-Day Anti-Malware Comparison

Mamutu Review and Zero-Day Anti-Malware Comparison
Page content

Behavioral-Based Detections

Mamutu and ThreatFire are popular zero-day and behavior-based anti-malware programs for Windows. The programs are designed to complement the protection provided by signature-based protection by other antivirus software. Unlike antivirus software that uses virus detection database for online or offline scanning, a behavioral-based detection tool uses a set of rules to identify suspicious or malicious activity in Windows. The default action by a behavioral-based detection anti-malware program is to prompt the user for action while it halts a process or file.

In this anti-malware comparison, we’ll take a look how EmsiSoft Mamutu and ThreatFire by PC Tools performs in preventing positive malware files.

System Requirements and Installation: Winner - ThreatFire

The installation process of ThreatFire is straight forward. The only item that people should be cautious of is the unnecessary installation option of Google software in the ThreatFire installer. Mamutu also installs easily in Windows but you need to register a free EmsiSoft user account before you can start using the behavioral blocking application.

During the install process of ThreatFire, it will run a health check of the PC and advise if any security protection is missing e.g. antivirus, anti-spyware, or firewall. Also, it runs a quick scan to determine if the computer is infected. There’s no requirement to restart the computer after installing any of these zero-day anti-malware programs. Mamutu uses 23.3 MB of hard-disk space while ThreatFire only uses 18.91 MB of HD space.

ThreatFire runs on XP, Vista, Windows Server 2003 and Windows 7. Mamutu also runs on the said operating systems except server operating systems.

User Interface: Winner - Mamutu

Mamutu Navigation Menu

The UI surface of Mamutu is much neater than

ThreatFire UI

. The security status section in ThreatFire first displays the activity and status of the program instead of the worldwide detection status.

The neat navigation menu in Mamutu within the user interface is neat and useful when navigating to the program’s various options.

Features and Performance: Winner - Mamutu

Mamutu Guard: Behavior Blocker Components

Mamutu is packed with useful features that ThreatFire doesn’t offer:

  • Captcha protection when the program is manually shutdown.
  • Intelligent alert reduction - Enabling this feature means Mamutu reduces alerts on legitimate system files, which is not recommended to ensure malware has the ability to inject and will not pass undetected.
  • Option to disable notification for product news, updates, and restart alerts, etc.
  • Set-up non-administrator user accounts and permissions to manage Mamutu.
  • Modify behavior-blocker components.
  • Option to manually add files to be quarantined. Note that ThreatFire also has a quarantine option but no option to manually add files for quarantine.
  • Option to reset to 0 the number of detected behavior patterns.

Check out this Mamutu review to learn more about the product.

ThreatFire, on the other hand, offers the following features that Mamutu doesn’t provide:

ThreatFire Settings

  • Rootkit scanner.
  • Rootkit scan scheduler.
  • Advanced rules to protect host files, launch control, screensavers, etc.

Both programs include a built-in updater, automatic updates and community-based alert detection. What is neat with Mamutu Guard is the pre-checked action on malicious processes or files. ThreatFire’s default action is to prompt the user for action which is exactly the same as Mamutu, but ThreatFire does not auto-suggest an action (to block and quarantine), if the detected item is positive malware or a high risk. Also, Mamutu is quite fast in moving files to quarantine. ThreatFire is slow in sending malware to quarantine which allows the malware to do what it intends, add files in the computer. The good news is ThreatFire monitors the malware and will also quarantine what the executable has added on to the system.

For more information read this ThreatFire review.

Malware Protection: Winner - ThreatFire

ThreatFire’s zero-day protection performed better than Mamutu. I put both to the test by executing 6 malware files, one at a time. Mamutu was able to block 5 out of 6 while ThreatFire was fast and furious in blocking the malicious executable.

Images

ThreatFire Blocks Malware Executable

Mamutu Auto-Block Malicious File

Mamutu Prevented Fake AV Installation

ThreatFire Prevented Fake AV Installation

IRC Bot Blocked by ThreatFire

IRC Bot Blocked by EmsiSoft

Mamutu Blocks Rogue Software

Rogue Software Blocked by ThreatFire

Threat Blocks Trojan

Mamutu Blocks Trojan

ThreatFire blocked this malware but Mamutu did not

Price: Winner - ThreatFire

ThreatFire is free for personal use while Mamutu cost $29.95 per year. Both programs are integrated to other security programs by the vendors:

  • ThreatFire is included in the paid license of Spyware Doctor with Antivirus and PC Tools Internet Security.
  • Mamutu is included in the paid license of EmsiSoft Anti-Malware and the Malware Research Group reports EmsiSoft as #1 in anti-malware tests, earning it a VB100 certification as Best Reactive Scanner.

Conclusion

It’s a neck-in-neck competition because both Mamutu and ThreatFire programs do their jobs in protecting computers against files or processes with suspicious and malicious activity. However, ThreatFire beats Mamutu in blocking zero-day malware attacks and best of all, it’s free!

Reference: Anti-Malware Reviews - https://www.anti-malware-reviews.com/2010/04/13/best-overall-detection-in-mrg-on-demand-test/

Screenshots by author courtesy of: