Flame detect

[Guest]

[Cobaltblue]

Can CIMA detect flame ?

[wasgij6]

it might help to say what "flame" is

[EricJH]

It's a big viurs with target to collect lot's of information from organisations: http://www.wired.com/threatlevel/2012/05/flame/all/1 .

[jay2007tech]

Yes, comodo already has the sample for it and it will flag it.    

[SiberLynx]

Yes, comodo already has the sample for it and it will flag it.    

Hi, jay2007tech

Are you so sure?

And even if you are - we need more details
This is a malware that has an ability of being dynamically changed - it's "already there", remember that?

... saying no more ... at the moment

My main question is to OP

Cobaltblue,

Why would you ask  about CIMA? How can any or alike service help?
I'm sure you've read about this infection before asking.

So, what executables?; how many? & for how long? would you send to CIMA?
What would be a benefit of doing that?

And after all who cares (I mean the devs of that particular malware) what do you personnaly have on your private PC?
They have a specific goal to achieve, aren't they? (Are you into in-home nuclear development?  )     

So, at the moment if you were hit by this malware, which is most unlikely please wait for their own cleaning/self destroying utility - it will wipe it out completely , because they are not interested in any of your conversations, images, videos  sent to your girlfriend/grandma/ etc.

Cheers!

[jay2007tech]

Are you so sure?

Yes, I'm sure.  I have the malware (Yes, theres more then 1 file) and it flags it.  I gave languy a copy of what I have

This is a malware that has an ability of being dynamically changed

So can any malware, the only difference is it's got the media's attention.  You don't see "TDSS" or "poison ivy"  making the local news

we need more details

Sure
http://arstechnica.com/security/2012/06/why-antivirus-companies-like-mine-failed-to-catch-flame-and-stuxnet/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29

[SiberLynx]

Yes, I'm sure.

Nahh! You are not!  

I have the malware (Yes, theres more then 1 file) and it flags it.  I gave languy a copy of what I have

You may have "it" , but what is that silly lil part of "it" that can be recognized, when you have many files?
Then by "dynamically changed" I did not mean poly- or iso- morphic changes (which could be a part of a technique...  but just "as well") , please read again

So can any malware

Not true, because, as above - that is a completely different technique in this case

the only difference is it's got the media's attention

hmmm   I'm quite aware , but again we are talking about different things, as far as I can see

 You don't see "TDSS" or "poison ivy"  making the local news Sure

I do see a lot, do not be sarcastic, where it is not necessary... again...  we are talking about absolutely different things

As for the link provided by you:  
 
Sorry man, you contradicted yourself by posting the above

Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.

Finally , after all & again re: the initial request -  how CIMA can help?  You are talking about CIS, aren't you?

At the moment I do not see it being capable of neither identifying (unless very partially)
nor of completely cleaning the stuff we are talking about

Cheers!

[jay2007tech]

but what is that silly lil part of "it" that can be recognized, when you have many files?

If your asking me which ones get flagged based on what I have then comodo and emsisoft recognized the same ones .  Could there be ones out that are not recognized? <-- of course

[Tags:]