Author Topic: CIMA Wishlist  (Read 86559 times)

Offline idem

  • Comodo Staff
  • Comodo Member
  • *****
  • Posts: 40
Re: CIMA Wishlist
« Reply #15 on: January 14, 2009, 05:48:35 AM »
Please try now.

New version is out...and I have something to say:

I don't like two scroll bars.
See attached.

Otherwise this release is great!

Offline LaserWraith

  • pillow fighting fool
  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 4590
  • I'm going to go out with a bang
Re: CIMA Wishlist
« Reply #16 on: January 14, 2009, 02:10:09 PM »
Please try now.


Wonderful!  Thanks. 

I also like how quick you were.  (:HUG) :comodorocks:

Offline gjmveloso

  • Malware Research Group
  • Comodo Loves me
  • *****
  • Posts: 165
Re: CIMA Wishlist
« Reply #17 on: January 27, 2009, 02:31:40 PM »
Maybe a button with "I believe that is a real malware" for non rated as suspicious by CIMA files.

With this action files not rated as suspicious goes direclty to AV Lab for further analysis. Surely, works with CIMAS submitted samples are easier than work with VirusTotal submitted samples.
Brazillian Comodo User

Offline fazio93

  • Comodo Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2455
Re: CIMA Wishlist
« Reply #18 on: January 27, 2009, 06:29:55 PM »
Maybe a button with "I believe that is a real malware" for non rated as suspicious by CIMA files.

With this action files not rated as suspicious goes direclty to AV Lab for further analysis. Surely, works with CIMAS submitted samples are easier than work with VirusTotal submitted samples.

+1  :-TU
Windows 7 Ultimate 64-bit
Please remember to follow the Forum Policy.

Offline Jim__

  • Comodo Loves me
  • ****
  • Posts: 124
Re: CIMA Wishlist
« Reply #19 on: January 28, 2009, 07:23:19 PM »
Windows Explorer
Context menu "send to" function to submit a file. See VirusTotal Uploader as an example http://www.virustotal.com/metodos.html

Offline The Joker

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 564
  • Let’s put a smile on that face!
Re: CIMA Wishlist
« Reply #20 on: February 08, 2009, 11:40:22 PM »
I'd like to have the option to choose the sample type (1. Malware (Viruses, Trojans...), 2. Spyware, Adware, Riskware and 3. False positive) like in https://analysis.f-secure.com/
HP Pavilion DV4 2040BR l Windows 7 SP1 Home Premium x64 l CIS 7.0 BETA (Proactive Security) (AV: Stateful l FW: Safe Mode l HIPS: Safe Mode l Sandbox: Fully Virtualized)

______________________________

It's all part of the plan!

Offline Commanding The Celsius

  • Product Translator
  • Comodo's Hero
  • *****
  • Posts: 1520
  • ^^^^
Re: CIMA Wishlist
« Reply #21 on: February 10, 2009, 11:03:37 AM »
Better noticing of keyloggers.
Usually slips by..

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: CIMA Wishlist
« Reply #22 on: February 10, 2009, 03:06:29 PM »
I'd like to have the option to choose the sample type (1. Malware (Viruses, Trojans...), 2. Spyware, Adware, Riskware and 3. False positive) like in https://analysis.f-secure.com/
That's for submitting samples only, it won't generate a report

Better noticing of keyloggers.
Usually slips by..
The same problem as with most rogues. Those are the installers and as they won't do anything harmfull, nothing will be said ...

Xan

Offline The Joker

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 564
  • Let’s put a smile on that face!
Re: CIMA Wishlist
« Reply #23 on: February 11, 2009, 01:36:37 AM »
That's for submitting samples only, it won't generate a report

I'd like submit samples (with a report), but also submit false-positives, as F-Secure (without report) does.
HP Pavilion DV4 2040BR l Windows 7 SP1 Home Premium x64 l CIS 7.0 BETA (Proactive Security) (AV: Stateful l FW: Safe Mode l HIPS: Safe Mode l Sandbox: Fully Virtualized)

______________________________

It's all part of the plan!

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: CIMA Wishlist
« Reply #24 on: February 11, 2009, 02:16:35 AM »
So I assume that you want this :

please choose from
1) Create a CIMA Report
2) Send malware to the developers
3) Report a False Positive

Good idea, I asked for that before, but ...  (:m*)

Xan

Offline The Joker

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 564
  • Let’s put a smile on that face!
Re: CIMA Wishlist
« Reply #25 on: February 11, 2009, 02:34:27 PM »
Yes, that's it!
HP Pavilion DV4 2040BR l Windows 7 SP1 Home Premium x64 l CIS 7.0 BETA (Proactive Security) (AV: Stateful l FW: Safe Mode l HIPS: Safe Mode l Sandbox: Fully Virtualized)

______________________________

It's all part of the plan!

Offline salmon

  • Malware Research Group
  • Comodo Family Member
  • *****
  • Posts: 76
Re: CIMA Wishlist
« Reply #26 on: February 22, 2009, 11:43:48 AM »
Be able to download files created my only wish  ^_^

Offline IBadget

  • Comodo Family Member
  • ***
  • Posts: 52
Re: CIMA Wishlist
« Reply #27 on: February 23, 2009, 09:02:46 AM »
I would like to see CIMA integrated into CIS. That way, users can analyze a file's behavior without having to block requests one by one. When D+ presents an alert, the following options should be available:

  • Allow this request
  • Block this request
  • Treat as ...
  • Perform CIMA

Performing CIMA within CIS will allow users to study the file's behavior at their own convenience. Going through dozens of D+ alerts to block requests can be tiring and inconvenient.

Offline Ronny

  • Product Translator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 13539
  • Volunteer Moderator
Re: CIMA Wishlist
« Reply #28 on: February 23, 2009, 09:33:29 AM »
Version 3.9 will bring CIMA like heuristics :-))
Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy -  update Jan 3rd 2013!

Offline OmeletGuy

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2914
  • Dragon Theme Maker
Re: CIMA Wishlist
« Reply #29 on: April 18, 2009, 05:41:07 PM »
To Ronny No it wont. sorry  :(

I tested a cuple of known trojans and 2 of them were rated suspicious.
The problem i see is that one made OVER 3000 http Queries and that was not suspicious???? it should be!
And the other deleted more then 150 values in this folder (LM\System\CurrentControlSet\Control\SafeBoot) if i understand that the right, thats SafeMode Values that should also be suspicious!
System Details: W8.1-64bit | 16GB DDR3 | Intel Core I7-4710MQ[at]2.5Ghz to 3.5Ghz | CIS 8.2 | Geforce 840M

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek