Can CIMA detect flame ?
it might help to say what “flame” is
It’s a big viurs with target to collect lot’s of information from organisations: Meet 'Flame,' The Massive Spy Malware Infiltrating Iranian Computers | WIRED .
Yes, comodo already has the sample for it and it will flag it.
Hi, jay2007tech
Are you so sure?
And even if you are - we need more details
This is a malware that has an ability of being dynamically changed - it’s “already there”, remember that?
… saying no more … at the moment
My main question is to OP
Cobaltblue,
Why would you ask about CIMA? How can any or alike service help?
I’m sure you’ve read about this infection before asking.
So, what executables?; how many? & for how long? would you send to CIMA?
What would be a benefit of doing that?
And after all who cares (I mean the devs of that particular malware) what do you personnaly have on your private PC?
They have a specific goal to achieve, aren’t they? (Are you into in-home nuclear development? :D)
So, at the moment if you were hit by this malware, which is most unlikely please wait for their own cleaning/self destroying utility - it will wipe it out completely , because they are not interested in any of your conversations, images, videos sent to your girlfriend/grandma/ etc.
Cheers!
Are you so sure?Yes, I'm sure. I have the malware (Yes, theres more then 1 file) and it flags it. I gave languy a copy of what I have
This is a malware that has an ability of being dynamically changedSo can any malware, the only difference is it's got the media's attention. You don't see "TDSS" or "poison ivy" making the local news
we need more detailsSure :) http://arstechnica.com/security/2012/06/why-antivirus-companies-like-mine-failed-to-catch-flame-and-stuxnet/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29
Nahh! You are not!
You may have “it” , but what is that silly lil part of “it” that can be recognized, when you have many files?
Then by “dynamically changed” I did not mean poly- or iso- morphic changes (which could be a part of a technique… but just “as well”) , please read again
Not true, because, as above - that is a completely different technique in this case
hmmm 88) I’m quite aware , but again we are talking about different things, as far as I can see
I do see a lot, do not be sarcastic, where it is not necessary… again… we are talking about absolutely different things
As for the link provided by you:
Sorry man, you contradicted yourself by posting the above
Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.
Finally , after all & again re: the initial request - how CIMA can help? You are talking about CIS, aren’t you?
At the moment I do not see it being capable of neither identifying (unless very partially)
nor of completely cleaning the stuff we are talking about
Cheers!
but what is that silly lil part of "it" that can be recognized, when you have many files?If your asking me which ones get flagged based on what I have then comodo and emsisoft recognized the same ones . Could there be ones out that are not recognized? <-- of course