Malware / Virus Analysis

[Guest]

[Spork Schivago]

Hello.  I am interested in malware / virus analysis.  I want to know if I can use Comodo Programs Manager to monitor exactly what changes a virus makes to my system.  I will be running Comodo in a virtual machine so undoing the damage should not be a problem.  I am also taking certain precautions with my host operating system to make sure nothing gets outside.  I am just wondering if in fact Comodo Programs Manager will monitor ALL changes.  Such as DLL registration, injections, etc.   Thanks for the help and for providing a program like this for free.

[Tech]

Well, CTM will work but it's not intended to monitor the system against malware.

Maybe you can think on:
1. "Running" the malware in a virtual environment.
2. Use the free tool http://www.toolwiz.com/products/toolwiz-time-freeze until Comodo Time Machine does not get gold. Look, some rootkit are capable to bypass Toolwiz Time Freeze also.

[Spork Schivago]

Well, CTM will work but it's not intended to monitor the system against malware.

Maybe you can think on:
1. "Running" the malware in a virtual environment.
2. Use the free tool http://www.toolwiz.com/products/toolwiz-time-freeze until Comodo Time Machine does not get gold. Look, some rootkit are capable to bypass Toolwiz Time Freeze also.

Thank you for the reply.  Sorry I haven't been able to get back to you until day, I've been busy working on a few customers computer.  I will try Toolwiz Time Freeze.  I don't think the rootkit bypassing Toolwiz Time Freeze will do any damage.  It might make it a bit harder to analyze though.  If worst comes to worst, I'll just revert to an earlier snap-shot.  Thanks.

[Tags:]