Comodo tracking toolkit

I would like to see a program from comodo that can allow you to identify processes that run and modify the system. Something that allows you to see what processes run on the system when you enable tracking mode. Any of the things made by a process while in tracking mode would be identified and give you a sliding message that informs you of the process running and of what it is doing and allow you to roll back changes made to the system by application. For example when tracking mode is enabled:
Process test.exe RUN
Process test.exe CREATE C:\Program Files\Test Folder\test1.exe
Process test.exe MODIFY C:\Program Files\Test Folder\test1.exe - New file size 32kb
And using a cloud based system, the following could be what the message is when the file is trusted by comodo:
Process test.exe RUN - process on trusted vendor list
Process test.exe RUN - known safe application
And if the cloud finds the file is known as malicious:
Process test.exe RUN - found as malicious, click roll back to remove changes made by process
This could be good for people who test applications on a virtual machine because it would find what the application runs and what it modifies.

Sound good. This could be a help for user to use if CIS or other comodo programs use alot of cpu, create dump files or any alike. :slight_smile:


This could be an interesting addition to Killswitch.
I posted a link to your suggestion in the CCE wishlist.


You should make this a poll. i would vote for this. very good idea