Hello. I am interested in malware / virus analysis. I want to know if I can use Comodo Programs Manager to monitor exactly what changes a virus makes to my system. I will be running Comodo in a virtual machine so undoing the damage should not be a problem. I am also taking certain precautions with my host operating system to make sure nothing gets outside. I am just wondering if in fact Comodo Programs Manager will monitor ALL changes. Such as DLL registration, injections, etc. Thanks for the help and for providing a program like this for free.
Well, CTM will work but it’s not intended to monitor the system against malware.
Maybe you can think on:
- “Running” the malware in a virtual environment.
- Use the free tool Welcome To ToolWiz until Comodo Time Machine does not get gold. Look, some rootkit are capable to bypass Toolwiz Time Freeze also.
Thank you for the reply. Sorry I haven’t been able to get back to you until day, I’ve been busy working on a few customers computer. I will try Toolwiz Time Freeze. I don’t think the rootkit bypassing Toolwiz Time Freeze will do any damage. It might make it a bit harder to analyze though. If worst comes to worst, I’ll just revert to an earlier snap-shot. Thanks.