I’m about to run an executable which is almost certainly malware. My objective is to see the changes it makes in the system. I’ll probably use a virtual system for that but I’m wondering if I would be completely secure running it manually through Comodo Sandbox in Untrusted mode or if some permanent changes could be made.
There is always risk with malware.
The manual sandbox should contain it, but just in case, I’d definitely try it in a virtual system.
Thanks for your answer.
One more thing, where is the virtual registry stored? Is it in %SystemDrive%\VirtualRoot? Because I can’t find it.
Yes, it’s C:\VritualRoot. (not a typo) It’s a hidden folder, so you’ll need to change your folder options to be able to see it.