So guys, what do you think would happen if I ran ComboFix in a fresh VM? I have seen all this stuff about "Do not run ComboFix if you aren't under supervision" and I got to thinking about what would happen. Also, why is it so dangerous?
ComboFix in a fresh VM
- Thread starter exCode
- Start date
The meaning of aren't under supervision is where the tool should use upon the approval of expert, the removal capabilities is aggressive that can kill legitimate functions.
That's why, removal experts needs to diagnose the report of the system before applying any tools.
That's why, removal experts needs to diagnose the report of the system before applying any tools.
- Jul 28, 2014
- 1,989
- 8,250
- 2,889
Since you have a fresh VM, you could just take a snapshot of your current status and run combofix to see if there are any detections and if removing the detection causes any loss of functionality. If so you can just revert back to the snapshot of before ever running combofix, good as new.
I've run it many times on many diferent systems and never had a problem. I think they are just warning you that it's a powerful tool capable of doing harm to your system if you don't know what you're doing.
Last edited:
If your VM is correctly setup you can do anything you like to it , without any risk to the host system.
The only exception I can think of is possibly if you have enabled shared folders , clipboard , drag-and-drop etc.
Other than that , feel free to go nutso .
You can utterly trash the VM and be up and running again in mere seconds .... such great fun !
In Linux I like to dream up the most stupidly dangerous commands possible , and then execute them ( as root of course
)
The only exception I can think of is possibly if you have enabled shared folders , clipboard , drag-and-drop etc.
Other than that , feel free to go nutso .
You can utterly trash the VM and be up and running again in mere seconds .... such great fun !
In Linux I like to dream up the most stupidly dangerous commands possible , and then execute them ( as root of course
)
Last edited:
In Linux I like to dream up the most stupidly dangerous commands possible , and then execute them ( as root of course
Talking of dangerous commands, when I was a Unix admin, back in the 90's, a colleague of mine accidentally ran the command "rm -r *" from the root folder of one of our Servers. This systematically wiped out every file on the filesystem until the OS died because it had removed itself!
I had to rebuild the OS from scratch and restore all the data from tape backups. Not much fun I can tell you.
Sadly, no VM's back in the day, but also thankfully, no real security threats either - other than other admins
You may also like...
-
How common is for malware to sleep when run on a VM?
- Started by Studynxx
- Replies: 9
-
Are the Gen Z gen less serious in cyber security practices?- Started by Brahman
- Replies: 3
-
-
