What it says on the box.
I have an executable I want to run but Avast says it’s infected with win32:evo-gen[susp]
If I run it in a sandbox, can i do so without it getting out and wreaking havoc?
If so, can anyone recommend a good cheap/free one ?
What it says on the box.
I have an executable I want to run but Avast says it’s infected with win32:evo-gen[susp]
If I run it in a sandbox, can i do so without it getting out and wreaking havoc?
If so, can anyone recommend a good cheap/free one ?
win32:evo-gen[susp] = Suspicious
upload and check file(s) here www.virustotal.com / www.jotti.org
why would you take the chanse and run it, even in sandbox?
Unless you have an isolated recent image backup, I certainly wouldn’t depend on
a sandbox or anything else that promises to keep me safe. Just not worth it IMHO.
Personally I wouldn’t run a suspect file in a sandbox, you can’t be 100% sure no harm might come of it. You don’t say what it is and why you would want to run it?
It also rather depends on what the file/program is and what its actions might be. If it required internet access and if your sandbox allowed that. What is to say the any inbound traffic would be contained in the sandbox.
It is far safer to have Avast analyse it, if it is in the avast virus chest, upload it for analysis as a possible FP. Or use the report Avast False Positive File or Website form - https://www.avast.com/false-positive-file-form.php.