F/P on a .pdf document file

Avast definitions 15-07-20-2 is suddenly picking up on an almost 3-year-old document “Sophos_ZeroAccess_Botnet.pdf” as PDF:Url-Mal [Trj].

It is clean according to 54 other anti-virus engine at VirusTotal
https://www.virustotal.com/en/file/71bf30b5ac3436becb41a73aba35d2e88a0580b8193bcceb2ef91ee73d6e50c1/analysis/1437433852/

Hi David.

Add it to the virus chest and send it to Avast lab as a F/P.

Regards.

Hernan,

I already did that. But figured it couldn’t hurt to report here as well.

No harm done really :wink: If it is your document, surely it is a F/P.

It’s a copy of a technical paper issued by Sophos Labs, dated Sept. 2012, entitled “The ZeroAccess Botnet – Mining and Fraud for Massive Financial Gain”. It’s been sitting in my documents folder ever since I downloaded it. Avast never questioned it until today’s scan.

Hello,
the PDF contains clickable URL “hxtp://google-updaete.com:8344/”.

Milos

https://www.virustotal.com/nb/url/7ef59a7a66ea88b35ccca18103ef7f196879cdc50cf8e78ce6e55156a713c293/analysis/1437482453/

Thank you for the explanation.