Avast Premium Security detected “Stirling PDF.exe” infected with IDP.Generic, it looks like a false alert. Can someone confirm ?
Striling PDF Installable : https://files.stirlingpdf.com/win-installer.exe
Steps to Reproduce:
After installation of Striling PDF, Avast detected “Stirling PDF.exe” with IDP.Generic
Scan result from TotalVirus: -
IDP.Generic or any other generic detection I would say has a lower standard, given the use of generic methods (not being specific).
I’m not sure how the other scans at VT go about checking the installer, the ones where it timed out are probably trying to unpack it to do a thorough scan of what would be a packed executable.
Possible False Positive - New location to report both a False Positive and or a False Negative (for File or URL)
When you get an Avast Alert, expand it to Show Details and there should be a means to report a possible FP there also.
If the file was sent to quarantine you could also submit it from there.
Whilst you don’t get a direct reply, ordinarily it should get checked out in 48hrs, if found to be false it would be removed from detections.
After a period of time, try sending it back from quarantine and see if it triggers an Alert of get back to the original location.
I just want to add that avast is NOT identifying the static file as a threat (i.e scan or when installed), but only it’s behaviour when it is executing.
Thanks for that without the OP posting a screenshot of the Avast Alert it isn’t clear.
It seems a strange malware name IDP.Generic and what it means Identity Protection Generic according to my search.
Seems strange for something on your system.
You can check multiple screenshots here @ github [slash] Stirling-Tools [slash] Stirling-PDF [slash] issues [slash] 3714
New forum members are restricted to posting images in the post and using external links.
If the image is saved on your system the image can be dragged and dropped into the post.
I personally don’t use github, haven’t got an account.
So how else am I supposed to share an image? You don’t need an account to access a public github repo BTW.
Replicate what I did in my last post.
If you have the image on your desktop, when you get to the point to inserting an image, just use windows explorer to drag and drop the image into the post (not attaching as that is restricted).
That way, it keeps it in the topic and no one has to click an unknown external link to see the image.
