IDP Generic detection was detected on InstallFlashPlayer.exe, which is temporarily file under C:\Windows\SysWOW64\Macromed\Temp folder. This file is always deleted immediately after installation. So is nothing to do with FlashPlayerUpdateService.exe which trigger update. And because was detected by Behavior shield, FileSystem shield found that executable as clean. (FileSystem shield scan first, if file is clean then execute).
It is not PUP, Behavior shield not scan PUPS, only other shields do. Also PUP detection is marked as PUP not IDP Generic.
I meant Flash Player itself may now be being treated as a PUP so, of course, its installer and the updater processes are now treated as IDP Generic detections ie. behaviour that appears to be malware.
The fact is your Flash Player still updated so whatever and why AVAST was doing what it did was late and ineffective.
https://appuals.com/what-is-idp-generic/The interesting parts of that article are:-
"IDP generic means that the detection was detected by an
Identity
Protection
Detection component of your antivirus and it is a generalized file that got detected. Your files will be flagged by this whenever the file does something identical to malware that triggers the flag."
"The most common cause of this false positive flag is usually an outdated definition of your antivirus program."
Another explanation is that the definitions have been changed and it is a false positive caused by the AV now, wrongly, detecting the normal behaviour of the Flash Player updater as suspicious.
What points to this being an obvious FP is that the Windows\SysWOW64\Macromed folder actually contains a FlashPlayerUpdateService.exe. Pretty pointless virus chesting just the updater EXE and not the EXE that has just downloaded it automatically and will continue to do so if the Flash Player Installation is not updated.