False Positive on Git Kraken Software (IDP.generic)

Hello,

I’m trying to install Git Kraken (an user friendly software to manage Git versions) and I got a popup error: Infected by IDP.Generic.

This .exe it’s genuine because it was download from the original source/publisher/developer. It was scanned using Virus Total and it also look clean.

Could you please guys have a look asap?

https://www.virustotal.com/gui/file/e4d8f1772cf389e17e7921f8664a943e7ff6e67691aa9bf28e88da3f7616d8f6/detection

Thank you very much,

L.S.

As your avast antimalware program has suddenly warned you about IDP.generic virus?

For the people who use security solutions like avast or AVG, “IDP.Generic” might be a familiar term.
This term is not limited to a single malware program.
It is, in fact, a generic term used by antimalware solutions for naming identity theft programs. I
DP stands for Identity Detection Protection.

Whenever a security solution pop-ups the “IDP.Generic” pop-up, it indicates,
that the antimalware program has detected an unusual behavioral pattern.
That is, the cybercriminals made an attempt to steal your personal information.

However, many times an antimalware show a false-positive result because it is outdated or broken.
A false-positive result means that antimalware would catch the program or files that are not actually malware.
As a result, it reports many legitimate programs such as gaming platform steam, discord, and others as malicious.

Because of the repetitive false-positive detection, people tend to ignore the “IDP.Generic” threat.
This is where cybercriminals take advantage. They release and bypass the malicious files by naming them similar to legit files.
Most users ignore the warnings from the security solution, thinking them as a false-positive.

It is a best practice to check the files thoroughly before you mark them safe. (info credits Peter Balthazar)

Time now to send the file to avast’s and wait for their final verdict, whether this is a FP or the real McCoy in malicious terms,
you could do that accordingly here: https://www.avast.com/false-positive-file-form.php

polonus

Thank you very much for your quick answer. This form seems to be broken at some point (internal server error). I will try again in a while.

Cheers.

Thank you very much for your quick answer.
@Polonus did a Google search an gave you a copy paste

https://www.malwarefox.com/remove-idp-generic-virus/

Hi Pondus,

Well that may be true (added the source of that description), but only partly to describe the actual threat as this description is very accurate. Avast Team will eventually respond to the file being reported by the OP. I asked him to react with the final results.

If you have something additional to add, you are welcome,

polonus

If you have something additional to add, you are welcome,
It is just a general description from a ad siste promoting malware fox …. a program you find no test/reviews about on any reputable it tech siste

The nett is full of these websites that will popup if you do a malware name search. It is all about promoting the program on the website and the malware description given is usually a one description fits all type

My posting was not about promoting any program, it was about a general description of why the term IDP generic, that was helpful here.
In other words:

IDP stands for Identity Detection Protection. Whenever a security solution pop-ups the “IDP.Generic” pop-up, it indicates that the antimalware program has detected an unusual behavioral pattern.

That any better or similar, this time taken from what you call reputable sources, where we find a similar description.

polonus

I tried to send this file but the form you sent me looks still broken.

Can you give more details.
What did you try and how is it broken (the link works) ?
Are you getting any error messages ?

I think I realized what the problem is: Form says 50MB max. and this .exe is around 150MB… so not a clue how to send to Avast workers for a profesional review :frowning:

You can upload and scan file at https://www.virustotal.com/

When done post link to scan result here. Avast lab can then fetch file from VT

Here we are: https://www.virustotal.com/gui/file/e4d8f1772cf389e17e7921f8664a943e7ff6e67691aa9bf28e88da3f7616d8f6/detection

Cheers