Author Topic: False Positive on Git Kraken Software (IDP.generic)  (Read 1255 times)

0 Members and 1 Guest are viewing this topic.

Offline PFE

  • Newbie
  • *
  • Posts: 6
False Positive on Git Kraken Software (IDP.generic)
« on: July 30, 2021, 09:22:17 PM »
Hello,

I'm trying to install Git Kraken (an user friendly software to manage Git versions) and I got a popup error: Infected by IDP.Generic.

This .exe it's genuine because it was download from the original source/publisher/developer. It was scanned using Virus Total and it also look clean.

Could you please guys have a look asap?

https://www.virustotal.com/gui/file/e4d8f1772cf389e17e7921f8664a943e7ff6e67691aa9bf28e88da3f7616d8f6/detection

Thank you very much,

« Last Edit: July 31, 2021, 12:08:46 AM by PFE »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33319
  • malware fighter
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #1 on: July 30, 2021, 10:58:53 PM »
L.S.

As your avast antimalware program has suddenly warned you about IDP.generic virus?

For the people who use security solutions like avast or AVG, “IDP.Generic” might be a familiar term.
This term is not limited to a single malware program.
It is, in fact, a generic term used by antimalware solutions for naming identity theft programs. I
DP stands for Identity Detection Protection.

Whenever a security solution pop-ups the “IDP.Generic” pop-up, it indicates,
that the antimalware program has detected an unusual behavioral pattern.
That is, the cybercriminals made an attempt to steal your personal information.

However, many times an antimalware show a false-positive result because it is outdated or broken.
A false-positive result means that antimalware would catch the program or files that are not actually malware.
As a result, it reports many legitimate programs such as gaming platform steam, discord, and others as malicious.

Because of the repetitive false-positive detection, people tend to ignore the “IDP.Generic” threat.
This is where cybercriminals take advantage. They release and bypass the malicious files by naming them similar to legit files.
Most users ignore the warnings from the security solution, thinking them as a false-positive.

It is a best practice to check the files thoroughly before you mark them safe.  (info credits Peter Balthazar)

Time now to send the file to avast's and wait for their final verdict, whether this is a FP or the real McCoy in malicious terms,
you could do that accordingly here: https://www.avast.com/false-positive-file-form.php

polonus

« Last Edit: July 31, 2021, 12:22:38 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline PFE

  • Newbie
  • *
  • Posts: 6
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #2 on: July 30, 2021, 11:49:41 PM »
Thank you very much for your quick answer. This form seems to be broken at some point (internal server error). I will try again in a while.

Cheers.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37105
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #3 on: July 31, 2021, 12:19:20 AM »
Quote
Thank you very much for your quick answer.
@Polonus did a Google search an gave you a copy paste

https://www.malwarefox.com/remove-idp-generic-virus/




Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33319
  • malware fighter
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #4 on: July 31, 2021, 12:28:30 AM »
Hi Pondus,

Well that may be true (added the source of that description), but only partly to describe the actual threat as this description is very accurate. Avast Team will eventually respond to the file being reported by the OP. I asked him to react with the final results.

If you have something additional to add, you are welcome,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37105
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #5 on: July 31, 2021, 12:42:17 AM »
Quote
If you have something additional to add, you are welcome,
It is just a general description from a ad siste promoting malware fox …. a program you find no test/reviews about on any reputable it tech siste


The nett is full of these websites that will popup if you do a malware name search. It is all about promoting the program on the website and the malware description given is usually a one description fits all type



« Last Edit: July 31, 2021, 12:00:37 PM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33319
  • malware fighter
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #6 on: July 31, 2021, 12:53:34 PM »
My posting was not about promoting any program, it was about a general description of why the term IDP generic, that was helpful here.
In other words:
Quote
IDP stands for Identity Detection Protection. Whenever a security solution pop-ups the “IDP.Generic” pop-up, it indicates that the antimalware program has detected an unusual behavioral pattern.


That any better or similar, this time taken from what you call reputable sources, where we find a similar description.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline PFE

  • Newbie
  • *
  • Posts: 6
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #7 on: August 01, 2021, 03:25:16 PM »
I tried to send this file but the form you sent me looks still broken.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85745
  • No support PMs thanks
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #8 on: August 01, 2021, 03:36:12 PM »
I tried to send this file but the form you sent me looks still broken.

Can you give more details.
What did you try and how is it broken (the link works) ?
Are you getting any error messages ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline PFE

  • Newbie
  • *
  • Posts: 6
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #9 on: August 01, 2021, 04:21:25 PM »
I think I realized what the problem is: Form says 50MB max. and this .exe is around 150MB... so not a clue how to send to Avast workers for a profesional review :-(

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37105
Re: False Positive on Git Kraken Software (IDP.generic)
« Reply #10 on: August 01, 2021, 04:42:26 PM »
You can upload and scan file at https://www.virustotal.com/

When done post link to scan result here. Avast lab can then fetch file from VT