https://community.norton.com/t/trustworthy-programs-ending-up-as-idp-generic-and-im-sick-of-it/248354/19

Seems to be a bit more common.
And Norton seems to be very "protective" about being "right" here.

Btw.
Every time a AV tells you something with "generic" in, it is not a virus signature finding.
It is a heuristic finding.
And heuristic findings are usually bullshit.
Means, the AV got some definitions of code parts or behavior or whatever, that can be found in malware too, but usually not exclusively. It is not "I found a virus I know" but "I found something that kinda looks like it might have something that bad things might have had in the past - maybe"

So, it is not even remotely close to be something bad, because often enough even MS own windows files could be hit by this heuristic.
And to prevent this, AVs got huge Whitelist of secure applications, they often enough fail to maintain properly or they forget secure software anyway.

To be honest, I never heard about a heuristic find actually ever found malware.
Doesn't prevent more or less all AVs being talking to you in high self confidence about their finding. Because they never fail - or so.

Some years ago, Norton basically merged with Avira and Avast, with all of them being more or less the same now.
So, Norton is still nagging, to some degree prone to false positives and very hard to make believe it is wrong.

I been using it for year's and scan my PC regularly. Usually I run Malewarebtyes and then do another scan using secondary AV.

Also, use VT to check. Just did scan and everything came back clean.

I don't do a lot of add-ons. The main ones that I use are Details to Grid Converter, Game Activity, Installation Status Updater, Theme Modifier. I also have some libraries. That's it.

Back when I used to use it, Norton once nuked Steam immediately after an update. It's pretty aggressive when it comes to generic (heuristic) detections, so I wouldn't be thinking it's genuinely infected. Like others said, run it through virustotal and see what other software says.

A small google search even shows the problem here
https://www.google.com/search?q=norton++IDP.Generic

It is not that all that software is infected with "something".
The problem is Norton. And it seems like it started roughly 2 months ago.

And to be honest, Norton has been a problem for decades now, where the only right answer to "Norton found something" was (and still is) "deinstall Norton, problem solved".

Without any AV installed, the Windows Defender is active and works as a more then good enough AV (and it won't cost a dime).
If you want to go for another AV but with very low false positive rates, Eset (Nod32) is the way to go.
If you are advanced in computer usage and want to use another way that relies more on sandboxing and stuff, use Comodo Security (they got the best personal Firewall at last).

But Norton is seen as a problematic software on its own often enough, that is using up way to much resources and being way to invasive.
it is even hard to get rid of it.

Edit:
Btw, small found from the internet

IDP.Generic is a threat name given to a suspicious process or application detected by Avast and AVG’s malware scanners. IDP is short for Identity Protection, whereas Generic means the threat was found in a standard file (such as an .EXE file).

And yeah, Norton is basically the same AV engine. That is the reason I won't link it, because that guy says install Norton to see if this is right or wrong.
Ehm...

So, its a program to keep track of content across platforms?

Heroic if you're not allergic to Electron.

No, it means you need to uninstall Norton.


As others have said, this is a heuristic find which is as good as saying you met Taylor Swift in your local bakery because someone there looked vaguely feminine and bought bread. A food that Taylor Swift is alleged to have eaten on at least one occasion while being by all accounts a woman.

tl;dr: It's bullshit. Uninstall snake oil.

Hey hey, he just said "some playnite file", no specific name nor checksum nor nothing, so it may be just about anything. He did not report back what VT and Jotti had to say, so let's just assume that Norton could in theory be correct, even if unlikely, until we get more details.

While true, one cannot hold antivirus software to any standard these days, due to aforementioned heuristics. (Especially now with "AI training.") Norton and AVG mostly became about finding PUPs in the modern age, lacking for interesting viruses to bust, meaning that they would look for production disrupting programs instead of actual threats to a system. Playnite could have all sorts of things that would make an AV suspect things, including the ability to install things or change settings.

yes yes yes, i heard that one before. I have many years of roaming about in my pc under the belt....

one thing i do know that is those ' heuristic finds' always seem to apply to the more indie part of the app scene

Those same programs that somehow manage to fuck up your pc while you use them. Maybe that's also an indication of my skill level but i tend to tread on the safe side of live these days....

and listen to Norton

Norton did *not* detect a known virus.
It has a module that monitors the behavior of all running applications for suspicious activity.
In your case, it detected a "browser subprocess", i.e. some program trying to connect to the internet to do *something*. This could be bad (for example, sending stolen user data to a server operated by criminals), but could very well be absolutely harmless (ex: checking a database for updates or compatibility fixes). Can't really tell more because your attached screenshot doesn't even name the application or process in question.

IMHO, re-installing your whole system in this situation is a crazy overreaction, and not being "on the safe side".
If you are afraid, that a virus could damage your system, you don't go and tear down the system yourself.
Instead, (1) backup your user data and (2) do some further investigation.

Jeez, people don't understand what the monitoring of behavior means. It all depends on context and intentions. Otherwise, go ahead and call the police immediately whenever someone picks up a hammer. Because it's much "safer" to arrest them for attempted murder than blindly believe their wild stories about wanting to hang a photo frame on the wall.



Heuristic analysis and behavioral monitoring take into account whether an application is signed by a big corporation or other well-known non-commercial entity. Their apps get greenflagged (trusted) automatically which is why you never see AV reports about them. Smaller developers have much more difficulties to get their applications signed. Signatures from trustworthy instances cost big $$$ or else aren't universally recognized by other parties (and thus mostly useless). This "system of trust" clearly favors the big players and screws over the indie / open source devs.