F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

F-Secure detects git/bin/pdfinfo.exe as Trojan.Generic.11954596 when installing latest git-scm 1.9.4 on Windows 8.1 64bit.


Not only this is a false detection but with upgrading to the latest F-Secure version it has configured itself to automatically disinfect files.


Further more F-Secure replaced my etc/hosts file with a blank version while disinfecting the file. Only due to the fact that I am backing my hosts file on each change I have not lost this very essentatial configuration. It would have taken hours to restore as I would have needed to find out all of the IP addresses of my customers remote servers again.


Sorry guys but this s***!


Your software silently evolved to a product which I can hardly recommend to anyone anymore...


Smiley Frustrated




  • Simon
    Simon Posts: 2,674 Superuser

    I'm not F-Secure staff, but sorry to hear you've had problems.


    Can I suggest you Submit a Sample of the affected file, so that it can be analysed, and whitlisted?

  • cdd
    cdd Posts: 4
    Hi Simon,

    thanks for your response and the suggestion. I have just submitted the original Installer file which I have downloaded last night to SAS now.

    I'll update this topic once the analysis is complete.

  • Rusli
    Rusli Posts: 1,005 Influencer



    First you have to submit the infected file to F-Secure SAS.




    Then after doing that try ...virus total to confirm...



  • Hi Carsten,


    May we know if the issue was resolved after submitting the file to the SAS portal?



  • cdd
    cdd Posts: 4

    Hi Federico,


    thanks for your response.


    I have submitted the Installer to SAS though nothing was reported there as well.


    And as I installed git-scm with F-Secure disabled after reporting about here and the installed pdfinfo.exe file is not detected as trojan when scanning it afterwards I have no open issue.


    Nevertheless I still wonder what might have caused the false detection and why F-Secure destroyed the hosts file.


    So I hope this does not happen again to me or others.




  • Simon
    Simon Posts: 2,674 Superuser
    Hi Carsten,

    If you want to know more, perhaps you could submit a support ticket, attaching an FSDIAG, so that the guys can have a look at what went on?
This discussion has been closed.
Pricing & Product Info