cancel
Showing results for 
Search instead for 
Did you mean: 

F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

cdd
Scholar

F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

F-Secure detects git/bin/pdfinfo.exe as Trojan.Generic.11954596 when installing latest git-scm 1.9.4 on Windows 8.1 64bit.

 

Not only this is a false detection but with upgrading to the latest F-Secure version it has configured itself to automatically disinfect files.

 

Further more F-Secure replaced my etc/hosts file with a blank version while disinfecting the file. Only due to the fact that I am backing my hosts file on each change I have not lost this very essentatial configuration. It would have taken hours to restore as I would have needed to find out all of the IP addresses of my customers remote servers again.

 

Sorry guys but this s***!

 

Your software silently evolved to a product which I can hardly recommend to anyone anymore...

 

Smiley Frustrated

 

 

6 REPLIES 6
Superuser

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

I'm not F-Secure staff, but sorry to hear you've had problems.

 

Can I suggest you Submit a Sample of the affected file, so that it can be analysed, and whitlisted?

cdd
Scholar

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

Hi Simon,

thanks for your response and the suggestion. I have just submitted the original Installer file which I have downloaded last night to SAS now.

I'll update this topic once the analysis is complete.

Regards,
Carsten
Senior Advisor

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

Hi

 

First you have to submit the infected file to F-Secure SAS.

 

https://analysis.f-secure.com/portal/login.html

 

Then after doing that try ...virus total to confirm...

 

https://www.virustotal.com/

Highlighted
F-Secure

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

Hi Carsten,

 

May we know if the issue was resolved after submitting the file to the SAS portal?

 

Regards,

cdd
Scholar

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

Hi Federico,

 

thanks for your response.

 

I have submitted the Installer to SAS though nothing was reported there as well.

 

And as I installed git-scm with F-Secure disabled after reporting about here and the installed pdfinfo.exe file is not detected as trojan when scanning it afterwards I have no open issue.

 

Nevertheless I still wonder what might have caused the false detection and why F-Secure destroyed the hosts file.

 

So I hope this does not happen again to me or others.

 

Regards,

Carsten

Superuser

Re: F-Secure detects git\bin\pdfinfo.exe as Trojan.Generic.11954596

Hi Carsten,

If you want to know more, perhaps you could submit a support ticket, attaching an FSDIAG, so that the guys can have a look at what went on?