Deepguard 2012_03_13_02, Acquarius 2012_03_13_08, Hydra 2012_03_13_03 NOT UPDATING

hello to all the expert and apologyze for my worse english!

my problem is really simple (i think)

two day ago (12_03_2012) my Fsecure clinet security give me an alert with the yellow spot on the F logo.

I try to updating the product and the control center told me that the product has the latest update but if I open the other setting tab on the settings menu it's result that

Deepguard 2012_03_13_02,

Acquarius 2012_03_13_08,

Hydra 2012_03_13_03

was not installed.

I try to use fsdbupdate9.exe to manual updating the product.

After that the fsdbupdate9 told me that all is updating and that the F logo on my sistem tray become "normal", few second later the yellow spot appears again

What's happen? Maybe i'm infected by some spyware or malware?

This is part of the log concerning the not update of Deepguard 2012_03_13_02,Acquarius 2012_03_13_08,Hydra 2012_03_13_03:

[ 2740]Tue Mar 13 09:25:28 2012(3):  Agent shutting down
[ 1516]Wed Mar 14 00:23:58 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
[ 2580]Wed Mar 14 00:25:42 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
[ 2580]Wed Mar 14 00:26:02 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2580]Wed Mar 14 00:26:05 2012(2):  Update check completed successfully. No updates are available.
[ 2580]Wed Mar 14 00:30:21 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2580]Wed Mar 14 00:30:22 2012(2):  Update check completed successfully. No updates are available.
[ 2580]Wed Mar 14 00:30:23 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2580]Wed Mar 14 00:30:23 2012(2):  Update check completed successfully. No updates are available.
[ 2580]Wed Mar 14 00:30:31 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2580]Wed Mar 14 00:30:31 2012(2):  Update check completed successfully. No updates are available.
[ 2124]Wed Mar 14 00:56:19 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
[ 2124]Wed Mar 14 00:58:25 2012(3):  Agent shutting down
[  664]Wed Mar 14 00:59:00 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
[  664]Wed Mar 14 00:59:24 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[  664]Wed Mar 14 00:59:24 2012(2):  Update check completed successfully. No updates are available.
[  664]Wed Mar 14 01:01:29 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[  664]Wed Mar 14 01:01:30 2012(2):  Update check completed successfully. No updates are available.
[  664]Wed Mar 14 01:02:28 2012(3):  Agent shutting down
[ 2156]Wed Mar 14 01:02:57 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
[ 2156]Wed Mar 14 01:04:25 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2156]Wed Mar 14 01:04:26 2012(2):  Update check completed successfully. No updates are available.
[ 2156]Wed Mar 14 01:04:27 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 2156]Wed Mar 14 01:04:27 2012(2):  Update check completed successfully. No updates are available.
[ 2156]Wed Mar 14 01:08:47 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

 

waiting for a kindly answer best regard

 

AiaceT

Comments

  • tidaltides
    tidaltides Posts: 17 Observer

    Try removing everything and then reinstall it just for you to have it in fresh state. That is how I fixed that type of problem on my end.image

  • Hi AiaceT,

    Please try to reset the automatic updates agent. This tool will clear your current F-Secure database and re-download all necessary updates.

    - Download and run the FSAUA-Reset tool.

    Thanks.


    Best Regards,
    Jayson

  • AiaceT
    AiaceT Posts: 10

    Thank you Jayson for your suggestion.

    I have tried but the yellow alert spot remains

    this is the log after the reset and the updating using the normal procedure (not via fsbupdate9)

     

    [  516]Wed Mar 14 08:05:02 2012(9): AUA RESET TOOL ver (1.05 build 937) was run
    [ 1236]Wed Mar 14 08:05:03 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
    [ 1236]Wed Mar 14 08:05:45 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
    [ 2952]Wed Mar 14 08:06:03 2012(3):  Downloaded 'F-Secure Browsing Protection SW Update 2012-03-08_01' - 'litmus-bin' version '1331219396' from fsbwserver.f-secure.com, 4954163 bytes (download size 1907955 bytes)
    [ 1236]Wed Mar 14 08:06:03 2012(3):  Installation of 'F-Secure Browsing Protection SW Update 2012-03-08_01' : Success
    [ 4016]Wed Mar 14 08:06:05 2012(3):  Downloaded 'F-Secure Browsing Protection ES Update 2012-02-22_01' - 'exploitshield_v2' version '1329915224' from fsbwserver.f-secure.com, 817813 bytes (download size 365731 bytes)
    [ 1236]Wed Mar 14 08:06:05 2012(3):  Installation of 'F-Secure Browsing Protection ES Update 2012-02-22_01' : Failed
    [ 2028]Wed Mar 14 08:06:09 2012(3):  Downloaded 'F-Secure ORSP Engine Update 2011-05-23_01' - 'orsp-win-v2' version '1306140969' from fsbwserver.f-secure.com, 1514147 bytes (download size 746763 bytes)
    [ 3668]Wed Mar 14 08:06:09 2012(3):  Downloaded 'F-Secure IDS Update 2009-01-19_06' - 'idsdb' version '1232363088' from fsbwserver.f-secure.com, 4783 bytes (download size 2933 bytes)
    [ 1236]Wed Mar 14 08:06:09 2012(2):  Update check completed successfully.
    [ 4080]Wed Mar 14 08:06:09 2012(3):  Installation of 'F-Secure IDS Update 2009-01-19_06' : Success
    [ 1236]Wed Mar 14 08:06:10 2012(3):  Installation of 'F-Secure ORSP Engine Update 2011-05-23_01' : Success
    [ 1236]Wed Mar 14 08:06:24 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
    [ 1236]Wed Mar 14 08:06:24 2012(2):  Update check completed successfully. No updates are available.

     

    Any other suggestions/solution?

    Thanks in advance

     

    AiaceT

  • Hi AiaceT,

    The log does not show enough informations to determine what is the cause of problem. However, it should show the downloads for Deepguard, Acquarius and Hydra databases. Could you please post the log again after a few hours? It might show more information.

    Thanks.


    Best Regards,
    Jayson

  • AiaceT
    AiaceT Posts: 10

    Jayson problems becomes bigger!

    I use for a second time the tool you suggest me, then I run the fsdbupdate9.exe

    the fsaua.log show this:

    [ 2908]Wed Mar 14 15:06:13 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
    [ 2908]Wed Mar 14 15:24:58 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
    [ 2908]Wed Mar 14 15:25:05 2012(2):  Update check completed successfully. No updates are available.
    [ 2908]Wed Mar 14 15:27:20 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
    [ 2908]Wed Mar 14 15:27:20 2012(2):  Update check completed successfully. No updates are available.
    [ 2908]Wed Mar 14 15:28:50 2012(3):  Agent shutting down
    [ 2260]Wed Mar 14 15:28:57 2012(9): AUA RESET TOOL ver (1.05 build 937) was run
    [ 1212]Wed Mar 14 15:28:58 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
    [ 1212]Wed Mar 14 15:30:19 2012(3):  Agent shutting down
    [  620]Wed Mar 14 15:30:48 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started
    [ 2168]Wed Mar 14 15:30:52 2012(3):  Installation of 'F-Secure IDS Update 2009-01-19_06' : Success
    [  620]Wed Mar 14 15:33:36 2012(3):  Agent shutting down
    [ 3120]Wed Mar 14 15:34:02 2012(3):  F-Secure Automatic Update Agent for WIN32 8.25.4183: Agent started

     

    but in the download setting windows i can see

    14:33 F-secure Aquarius update 2012-03-13_08 Not istalled

    14:33 F-secure Anti-Virus Misc Update 2011-06-30_01 Not installed

    14:33 F-secure BlackLight Engine Update 2009-09-22_05 Not istalled

    14:33 F-secure Scanner Manager Update 2012-01-23_01 Not istalled

    14:33 F-secure Gemini Update 2012-02-15_01 Not istalled

    14:33 F-secure DeepGuard Update 2012-03-13_02 Not istalled

    14:33 F-secure Hydra Update 2012-03-13_03 Not istalled

    14:33 F-secure Universal System Scanner 2012-01-09_01 Not istalled

    in my opinion it's really courious (or scary) that the log didn't report all these failures

     

    The only installation succeded was the F-Secure IDS Update 2009-01-19_06 (after the Universal System scanner update).

    Waiting for more suggestions, hoping to solve the problem best regards Smiley Sad

     

    AiaceT

     

     

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    Did you tried to reinstall antivirus?

  • AiaceT
    AiaceT Posts: 10

    after performing an update with the update button in the main windows

    this was the result:

    15:33 F-secure Aquarius update 2012-03-13_08 Not istalled

    15:33 F-secure Anti-Virus Misc Update 2011-06-30_01 Not installed

    15:33 F-secure BlackLight Engine Update 2009-09-22_05 Not istalled

    15:33 F-secure Scanner Manager Update 2012-01-23_01 Not istalled

    15:33 F-secure Gemini Update 2012-02-15_01 Not istalled

    15:33 F-secure DeepGuard Update 2012-03-13_02 Not istalled

    15:33 F-secure Hydra Update 2012-03-13_03 Not istalled

    15:33'F-Secure IDS Update 2009-01-19_06 Installed

    15:33 F-secure Universal System Scanner 2012-01-09_01 Not istalled

    15:54 Browsing Protection SW Update 2012-03-08_01 Installed

    15:54 Browsing Protection ES Update 2012-02-22_01 No success

    15:54 ORSP Engine Update 2011-05-23_01 Installed

    and the log:

    [ 3120]Wed Mar 14 15:53:36 2012(2):  Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
    [ 3892]Wed Mar 14 15:54:03 2012(3):  Downloaded 'F-Secure Browsing Protection SW Update 2012-03-08_01' - 'litmus-bin' version '1331219396' from fsbwserver.f-secure.com, 4954163 bytes (download size 1907955 bytes)
    [ 3120]Wed Mar 14 15:54:04 2012(3):  Installation of 'F-Secure Browsing Protection SW Update 2012-03-08_01' : Success
    [  288]Wed Mar 14 15:54:05 2012(3):  Downloaded 'F-Secure Browsing Protection ES Update 2012-02-22_01' - 'exploitshield_v2' version '1329915224' from fsbwserver.f-secure.com, 817813 bytes (download size 365731 bytes)
    [ 3120]Wed Mar 14 15:54:05 2012(3):  Installation of 'F-Secure Browsing Protection ES Update 2012-02-22_01' : Failed
    [ 2868]Wed Mar 14 15:54:11 2012(3):  Downloaded 'F-Secure ORSP Engine Update 2011-05-23_01' - 'orsp-win-v2' version '1306140969' from fsbwserver.f-secure.com, 1514147 bytes (download size 746763 bytes)
    [ 3120]Wed Mar 14 15:54:11 2012(2):  Update check completed successfully.
    [ 3120]Wed Mar 14 15:54:12 2012(3):  Installation of 'F-Secure ORSP Engine Update 2011-05-23_01' : Success

  • AiaceT
    AiaceT Posts: 10

    No i'm afraid about an actual infection that at this moment avoid the update

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    maybe those are not yet installed?

    I mean you have to wait before they'll be installed
  • AiaceT
    AiaceT Posts: 10

    maybe those are not yet installed?

    I mean you have to wait before they'll be installed

     

    Jay it's really strange...before the 13/03 nothing like this happens to my F-secure!

     

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    wait half day and let's see.

    P.S. what does "Jay" mean?
  • AiaceT
    AiaceT Posts: 10

    Jay is for your initial name Jania...

    J in my language sounds "Jay" Smiley Very HappySmiley Very HappySmiley Very Happy

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    Smiley Very Happy

    No problem then.

  • AiaceT
    AiaceT Posts: 10

    F-secure online scanning in safe mode

    at 41% almost founded  malware...hoping to solve, waiting for the final results...Smiley Mad

     

  • AiaceT
    AiaceT Posts: 10

    here is the Online scanning log (in italian):

     

    Suspicious:W32/Malware!Gemini (spyware)

        * Sistema (Disinfettati)

    Suspicious:W32/Malware!Gemini (virus)

        * C:\PROGRAMMI\FDF\FAST2.EXE (Non rimossi)

    Suspicious:W32/Malware!Gemini (virus)

        * C:\PROGRAMMI\AVIDEMUX 2.5\AVIDEMUX2.EXE (Non rimossi)

    Exploit:Android/DroidRooter.E (virus)

        * C:\DOCUMENTS AND SETTINGS\GIA&SISSI\DOCUMENTI\GALAXY TAB\SUPERONECLICKV2.3.3-SHORTFUSE\EXPLOITS\PSNEUTER (Non rimossi)

    Exploit:Android/DroidRooter.E (virus)

        * C:\ANDROIDSDK\TOOLS\PSNEUTER (Non rimossi)

    Exploit:Android/DroidRooter.B (virus)

        * C:\ANDROIDSDK\TOOLS\RAGEAGAINSTTHECAGE (Non rimossi)

    Exploit:Android/DroidRooter.E (virus)

        * C:\ANDROIDSDK\TOOLS\FOLIO100-ROOTING-TOOLCHAIN\PSNEUTER (Non rimossi)

    Exploit:Android/DroidRooter.B (virus)

        * C:\ANDROIDSDK\TOOLS\FOLIO100-ROOTING-TOOLCHAIN\RAGEAGAINSTTHECAGE (Non rimossi)

    Exploit:Android/DroidRooter.E (virus)

        * C:\ANDROIDSDK\PLATFORM-TOOLS\PSNEUTER (Non rimossi)

    Exploit:Android/DroidRooter.B (virus)

        * C:\ANDROIDSDK\PLATFORM-TOOLS\RAGEAGAINSTTHECAGE (Non rimossi)

    Statistiche
    Analizzati:

        * File: 71177
        * Sistema: 4059
        * Non analizzati: 9

    Azioni:

        * Disinfettati: 1
        * Rinominati: 0
        * Eliminati: 0
        * Non rimossi: 9
        * Inviati: 0

    File non analizzati:

        * C:\PAGEFILE.SYS
        * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
        * C:\WINDOWS\SYSTEM32\CONFIG\SAM
        * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
        * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
        * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
        * C:\WINDOWS\PREFETCH\LAYOUT.INI
        * C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\IMPOSTAZIONI LOCALI\TEMP\HSPERFDATA_ADMINISTRATOR\1720
        * C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\IMPOSTAZIONI LOCALI\TEMP\HSPERFDATA_ADMINISTRATOR\332

     

    After reboot and open the F-secure Client Security main panel all seem good. The software is updated but and the green spot appears on the main panel but in the system tray the logo is always partially hidden by the yellow spot with the exclamation point.

    I don't know how to proceed now...

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    are you android app developer?
  • AiaceT
    AiaceT Posts: 10

    android developer?mmmm no definetly no...a geek maybe but not a developer Smiley Very HappySmiley Very HappySmiley Very HappySmiley Very Happy

  • Janiashvili
    Janiashvili Posts: 454 Adventurer
    did the problem solved?
  • mydearcosmo
    mydearcosmo Posts: 18 Observer

    I also got this type of problem and thought reinstalling could work. Does anyone have an update?image

  • daempii
    daempii Posts: 18 Observer

    This may have been old, but I guess there is still no update regarding this one. image

This discussion has been closed.
Pricing & Product Info