guts2client is locking files



My ransomware scanner (other than F-secure SAFE) shows the following notification. Do I need to terminate this action or is it a functionality of F-secure?


The notification says:


guts2client is locking files!

proc:  (2326) /usr/local/f-secure/bin/gutsclient
sign:  unsigned

> usr/local/f-secure/guts2-datadir/hydraosx/patch.bsdiff
> usr/local/f-secure/guts2-datadir/hydraosx/1499678645/fsedb.dat


  • Ukko
    Ukko Posts: 3,640 Superuser



    Sorry for my reply.


    Generally: "guts2client", "guts2-datadir", "guts2" should be part of valid F-Secure Updating design;

    With your examples about "files" noted HydraOSX; And it should be F-Secure Hydra engine for OSX;


    Not sure about certain design of Mac, but most likely there also can be "on-the-fly" updating databases/signatures or so (or if not -> locked certain "databases" files and then re-place to fresh ones maybe also expected); So this is should be "functionality of F-secure";


    I not able to say about certain "valid or not" status of this situation (since - not clear - if it happened just today?! and as certain fresh activities); Maybe you able to reach F-Secure Support Channel about this concern;


    Or maybe there will be proper official response from F-Secure Mac team.


  • radijs
    radijs Posts: 4 New Member

    Hi Ukko,


    Thanks a lot for your fast reaction.


    As you mentioned, I did contact the Chat Helpdesk and they told me I can allow the action cause it's an upgrade of my F-secure SAFE program.



This discussion has been closed.
Pricing & Product Info