My ransomware scanner (other than F-secure SAFE) shows the following notification. Do I need to terminate this action or is it a functionality of F-secure?
The notification says:
guts2client is locking files!
proc: (2326) /usr/local/f-secure/bin/gutsclient
sign: unsigned
files:
> usr/local/f-secure/guts2-datadir/hydraosx/patch.bsdiff
> usr/local/f-secure/guts2-datadir/hydraosx/1499678645/fsedb.dat
Hello,
Sorry for my reply.
Generally: "guts2client", "guts2-datadir", "guts2" should be part of valid F-Secure Updating design;
With your examples about "files" noted HydraOSX; And it should be F-Secure Hydra engine for OSX;
Not sure about certain design of Mac, but most likely there also can be "on-the-fly" updating databases/signatures or so (or if not -> locked certain "databases" files and then re-place to fresh ones maybe also expected); So this is should be "functionality of F-secure";
I not able to say about certain "valid or not" status of this situation (since - not clear - if it happened just today?! and as certain fresh activities); Maybe you able to reach F-Secure Support Channel about this concern;
https://www.f-secure.com/en/web/home_global/contact-support
Or maybe there will be proper official response from F-Secure Mac team.
Thanks!
Hi Ukko,
Thanks a lot for your fast reaction.
As you mentioned, I did contact the Chat Helpdesk and they told me I can allow the action cause it's an upgrade of my F-secure SAFE program.
Thanks!
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
https://community.f-secure.com/t5/F-Secure-SAFE/guts2client-is-locking-files/td-p/96399
Visit the Community
Check our Forums or How-to & FAQs for advice or answers