Jump to content

How goes Shuriken?


Recommended Posts

It's been several weeks since the Shuriken beta database testing back in April.

Have the data been integrated in the latest rules.ref files yet?

Is Shuriken active??

Thank you.

Alive and well, my friend.. in V1.46 Database 4150+ Enjoy :) SideNote: It can be switched on/off in SETTINGS/Scanner Settings.

EDIT: According to Exile360's post I'm in error - my apologies.

Link to post
Share on other sites

Okay... 4150 just rolled in.

Is there any indication, in the GUI or post-scan or otherwise, that Shuriken is doing its thing?

Thank you.

I'm not a qualified expert/trouble-shooter/employee to answer officially. That having been said, I *can* say, that on my paid system, the only thing seen is in SETTINGS/Scanner Settings where there are 2 check blocks; one is to turn them ON or OFF; the second whether to use it on additional files not covered by first 3 file categories.

I looked in my MBAM log file and there is no listing that Shuriken is active or not; one caveat, my scan logs never show a malware object being detected so I can't say what a log would look like if one WAS found. (Does that make sense??)

~Shy

EDIT: According to Exile360's post I am in error - my apologies.

Link to post
Share on other sites

I looked in my MBAM log file and there is no listing that Shuriken is active or not; one creavate (sp?), my scan logs never show a malware object being detected so I can't say what a log would look like if one WAS found. (Does that make sense??)

~Shy

The log would look something like this.

Malwarebytes' Anti-Malware 1.45

www.malwarebytes.org

Database version: 1000

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

4/10/2010 8:42:11 PM

mbam-log-2010-04-10 (20-42-11).txt

Scan type: Full scan (C:\|)

Objects scanned: 90561

Time elapsed: 21 minute(s), 45 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 7

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\DRIVERS\7AVU21WW\EZBTNS\JP\EzInit.exe (Heuristics.Shuriken) -> No action taken.

C:\IBMTOOLS\DRIVERS\HOTKEY\EZBTNS\JP\EZINIT.EXE (Heuristics.Shuriken) -> No action taken.

C:\lexmark\drivers\1400\drivers\win_xp2k\common\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjwavs.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_1400_series9ca2\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_1400_series9ca2\lxdjwavs.exe (Heuristics.Shuriken) -> No action taken.

Notice: Copied from the beta testing forum. Namely here.

Link to post
Share on other sites

The log would look something like this.

[...]

Files Infected:

C:\DRIVERS\7AVU21WW\EZBTNS\JP\EzInit.exe (Heuristics.Shuriken) -> No action taken.

C:\IBMTOOLS\DRIVERS\HOTKEY\EZBTNS\JP\EZINIT.EXE (Heuristics.Shuriken) -> No action taken.

C:\lexmark\drivers\1400\drivers\win_xp2k\common\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjwavs.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_1400_series9ca2\lxdjcfgx.exe (Heuristics.Shuriken) -> No action taken.

C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_1400_series9ca2\lxdjwavs.exe (Heuristics.Shuriken) -> No action taken.

Notice: Copied from the beta testing forum. Namely here.

Thanks Buttons - a glimpse of the future. :welcome:

BTW: That editing thing we talked about - the strike-over - That Aa box in my editor shows a red X over it. I guess that's why I wasn't able to do it previously. I use FireFox; do you have to use MSIExplorer to have it accessible???

~Shy

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.