Adlice Diag - New Diagnostic Tool

I saw this tool mentioned in another forum. And, I gave it a run....

Just curious to see if any members at Wilders' have tried it.

 

The results of the first quick scan showed eight problems, only. But, I have chosen to remove nothing, because they may be false positives. Also, I might bork my system, if I did remove.

 

The startup entry is for Webroot, so you shouldn't disable it. I'm not too sure about the DNS entries, it found some on my computer too. The desktop entries shouldn't be anything to worry about. The HideDesktopIcons registry keys are used for adding icons to the desktop.

Not everything it finds will be an actual problem.

I installed this last night and started a second scan today. The scan appeared to have frozen after running for some time. I opened Task Manager and is was using 4GB of RAM (not so good on a system with 8GB of RAM), so I terminated its process.

 

@Tarnak Also,this will be of help.
https://www.adlice.com/documentation/diag/documentation/

 

@roger_m

I was trying to post my reply a short time ago, when I got your PM alert. But, I ran into the dreaded where you can't enter any text in the address bar or note pad, etc. I had to reboot, and now, I can make a reply.

I wasn't concerned about Webroot because I have been a beta tester with them for years, since the beginning.

Thanks for the other information in your follow up post, too.

 

Hey, I'm the lead dev at Adlice Software
If I can answer your questions, don't hesitate !

We are trying to fix all the possible FP with new signatures, so things like this will be fixed across versions...
Also the new documentation is here: https://www.adlice.com/docs/diag/

Has anyone tried the Cloud reporting feature?
Here's an example of uploaded report: https://diag.adlice.com/report.php?id=ddd9f255201c4b117b84158a9ee226ff

We believe it will help a lot communication between helpers and OPs

 

Has anyone tried to run some scan with the version 0.9.9 so far?

 

Just tried the latest version. I left out scanning the registry this time.

>

 

...and the Reports History:

 

I was about to try it but found that a filter list from uBlock blocked your site. You maybe want to do something about it. It's this list: http://1hosts.cf/

I did a scan (Without the driver or internet but with MalPE) and I got false positives with:
- Startpage.com as standard search and startpage.
- The usual registry FPs others have mentioned already and this one I don't recognize: HKEY_USERS\S-1-5-21-3071807465-535171686-1052473121-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs (Set to 0)
Google says it is the setting for "show recently added apps on Windows 10 start menu" that I have deliberately off.
- and then some Intel graphics driver stuff: igfxrenu.lrc and igfxrdeu.lrc showing up because of "Bad.Extension". Apparently it's an extension for music lyrics. Huh. Probably used as language files for the driver GUI. (enu and deu in the name point to this: english and deutsch/german are both languages I have installed o my pc)

 

Hey Nikopol, thanks for notifying. I've requested a block removal. Is it a default list or a custom one? I sent an email but not sure how that list is loaded...
Could you send your report? Either in private or on the cloud upload (keep the permalink secret, only we -as admin- will see it)

 

Adlice Diag 0.10.1 is available !
Just a reminder that to use the Cloud removal feature on the forums you need to ask an invite (see below)

Code:

V0.10.1 09/12/2018
=================
- Fixed critical memory usage in Registry scanner (CLSID)
- Added permalink context menu (Report view), with Copy to clipboard action
- Added more information in Report view
- Added error message when no rule is selected when launching a scan
- Now hiding processes part in the report if no process rule was selected
- Fixed an issue where Web browser addons path was not displayed in the reports
- Added signatures driven scanner in Webscanner
- Added website dynamic scanner in Webscanner
- Added new signatures

V0.10.0 09/11/2018
=================
- Fixed critical memory leaks in TaskScheduler and Buffer
- Added review items before removal screen
- Refactored progress screen to use stacked widget instead of tabs
- Updated documentation links
- Added badge counters on tabs to easily see where important detections are present (progress and report)
- Fixed quarantine not refreshing after removal
- Renamed cloud removal tab
- Now switching to cloud tab when a script is loaded

 

0.10.1 Premium Trial Quick Scan

0.10.1 Premium Trial w MalPE Start Scan

 

Hey @bjm_, thanks for the scan. Can you guys upload the reports with the Cloud removal so that we (admins) can see what's wrong and fix?
Thanks,

 

Perfect, thanks. I'll take a look

 

Hey,
Adlice Diag now available in V1
https://www.adlice.com/download/diag/

Just a reminder that to use the Cloud removal feature on the forums you need to ask an invite (see below)

Code:

V1.0.1 10/12/2018
=================
- Added Tech license compatibility
- Fixed minor issues

V1.0.0 10/11/2018
=================
- Fixed an issue with classification (gone processes)
- Fixed a possible crash on exit

V0.10.5 10/10/2018
=================
- Added filters for System view
- Fixed an issue in classification
- Fixed Hosts file parsing when lot of empty lines
- Updated to core 2.0.10

 

Salut,
Diag version 1.0.2 is online !
And here's a video tutorial on how to use the Cloud Removal: https://www.adlice.com/docs/diag/getting-started/cloud-removal/#tutorial

 

Uploaded report w/wo MalPE

 

Hey,

Big Update of the backend today.

Those having access will now have a dashboard with attributed reports, their status and action buttons.

for the others it's still time to ask your access

On the report page you can now claim a report -if the OP didn't specify a helper-, edit the forum link and the comments

https://image.ibb.co/dbUY3A/diag-web.jpg

 

Adlice Diag v1.0.10 (December 17, 2018)
Download

Spoiler: Changelog v1.0.10

V1.0.10 12/17/2018
=================
- Updated to core 2.1
- Added signatures

V1.0.9 11/26/2018
=================
- Added signatures
- Fixed an issue in script engine where error items where not in removal report
- Added Filter on scan choice

V1.0.8 11/23/2018
=================
- Updated to core 2.0.23
- Fixed an issue in Curl, leading to download aborts on file sharing issue
- Improved Curl file download, now retaining file handle on write (Windows Defender slow download fix)
- Improved support for high DPI screens
- Added warning on safe items selection
- Added Registry heuristic scanner
- Added signatures

V1.0.7 11/08/2018
=================
- Updated to core 2.0.21
- Fixed an issue in the path parser
- Minor fixes and enhancements
- Added signatures

V1.0.6 11/07/2018
=================
- Updated engine to Yara 3.8.1
- Updated to core 2.0.18
- Minor fixes and enhancements

V1.0.5 11/05/2018
=================
- Fixed a potential crash in yara engine
- Updated to core 2.0.17
- Added signatures
- Fixed a potential crash in VirusTotal engine

V1.0.4 10/31/2018
=================
- Fixed a crash in Unzip engine
- Fixed a crash that occured at startup with Agent enabled
- Fixed telemetry setting
- Fixed premium settings
- Added: Activations manager screen (List/Remove)
- Updated to core 2.0.15

V1.0.3 10/25/2018
=================
- Added Comments and Forum Url fields for CloudRemoval
- Updated scan rules
- Updated CloudRemoval payload
- Updated to core 2.0.13
- Updater 3.1 (fixes an issue in Config file readonly)
- RKDLL 2.2 (fixes an issue in Config file readonly)
- Added detections

 

Hey,

Adlice Diag is available in version 1.1.2
We have opened the automatic signatures download to free version, this should be easier now to use on the forums
Don't forget if you want to use the cloud removal you need to ask an invite to get access to your dashboard on our website: https://diag.adlice.com

Download: https://www.adlice.com/download/diag/

Here's the changelog:

Code:

V1.1.2 02/22/2019
=================
- Updated to core 3.0.4
 * Added ability to read encrypted signatures packages (AV detection mitigation)
 * Fixed a crash in ZIP module
 * Fixed an issue in Folder creation (preventing creating working directory when executing from non system drive)
 * Now VT.Unknown is not treated as a threat anymore
 * Now updater runs installer with /silent
 * Fixed: a crash in PE parser when file is driver protected
 * Added Firefox registry addons search
 * Fixed registry items duplicates on scan
- Added more context menus shortcuts (Search on VT, search on Google, copy to clipboard)
- Removed system information from dashboard (duplicate info)
- Defer real time monitoring to system tab opening
- Fixed translations
- Removed tray icon in portable version
- Opened signatures direct updates for free version
- Minor fixes

 

Adlice Diag v1.1.3 (March 5, 2019)
Download

 

Version 1.1.7 is available
https://forum.adlice.com/index.php?topic=3587.msg9157#msg9157