Adlice Diag - New Diagnostic Tool

Discussion in 'other anti-malware software' started by Tarnak, Jul 11, 2018.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,612
    I saw this tool mentioned in another forum. And, I gave it a run....

    Just curious to see if any members at Wilders' have tried it.
     

    Attached Files:

  2. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,612
    Adlice Diag_After First Quick scan_detections_01.JPG The results of the first quick scan showed eight problems, only. :) But, I have chosen to remove nothing, because they may be false positives. Also, I might bork my system, if I did remove. :(
     
  3. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,674
    The startup entry is for Webroot, so you shouldn't disable it. I'm not too sure about the DNS entries, it found some on my computer too. The desktop entries shouldn't be anything to worry about. The HideDesktopIcons registry keys are used for adding icons to the desktop.

    Not everything it finds will be an actual problem.

    I installed this last night and started a second scan today. The scan appeared to have frozen after running for some time. I opened Task Manager and is was using 4GB of RAM (not so good on a system with 8GB of RAM), so I terminated its process.
     
  4. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    6,674
    @Tarnak Also,this will be of help.
    https://www.adlice.com/documentation/diag/documentation/
     
  5. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,612
    @roger_m

    I was trying to post my reply a short time ago, when I got your PM alert. But, I ran into the dreaded where you can't enter any text in the address bar or note pad, etc. I had to reboot, and now, I can make a reply. :)

    I wasn't concerned about Webroot because I have been a beta tester with them for years, since the beginning. :)

    Thanks for the other information in your follow up post, too. :)
     
  6. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Hey, I'm the lead dev at Adlice Software :)
    If I can answer your questions, don't hesitate !

    We are trying to fix all the possible FP with new signatures, so things like this will be fixed across versions...
    Also the new documentation is here: https://www.adlice.com/docs/diag/

    Has anyone tried the Cloud reporting feature?
    Here's an example of uploaded report: https://diag.adlice.com/report.php?id=ddd9f255201c4b117b84158a9ee226ff

    We believe it will help a lot communication between helpers and OPs
     
  7. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Has anyone tried to run some scan with the version 0.9.9 so far?
     
  8. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,052
    Location:
    .
     
    Last edited: Aug 9, 2018
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,612
    Just tried the latest version. I left out scanning the registry this time. ;)

    Adlice Diag-portable_v0.9.9_03.JPG > Adlice Diag-portable_v0.9.9_05.JPG
     
  10. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,612
    ...and the Reports History:

    Adlice Diag-portable_Reports_History_01.JPG
     
  11. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    193
    Location:
    Germany
    I was about to try it but found that a filter list from uBlock blocked your site. You maybe want to do something about it. It's this list: http://1hosts.cf/

    I did a scan (Without the driver or internet but with MalPE) and I got false positives with:
    - Startpage.com as standard search and startpage.
    - The usual registry FPs others have mentioned already and this one I don't recognize: HKEY_USERS\S-1-5-21-3071807465-535171686-1052473121-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs (Set to 0)
    Google says it is the setting for "show recently added apps on Windows 10 start menu" that I have deliberately off.
    - and then some Intel graphics driver stuff: igfxrenu.lrc and igfxrdeu.lrc showing up because of "Bad.Extension". Apparently it's an extension for music lyrics. Huh. Probably used as language files for the driver GUI. (enu and deu in the name point to this: english and deutsch/german are both languages I have installed o my pc)
     
  12. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Hey Nikopol, thanks for notifying. I've requested a block removal. Is it a default list or a custom one? I sent an email but not sure how that list is loaded...
    Could you send your report? Either in private or on the cloud upload (keep the permalink secret, only we -as admin- will see it)
     
  13. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Adlice Diag 0.10.1 is available !
    Just a reminder that to use the Cloud removal feature on the forums you need to ask an invite (see below)

    Code:
    V0.10.1 09/12/2018
    =================
    - Fixed critical memory usage in Registry scanner (CLSID)
    - Added permalink context menu (Report view), with Copy to clipboard action
    - Added more information in Report view
    - Added error message when no rule is selected when launching a scan
    - Now hiding processes part in the report if no process rule was selected
    - Fixed an issue where Web browser addons path was not displayed in the reports
    - Added signatures driven scanner in Webscanner
    - Added website dynamic scanner in Webscanner
    - Added new signatures
    
    V0.10.0 09/11/2018
    =================
    - Fixed critical memory leaks in TaskScheduler and Buffer
    - Added review items before removal screen
    - Refactored progress screen to use stacked widget instead of tabs
    - Updated documentation links
    - Added badge counters on tabs to easily see where important detections are present (progress and report)
    - Fixed quarantine not refreshing after removal
    - Renamed cloud removal tab
    - Now switching to cloud tab when a script is loaded
    
     
  14. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,052
    Location:
    .
    0.10.1 Premium Trial Quick Scan
    3782.png
    0.10.1 Premium Trial w MalPE Start Scan
    3783.png
     
    Last edited: Sep 14, 2018 at 9:52 AM
  15. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Hey @bjm_, thanks for the scan. Can you guys upload the reports with the Cloud removal so that we (admins) can see what's wrong and fix?
    Thanks,
     
  16. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,052
    Location:
    .
    3788.png
     
    Last edited: Sep 14, 2018 at 12:27 PM
  17. Tigzy

    Tigzy Developer

    Joined:
    Sep 12, 2012
    Posts:
    24
    Location:
    France
    Perfect, thanks. I'll take a look
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.