- Mar 15, 2017
- 210
Hey malware hunters and fellow helpers 
I today come to present you a new tool that will come out soon.
It's currently actively being developed and I wanted to have a discussion with you regarding the features cause we don't want to build yet-another-diagnostic-tool (of course).
Adlice Diag is built on top of the new RogueKiller SDK (the one not released yet!).
It's able to:
- Make a hardware scan (processors count + brand, RAM amount / usage, disk usage, etc.. etc...)
- Make a diagnostic scan with the classic RogueKiller modules: Processes, Services, Tasks, Files, Browser extensions, MBR, Antirootkit.
During this scan, unlike RogueKiller, EVERY SINGLE object is reported, and this is the big difference with the Anti-malware.
All objects are reported into different tabs, a bit like in Autoruns.
- All the objects are scanned with RogueKiller engine, with online signatures (just like an Anti-malware, it downloads the signatures locally and use them for the scan). Detected items are marked with different colours and pre-checked by default.
- At the end of the scan, a report can be generated. This is another big new feature in this field, the report can be uploaded to our server and the OP is been given a permalink (this is purely optional, report can also be checked out locally). When the OP chooses to upload the report, it's a lot easier for him to just give the permalink back to the helper. We'll decide based on your feedback if privacy is important here (password on report?).
- When the helper clicks the link, it opens the report page on our website. Report is colored and has a nice checkbox-based view, all he needs to do is adjust the items to remove with checkboxes, and generate a removal script (our website handles the removal workflow).
- Meanwhile, the OP is notified a removal script is available (same here, privacy is important so we'll figure out how to make sure the removal scripts are securely signed) and chooses to apply it. At the end, a removal report can be generated the same way but this time the helper can get it directly into the workflow on our website to verify everything went OK.
Thoughts? We planned to maybe extend the website a lot so that all helpers can register and keep track of all their current malware removal status.
I today come to present you a new tool that will come out soon.
It's currently actively being developed and I wanted to have a discussion with you regarding the features cause we don't want to build yet-another-diagnostic-tool (of course).
Adlice Diag is built on top of the new RogueKiller SDK (the one not released yet!).
It's able to:
- Make a hardware scan (processors count + brand, RAM amount / usage, disk usage, etc.. etc...)
- Make a diagnostic scan with the classic RogueKiller modules: Processes, Services, Tasks, Files, Browser extensions, MBR, Antirootkit.
During this scan, unlike RogueKiller, EVERY SINGLE object is reported, and this is the big difference with the Anti-malware.
All objects are reported into different tabs, a bit like in Autoruns.
- All the objects are scanned with RogueKiller engine, with online signatures (just like an Anti-malware, it downloads the signatures locally and use them for the scan). Detected items are marked with different colours and pre-checked by default.
- At the end of the scan, a report can be generated. This is another big new feature in this field, the report can be uploaded to our server and the OP is been given a permalink (this is purely optional, report can also be checked out locally). When the OP chooses to upload the report, it's a lot easier for him to just give the permalink back to the helper. We'll decide based on your feedback if privacy is important here (password on report?).
- When the helper clicks the link, it opens the report page on our website. Report is colored and has a nice checkbox-based view, all he needs to do is adjust the items to remove with checkboxes, and generate a removal script (our website handles the removal workflow).
- Meanwhile, the OP is notified a removal script is available (same here, privacy is important so we'll figure out how to make sure the removal scripts are securely signed) and chooses to apply it. At the end, a removal report can be generated the same way but this time the helper can get it directly into the workflow on our website to verify everything went OK.
Thoughts? We planned to maybe extend the website a lot so that all helpers can register and keep track of all their current malware removal status.
