Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

OTL Tutorial - How to use OldTimer ListIt

- - - - - OTL oldtimer tutorial how-to scan

  • Please log in to reply
182 replies to this topic

#31
OldTimer

OldTimer

    Global Moderator

  • Global Moderator
  • 3,273 posts
@pradap: First check the version number. The current version at this time is v3.2.16.0. If the version you have is older than that then delete what you have and download the the current version and run the scan again.

Cheers.

OT
  • 0

Advertisements


#32
GT500

GT500

    Emsisoft Research

  • Visiting Consultant
  • 42 posts
This is a good tutorial, but unfortunately it is lacking examples on how to do the scripting.

For instance, lets say I have a services line in an OTL log that look like this:
SRV - [2008/07/22 12:44:14 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\waatservice.exe -- (waatservice)

Now, if this were ComboFix or The Avenger, obviously you would want to do this:
Driver::
waatservice

Or this:
Drivers to delete:
waatservice

However, there is no indication in the tutorial (at least none that I have been able to find) that this style is even remotely correct in OTL.

So, the real question, which (one again, as far as I have been able to tell) is not answered by the tutorial, is whether this is the correct method of using :Services:
:Services
waatservice

Or whether this is the correct method of using :Services:
:Services
SRV - [2008/07/22 12:44:14 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\waatservice.exe -- (waatservice)

  • 0

#33
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Why not use

:OTL
SRV - [2008/07/22 12:44:14 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\waatservice.exe -- (waatservice)


  • 0

#34
GT500

GT500

    Emsisoft Research

  • Visiting Consultant
  • 42 posts

Why not use

:OTL
SRV - [2008/07/22 12:44:14 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\waatservice.exe -- (waatservice)


Well, the section on the directives doesn't really say if :OTL works on services, and the presence of :Services leads one to assume that you would want to use it instead.
  • 0

#35
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It gives you an option - If you know the service but it does not show in OTL (i.e. it is legit but causing you problems) under the srv heading then you can use :services
  • 0

#36
GT500

GT500

    Emsisoft Research

  • Visiting Consultant
  • 42 posts

It gives you an option - If you know the service but it does not show in OTL (i.e. it is legit but causing you problems) under the srv heading then you can use :services


So then the usage for :Services would be similar to ComboFix and The Avenger, since you're only expected to know the name of the service?
  • 0

#37
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Correct and if you know the related file that will go under the :files heading
  • 0

#38
GT500

GT500

    Emsisoft Research

  • Visiting Consultant
  • 42 posts

Correct and if you know the related file that will go under the :files heading


Cool. Thank you. :D
  • 0

#39
Maggi14

Maggi14

    Member

  • Member
  • PipPip
  • 10 posts
After restarting of pc,OTL icon is no more?

Thus,I again downloaded from here...My system has to be reboot bcuz of an Installation,again OTL icon is missing.

do I need do download it again or is it common dear Admin?

-Thanks
Maggi
  • 0

#40
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,955 posts
Sorry for the delay in replying. Some glitches with the recent forum upgrade have resulted in some things being missed.

Now

Something wrong there, maybe malware or maybe something you did or even a system related problem.

Open a new topic in the Malware forum explaining the problem. Someone there should be able to have a look at it for you. :D
  • 0

Advertisements


#41
Disruption

Disruption

    Member

  • Member
  • PipPip
  • 37 posts
This is by far the best tutorial describing OTL I have ever seen.
  • 0

#42
aarikarenaa

aarikarenaa

    New Member

  • Member
  • Pip
  • 5 posts
Hello,

Just had a quick question re: OTL. It has been running for 2 hours on my machine and seems to be going in circles and keeps coming back to "checking for newly modified files" in my system32 folder. The scan is constantly scanning but everything I find online shows that this scan takes no more then 10 minutes. Should I stop it and restart? I cant seem to find anywhere online that discusses this particular problem.

Thanks,

Aarika
  • 0

#43
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
@aarikarenaa,

OTL shouldn't take that long to run a scan. You should exit out of the current scan and restart your computer and then attempt to run a new scan, and see if you have better luck then.

Kindest Regards,
ST.
  • 0

#44
aarikarenaa

aarikarenaa

    New Member

  • Member
  • Pip
  • 5 posts
Thanks so much for the quick response. I was feeling as though I was slowly losing my mind and have a feeling I will see scan results in my dreams tonight haha. I kept wanting to stop it but it was actually progressing just now we are at a 3 hour point... :) *fingers are crossed*

Thanks again,


AarikaRenaa
  • 0

#45
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Please let me know if it freezes up on you again.
  • 0





Also tagged with one or more of these keywords: OTL, oldtimer, tutorial, how-to, scan

1 user(s) are reading this topic

1 members, 0 guests, 0 anonymous users


    DR M

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.