Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

OTL Tutorial - How to use OldTimer ListIt

- - - - - OTL oldtimer tutorial how-to scan

  • Please log in to reply
182 replies to this topic

#121
dev00790

dev00790

    Member

  • Member
  • PipPip
  • 48 posts
Hi,

I notice that O38 - SubSystems is not mentioned in the OTL tutorial. Could this be added please?

dev00790
  • 0

Advertisements


#122
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts
Yes, that together with a number of scan changes and another command are all either already written and in the pipeline (checking by the tool developer) or under preparation.:thumbsup:
  • 0

#123
dev00790

dev00790

    Member

  • Member
  • PipPip
  • 48 posts
Thanks :)
  • 0

#124
Wing Man

Wing Man

    Trusted Helper

  • Malware Removal
  • 8 posts
I have a student asking a question about OTL and a change made to the GUI.

Earler versions of OTL had an option under Modules called "Use Safe List" and at some point this was changed to "No Company Name".
Was this an effort to minimize the amount of "internal" processing as a "safelist" could have grown huge, possibly hindering overall processing time.

I looked at the OTL updates and did not really see anything regarding this change...

Edit:
Should this change be reflected in the tutorial, so the helpers know what the option provides?

Edited by Wing Man, 16 May 2012 - 08:06 AM.

  • 0

#125
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts
Hello Wing Man,

I know you have received a detailed reply from OT at MRU.

For anyone else reading this thread the crux of OT's reply is that improvements/changes are constantly being made to OTL. Not all are commented on. This particular change was made over a year ago to streamline the scan. The form label was made to reflect the change. :)
  • 0

#126
Wing Man

Wing Man

    Trusted Helper

  • Malware Removal
  • 8 posts
Yes, OT did reply, thanks. :)
  • 0

#127
fireblade77

fireblade77

    New Member

  • Member
  • Pip
  • 1 posts
Hi there

I am dealing with a little bit of malware and have a random entry in the log which I am going to remove.

mRun: [audiowx] rundll32.exe "23drhl.dll",s

However, before I proceed - Can I ask what the ,s indicates on the end?

Thanks
  • 0

#128
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts
Hello fireblade77,

Don't know what that is. Might be worth opening a topic in the Malware Forum and have someone there check it out. :)
  • 0

#129
Wing Man

Wing Man

    Trusted Helper

  • Malware Removal
  • 8 posts
OTL is just reporting what is found in the registry entry. It's probably a program parameter used to have the file run in "silent" mode or something along those lines.
  • 0

#130
OldTimer

OldTimer

    Global Moderator

  • Global Moderator
  • 3,273 posts
@fireblade77: That is not a line from an OTL log. Questions regarding whatever tool is being used that produced that information will need to be addressed by the associated author. This topic is for OTL related questions.

Cheers.

OT
  • 0

Advertisements


#131
azarl

azarl

    GeekU Admin

  • Administrator
  • 25,265 posts

Hi there

I am dealing with a little bit of malware and have a random entry in the log which I am going to remove.

mRun: [audiowx] rundll32.exe "23drhl.dll",s

However, before I proceed - Can I ask what the ,s indicates on the end?

Thanks

That's a DDS entry not OTL. the 's' is the entry point within the module. Basically it means Run 23drhl.dll and start execution at the routine labelled 's'
  • 0

#132
Wing Man

Wing Man

    Trusted Helper

  • Malware Removal
  • 8 posts
Duh! :wacko: I wasn't even looking at the mRun: notation... just the file.
Thanks azari, more I thought about it, a parameter would have probably been coded like:
mRun: [audiowx] rundll32.exe "23drhl.dll" /silent
  • 0

#133
mgrzeg

mgrzeg

    New Member

  • Member
  • Pip
  • 1 posts
Hi there,
as I couldn't find any other place to post support question regarding OTL, I do it here :)
Some users complain, that OTL can't generate the Extras.txt file because of the "Win32 Error. Code: 23... (CRC)". There's a memory dump file created manually by one of ther users at the moment, when the error message box appears.
I tried to find some information about the reasons, but without .pdbs it's very hard.
Maybe you can help? :)

m.g.
  • 0

#134
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,714 posts
Hi and welcome to Geeks to Go. :)

That specific error relates to what is known as a Cyclic Redundancy Check and not something usually associated with malware, though feasible never actually encountered such myself. In some instances it can be caused by a faulting Hard-Drive(be it one in situ and or a network type etc) or a form of CD/DVD removable storage present when OTL is ran that may be damaged for example.

My best advice in this instance would be to seek further assistance in this part of the forum:-

Hardware, Components and Peripherals

Or if you genuinely feel malware may be the culprit:-

Malware and Spyware Cleaning Guide
  • 0

#135
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,120 posts
Great and informative thread.It really helped me a lot.
  • 0





Also tagged with one or more of these keywords: OTL, oldtimer, tutorial, how-to, scan

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.