Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OldTimer's AM-tools OTL, OTS & OTM - How do they differ and do they still apply?


  • Please log in to reply
5 replies to this topic

#1 midimusicman79

midimusicman79

  • Members
  • 727 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:02:05 PM

Posted 22 June 2015 - 09:25 AM

Hi all!

 

The developer OldTimer has written several awesome anti-malware diagnostic tools, namely OTL, OTS and OTM. These tools look essentially the same and perform somewhat equally, which is to generate comprehensive logs covering many aspects of the computer system, in order to diagnose malware infections. And like FRST, it also features script functionality in order to remove malware, and needs a 'trained eye' AKA a MRT member's interaction to generate malware removal scripts. B)

 

As such, they belong to the same category of tools as DDS, FRST, HJT, RSIT, Zoek and CF. :thumbup2:

 

I am not trying to debate whether most of these tools should be restricted to use only in the Virus, Trojan, Spyware, and Malware Removal Logs Forum, given their power and so that the novice user gets qualified help in the malware removal process. :whistle:

 

However, I am wondering how OTL, OTS and OTM differ, and do they still apply? I know that they have been updated a while ago, but also that they only are compatible with Windows up to version 7, and not further.

 

Thank you very much in advance!

 

Regards,

midimusicman79


Edited by midimusicman79, 23 June 2015 - 06:28 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 22 June 2015 - 10:27 AM

Hi again midimusicman :)

Even thought these tools are at some point "outdated" and not the favorite tools anymore, since they enter in the same category as FRST, HJT, CF, ZOEK, etc. they shouldn't be used if you weren't trained to use them or if you aren't under the supervision of a trained malware removal member. Any tools that requires log analysis in order to create a fix-list shouldn't be used unless you've been trained for it. It's simple as that.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:05 AM

Posted 22 June 2015 - 03:26 PM

OTS (previously OTScanIt2) was used to analyze logs with the companion application OTA and build fixes directly for the user under the guidance of a trained expert. This tool was essentially retired with the released of OTL.

OTM (Formerly OTMoveIt3) was a file, registry, and service modification and removal which utilized custom directives and commands. The tool was not designed for nor does it remove any specific malware infections. OTM was created as a one step tool that allowed a higher degree of flexability that other tools we had available at the time is was developed.

OTL (previously OTListIt2) is a comprehensive investigative tool originally designed as an alternative to HijackThis to support Windows 2000, XP, Vista, and Windows 7. OTL has not been updated with a new version build since 10/23/12, however, it has not been totally abandoned. OldTimer (the creator) advised that at some point there would not be any future releases but that does not mean OTL can no longer be used. It only means that the tool may not be effective against newer malware infections and may not run properly with new operating system releases it was not designed to support.

As such, it has essentially been replaced by Farbar Recovery Scan Tool (FRST) as the tool of choice for malware removal experts assisting folks with disinfecting their machines. FRST is an advanced specialized tool primarily designed to run in the Windows Recovery Environment via Advanced Boot Options or by using a Windows DVD in order to diagnose and fix boot problems or remove malware when other tools fail. It can also be used in Windows XP if the system can boot to PE Environment by using a Boot CD and can also run in normal or safe mode. FRST logs provide detailed information about registry loading points, services, driver services, Netsvcs entries, known DLLs, drives, and partition specifications and will also list system files that could be patched by malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 727 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:02:05 PM

Posted 23 June 2015 - 08:30 AM

Hi again, Aura. & quietman7!

 

Thanks to both of you for the prompt and clarifying replies!

 

Guess I mixed-up OTM and its different behavior and purpose. :blink:

 

Thank you very much for the help! :) The issue has been successfully resolved! :)

 

Regards,

midimusicman79


Edited by midimusicman79, 23 June 2015 - 08:31 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 23 June 2015 - 08:35 AM

No problem midimusicman, you're welcome :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:05 AM

Posted 23 June 2015 - 02:16 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users