Hi, we’ve got something loose on ou 2003 sbs server/domain, and i got these results from an aswMBR scan. Can anyone help me understand what these red trace-disk-IO-calls things mean, and or confirm my thought that this machine seems to not be rootkitted?
follow this guide and attach Malwarebytes / OTL logs
http://forum.avast.com/index.php?topic=53253.0
No Can Do right now. Running a scan with Trend Micro WFBS, and it doesn’t like OTL. I appreciate the effort, but can you comment on the original question without asking for more information?
Essexboy is notified, and will comment when he arrive… but i think he need the OTL log
Running a scan with Trend Micro WFBS, and it doesn't like OTL.it happens.....just disable the AV before you run it
I believe that aswMBR is hitting on the RAID drivers cercsr6
Thanks, also, i do have Daemon Tools Image Mounter installed, and i know it installs like a rootkit, that is the sptd.sys file mentioned in the services… could that be throwing this message to aswMBR?
We have a consensus then? This machine looks clean-rootkit-wise?
At the moment all I can see is the raid drive showing up - aswMBR is not really designed for RAID servers it is more of a home/standalone system type thing
And sptd will always get marked as suspicious due to its behaviour