Prevx isn't permanently cleaning

Yes. Most computers don't need more then the current file limit. In some cases they do. Like you having 2 hard drives it scanning It's going to have more files then normal. This is a easy fix to be able to scan the whole thing Joe (PrevxHelp) just needs to ajust a setting on there end for you. But you will need to PM him your Key so he can expand the amount needed. What you can do for now tho unplug the clean drive and boot of the dirty drive and do a full scan this might fix the file problem for now. As there is less to scan.

 

Prevx leeps a local cache of disinfecting files of ALL previously detected malwares, just to prevent any recurring threats WITHOUT connecting to the database that time.

 

That cache would not be on the clean hard drive as its a different install in a different OS. At least that's what I was assuming.

 

Unless I'm missing something and in absence of Joe/PrevX download MBAM to other disc, install and run on infected ( not connected to www) disc see what comes up ??

is this it?

http://www.google.com/search?btnG=Google Search&q=atapi sys malware
http://forum.sysinternals.com/forum_posts.asp?TID=21266
http://www.surfright.nl/en/home/press/hitman-pro-35-removes-tdl3-rootkit
http://remove-malware.com/malware/malware-warnings/nasty-new-rootkit-patches-atapi-sys/
http://remove-malware.com/malware/malware-news/atapi-sys-rootkit-is-everywhere/

MBAM may not work
http://www.malwarebytes.org/forums/index.php?showtopic=32988
Check those other links ??

AFAICR; PrevX have been all over this. PrevX have intimated that they have a new tool in progress. If you are a paid up licensee, there is direct help available at PrevX web site
https://www.wilderssecurity.com/showpost.php?p=1579283&postcount=15
http://info.prevx.com/service.asp

 

Hello all,
First, let me thank everyone for helping out with regard to support (Fajo in particular! )

I've extended your license now, enchant. The limit is due to a scan engine change which will be modified in the next update (due out next week) but for now we're manually updating licenses.

The atapi.sys infection is indeed a headache, as we've described on our blog We're currently making a standalone tool to remove it, but for now, scanning from a different operating system will definitely solve it.

After you rescan/re-clean your PC, let me know if you have any other problems!

Thanks again, all!

 

Excellent - thanks!

Some hair is clogging my sink. Got anything for that?

 

Hey enchant, you did good there: handled the infected disc like a pro
That rootkit is creating havoc.
May even run in a VM !! May not.
The sysinternals thread is a good read. Even ntunldr and thug4lif3 impressed.
DiabloRed/EP_X0FF: ( - I know - )
http://www.rootkit.com/blog.php?newsid=970&user=DiabloNova

It's never ending really.. , always another cycle.
Some nice ARKs here and there.
http://www.ntinternals.org/anti_rootkits.php
GMER still holding a top position. Nice tool.

In my naivety I'd left some of those tools 'behind' for a while, now have to review whats available again.

@Joe: thx for the info.
Extremely impressed with PrevX action against this and other mals.
LOL, might even (have to) update to V3.0

 

Not yet, unfortunately I'll add it to the Todo List...