I have 2x drives in my pc, a 1tb drive containing windows xp sp2, and a 500gb which i installed windows 7 onto.
After installing windows 7 i went ahead and dragged across all my documents from my other drive, all my music etc, being extremely careful not to pull anything dodgy across (the only exe's i pulled across were install files, which im guessing is how i reinfected myself). I had been using the pc absolutely fine for about 5-7 hours (typically by this point i had set everything up perfectly, all files organised etc) I then started getting Security Essentials messages saying i was infected with Ramnit, researched it, (this is when i realised this was the problem i was having in XP), so went ahead to try and disinfect, i did your usual healthcheck procedure, ran mbam in safe mode, checked msconfig for startup items, etc.
It got to about 1am this morning and i thought screw it, i'll deal with it tommorow.
I decided to format, i decided its not worth trying to disinfect as traces will remain etc, and thats not what i went right at the beginning of a new build.
Now im sitting here on a freshly built machine, first thing i did was install mbam and avg, now im just browsing through my other hard drive (XP C: drive) for files i need to get across, but im a bit hesitant to.
How can i ensure ramnit doesnt reinfect? If i get the mbam trial where it actively protects your system and have avg running whilst i do it, im assuming this will help me corner the originally infected file, and stop it before it infects?
the TL;DR version:
How can i stop ramnit from reinfecting when i copy all my files across?
EDIT: just ran AVG on my D drive (old xp installation) and it found over 4000 infected files. Had a look through and majority are dll's, couple of .exe's and a tonne of html files (help files etc). Ive deleted all of them. Going to reboot into safe mode and run mbam and avg on both drives and see if anything comes up.
Advice would still be greatly appreciated. I have a lot fo files i want to copy across onto my W7 installation, but really dont want to risk reinfecting.
FURTHER EDIT: Everything found has been in appdata or program files. I didnt copy ANYTHING from these directories over to my windows 7 installation. Which makes me think ramnit isnt being picked up by my anti-malware :/
Edited by Forau, 28 January 2012 - 07:35 AM.