W32 Virus Ramnit - where from?

  john bunyan 08:22 21 May 2013

My grand daughter's W7 laptop has acquired a Ramnit virus. I propose to use an ATI clone from a couple of months ago to go back to a pre infected state, as it seems to be one of those that infects everything. She has MSE as anti virus. I wonder where it came from ? She does (18 year old) use Facebook, and recently downloaded a lifestyle programme to do with slimming. The virus destroyed passwords and stopped updates and prevented the windows security centre from opening, as well, I suspect, of creating a hidden "guest" user account. Any suggestions on further preventative measures? I was only able to log on at all by a friend who helped me hack in, as the user name and password were declared wrong..

  Chronos the 2nd 08:38 21 May 2013

A few details here. F-Secure. And here Eset. And Removal.

  john bunyan 08:41 21 May 2013

Chronos the 2nd

Thanks; as the clone is fairly recent and the disc is partitioned into system and data, I can keep the data, check it, clone and replace the data, but I will look closely at your links. Still would love to know how it got in.

  Woolwell 09:44 21 May 2013

Has it come via email?

Where did she download the lifestyle program from?

I am going off MSE. Your tale has prompted me to do something about my son's system.

  onthelimit1 10:06 21 May 2013

I've had laptops / PCs with all the main players in the antivirus world infected in some way or another. Nothing (however much is paid) seems to protect from everything.

  john bunyan 10:34 21 May 2013

Thanks all. Will come back later.

  john bunyan 14:51 21 May 2013


Thanks, I will follow it up. I use for my PC Avira, SAS and MBAM and do frequent scans. My grand daughter has MSE as I thought it would auto update - she also theoretically has MBAM and SAS but when I eventually ran the latter it found 3 Windows Security Centre blockers and 55 tracking cookies. I find none on my machines when I scan!. I suspect she uses social network sites too carelessly. Very happy to fork out for the Emisoft - do you think it would have blocked it?

  Woolwell 15:15 21 May 2013

john bunyan - Have a look at the anti-virus reviews and tests and then compare prices. Does she do any on-line banking as she may get free security with that?

I use Kaspersky and my wife Norton. Neither of us have had a problem and my wife uses Facebook a lot. Both programs alerts to bad downloads and bad sites.

  john bunyan 15:31 21 May 2013


She has a 7" Samsung Galaxy 2 tablet, with I think, Kapersky Android anti virus, uses it to do essays then transfers into Word on the laptop using Dropbox or USB - I wonder if the tablet was involved? I am trying to find the name of a site from which she downloaded a programme to do with dieting etc - will report back when I find it, but it looked suspicious to me. Although she is reasonably academic - 7 A*, 3 A,1 B GCSE's and just finished International Baccalaureate exams (6 subjects) , she is impetuous and, I suspect, reckless in some sites visited like many teenagers and thinks she knows it all!!

  john bunyan 18:01 21 May 2013

See my new thread re firewall problems!

  onthelimit1 18:09 21 May 2013

JB - where is that?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

Illustrator Charles Williams on how to create magazines and book covers

iMac Pro review

Les meilleures prises CPL (2018)