Pls does any body knows the Anti Virus i will use to remove Raila Odinga Virus from my System.it really disturbing my System.
for those that doesn't know what it is,
Raila Odinga is a Malware(Virus) that hangs the system.it comes up once you boot up your system.if You delete it,it still come up.
for those with Laptop,your battery won't last for 3 minutes once their is power outbreak. it makes the system hot like never before. Guys try to help

well, i found that same virus on most system in my workplace and what i did was to do the following.

run msconfig
uncheck the virus from startup (you'll notice its ridiculous name)
restart the system,
then install avast (i don't like this antivirus but i use it here cos it can do a startup scan even before it gets to welcome screen)
schedule a boot scan (this scans and finds the virus locations and deletes them) This will restart the system again
The manually delete the picture of the Raila Odinga where necessary.

I have not been able to deduce how the virus got into the system so as to make prevention but prior to the system contamination, there was no antivirus.

my brother,i tried AVG,AVAST,NORTON is not working.even if u update them

If your anti-virus does not work, then you need either google finding how to remove 'Raila Odinga Virus', or go get any trusted quality of Registry cleaner and Superspyware cleaner from filehippo.com or download.com.

Reformat your system is the LAST RESORT if all other fails! I am so sorry that your system has infected!

Don't be scared y'all, AVIRA antivirus will take care of raila odinga virus, a friend of mine had the same virus,advised him to do the same and it worked.AVG,NORTON won't work for raila cos they've not been updated to, To my best of knowledge,I think Raila Odinga virus is only found in Africa that's why most Antivirus don't respond to it, since the Antivirus companies either have not heard of it or don't see it as a big threat,they decide not to take care of the virus once and for all. AVIRA guys (though not the best ANTIVIRUS but it wipes Raila odinga virus for sure)

inze:

well, i found that same virus on most system in my workplace and what i did was to do the following.

I have not been able to deduce how the virus got into the system so as to make prevention but prior to the system contamination, there was no antivirus.

The only way it gets into a system is thru a removable drive e.g USB flash drive.It literally lives in it so to speak . My advice for sum1 whose PC has not been infected is to delete the file once he/she notices,Do not even attempt to open it!

A computer virus called ‘Raila Odinga’ is bad news in Malawi’s main commercial city of Blantyre as it has caused huge damages. The virus according to experts is believed to be a complicated group of deadly computer worms, Trojans, spywares and ad wares operating together as a single entity.

The worst thing is that it is killing flash disks if left for sometime and the only remedy is to format the USB stick once infected.

The virus is believed t o have originated from Malawi University Polytechnic campus in the city but the college’s IT students have since dispelled this.

Clocking four months now, eating up computers, flash disks and many other Information Technology (IT) storage materials has been described by local experts as the worst in Malawi’s computer history.

So far experts have failed to find its solution apart from deleting and formatting all infected computers.

http://www.itnewsafrica.com/?p=1206 Wow, it's rather famous. Be careful with strange flash drives.

Fomat Ur Pc, Tried more than 4 anti virus to no avail

my boss helped to remove it from one of my friends system b4
we use AVAST and it removed it
you will have to scan several times b4 it goes off
then finally reboot ur system and the pictures and every other thing goes off
MIND YOU- make sure your Avast is updated on the internet.

simple do system restore abeg and take ur system back!!! u get?

As a system Engineer I will not advice you to format the system, Download the latest Heaviest weight antivirus from the Internet, the Anti Virus name is BIT DEFENDER, , after the download run it on your PC after then restart your PC when you are restarting your PC make sure you run it on SAVE MODE, then you scan the PC with BIT DEFENDER antiviru, after the scanning it will detect the Virus and ask if you want it to be deleted permanently, after all these restart your PC and run it on Windows mode, feel free to write me back, You reach me on these numbers 08030452862, 08056763108.

suco

MANUAL REMOVAL METHOD

I've suffered this many times. Thing is Windows does an autoplay for any removable disk by looking for any "autorun.inf" file in it. Viruses exploit this to their advantage by instructing the autorun file to point to the virus. Best bet? disable autorun altogether.

This is also helpful if you're not sure a removable device is "clean" and is plugged.

You can disable autoplay in these steps:

PREVENTION PROCESS

1 - enter "gpedit.msc" (no quotes) in the run command
2 - A dialog box will pop up - change the settings as shown in the images below
3 - That's it! Even if an infected flash is plugged to your system, it won't autorun the infection (but double clicking will, though)

REMOVAL PROCESS

The viruses are marked as hidden and system files so depending on your AV, it might not detect it. No worry though - this is a manual removal

1 - Plug the suspect in your system (make sure you've disabled autorun first)
2 - Go to the Run Command and type the letter of the drive followed by a colon eg: e: Scroll down to the last file. Keep this window open!
3 - Now go to the Run Command and type "cmd" (no quotes) to bring up the MS-Dos Console.
4 - At the command prompt, type the letter of your drive followed by a colon eg: e:
5 - At the drive prompt, type "attrib -h -s" (no quotes). Press enter (This removes the attributes of the viruses to expose them )
6 - If your explorer window of the drive is open and in view, you'll see the extra files/viruses. Your AV might suddenly detect/remove them, or you can simply select them and hit the delete key.

Hope this helps.

use NOD 32, ESET. it will do it

Virus Profile: Voterai
Risk Assessment
 - Home Users: Low
 - Corporate Users: Low
Date Discovered: 6/6/2007
Date Added: 6/6/2007
Origin: N/A
Length: 97579
Type: Malware
SubType: Trojan
DAT Required: 5048
Virus Characteristics

Detection was added to cover for a malicious 32 bit PE file originally called "Raila Odinga.exe" , having a filesize of 97.579 bytes. The file is a nullsoft installer file.

Upon running, it drops and displays a picture file of "Raila Odinga", this is just an attention drawer. Apart from copying itself to the system Raila Odinga.gif  is also placed on the desktop and repeatedly opened.

In the meantime, the Raila Odinga.exe binary file is being copied silently copied to the windows directory and creates a registry entry to it:

   *  c:\WINDOWS\system32\drivers\Raila Odinga.exe
   * HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "(Default)"
       Data: C:\WINDOWS\system32\drivers\Raila Odinga

It drops an innocent file called "system.dll" having a filesize of 10240 bytes.

   *  c:\Documents and Settings\userxyz\Local Settings\Temp\nsf5.tmp\System.dll
   *  c:\Documents and Settings\userxyz\Local Settings\Temp\nsv3.tmp\System.dll

A link file is added as:
#  c:\Documents and Settings\userxyz\Start Menu\Programs\Startup\Raila Odinga.lnk




Indications of Infection

   * Presence of a malicious 32 bit PE file originally called "Raila Odinga.exe" , having a filesize of 97.579 bytes
   * Picture file "Raila Odinga.gif" being placed on the desktop and repeatedly opened automatically in photo editor.


Method of Infection

   * Manual infection - there's no exploit associated to it


Removal Instructions

All Users:
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations
Aliases
DR/NSIS.Voter.A (H+Bedv), TROJ_VOTERAI.A (Trend), Trojan.NSIS.Voter.a (Kaspersky), W32/Voterai.worm.b, Worm/Generic.BQP (Grisoft)


http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=142420

Always scan flash drives before inserting them or better still, install a usb-blocker software if it's not a personal system.

Raila Odinga is a pouplar man, perhaps we might have the mugabe virus

use eset antivirus to scan your system.


Then delete it from the system registry.

1. Scan with eset
2. click on start
3. Click Run
4. Type "regedit"
5. press ctrl + f
6. Type "Raila Odinga.exe"
7. click on find next
8. right click on the result and delete
9. repeat step 5,6,7,and 8 until sytem show not found.
10. close the progrm and restart.\
11. You are set free from the deadly Virus.

e-mail richguyintown@yahoo.com for more support.

Thanks for the help guyz, its so annoying, becos of this stupid spyware i need to format about 15 system

thanks guy for the help!

@ post

Hey this is the guru, Get a program called "UNHACK ME" Note the program is not an antivirus per say but it can scan and dectect Hidden rookits and works wonders scaning files that most anti virus wont do, use it on your system and get out all bad programs, However becarefull as it may bring out some usefull programs, in that case just click on the false aleart option, "false postive" or so, THIS PROGRAM IS THE BOMB!!


After usage, please uninstall.

Best is to use NOD32 like other have said, it is the best av out there for now

The description of the virus perfectly matches what I've been experiencing on my system for about two weeks now, especially hanging when I just put it on.

I'll contact the IT people to assist.

[/quote]WebMonk (m)
Naija
Posts: 347

Offline Offline


Re: House Beware Of Raila Odinga Virus
« #12 on: Today at 03:27:17 PM »

MANUAL REMOVAL METHOD

I've suffered this many times. Thing is Windows does an autoplay for any removable disk[quote]

thanks

Kaspersky antivirus always does the job for me. There is no virus it cannot take down.

Thanks, Webmonk and others. It's good to know reformatting isn't necessary. Information is power.

Hello Nairalanders, I need your views on my question so if you know anything or more that would help please let me know. Is Nigeria a visa free country to Gambia using my ECOWAS Passport? Post your responses

Thank God I'm not the only one whose system is suffering from this malicious malware. I nearly commit suicide as a result of this worm.

@ post

Hey this is the guru, Get a program called "UNHACK ME" Note the program is not an antivirus per say but it can scan and dectect Hidden rookits and works wonders scaning files that most anti virus wont do, use it on your system and get out all bad programs, However becarefull as it may bring out some usefull programs, in that case just click on the false aleart option, "false postive" or so, THIS PROGRAM IS THE BOMB!!


After usage, please uninstall.

reinstall windows n delete d hard drive info.

Download or use super Antispyware or smit fraud fix. I had this kind of problem early this year but these 2 especially the super anti spyware did the trick and acts as cop to my lappy!

Follow the instructions and you will be as good as new. In fact i cant even change the home page domain name without the super anti spyware prompting me for permission. Its that good.

Cheers!

Kaspersky. This Antivirus can do anything! Just try it.

raila odinga is the prime minister of kenya or so,whats the relation?