One of my clients have experienced a virus called "Raila Odinga", the virus makes his computer windows to be mutliplying on the deskop when he tries to open any windows on his Windows XP platfrom. I tried running the Mcafee VSE 8.7i but it does not pick up or delete the virus. Please Help!!!
All my client's McAfee are managed by ePO 4.0.
Which DAT and Engine versions are installed on the machine? Are you able to send us infected files to be checked by the research team?
The DAT file was 5913 and the Engine is 5400.1158, but I'm unable to send you the infected files because I have reformatted the computer because I did'nt know what to do because the virus could'nt be removed/deleted by McAfee or manually.
But you can help to know how to remove and prevent it incase it comes back to our network...
My name is Francisco, We in Movicel heve a Gold Support from Mcaffee, our problem is Raila Odinga.
there is more ditalhe abaut it:
Regity Key created
• Key: software\microsoft\windows\currentversion\run\htazpohvqs
USB flash drive
Other consequence of the virus infection.
it create word file in:
It duplicate all files in director, but putting then as .exe
Egg. Test.xls à Test.exe
Opening many time the image in attachment
Movicel Mcafee Produt.
EPO – 4.5.0
Viruscan – 8.7i
DAT – 5945
Engine – 5400.1151
Client: XP, Vista, Win7
I tried all the info I can get from the net and I came across the website where it helped quite a lot to remove the Raila Odingo from our systems. Here is what you need to do:
1. Delete all the files that is associated with the Raila Odinga virus from your Desktop
2. Go to "C: Wondows, System32" folder and locate all the word documents in that folder and delete them from "System32" folder and if the jpeg of Raila Odinga is in there delete it as well.
3. And lastly visit this side: www.securitystronghold.com to download some tool to make sure that Raila Odinga is no longer on your system.
Hope you will come right!!!
Well I was fortunate enough that the virus did not affect all our systems, only affected one user that's why a was so lucky to get rid of it...
I guess in your case you need an intervene from the McAfee Support Team!