gaiso.exe, gaisox.exe, duuib.exe, duuibx.exe, duuibxx.exe, bxpoar.exe, bxpoarx.exe and bxpoarxx.exe…I encountered these viruses which seemingly have similar properties early this week in a laptop belonging to our faculty in UST. They’ve been a pain in the @$$ especially since it keeps on “eating” up everything inside the USB except for .pps or powerpoint shows. While it can be conventionally removed via USB Disk Security, and then a complete format, it has been rather troublesome and completely made my USB’s unusable for a time, rendering me almost incapable of proceeding with the lessons.
So far, from what I’ve observed, it “eats” up all of the files in the USB including folders, documents, text files, folders, zips and executables among others, replaces them with shortcuts which links to [virus name] [file name] (e.g. target: gaiso.exe evolution.doc). It also makes use of the dreaded autorun.inf. After launching, it copies itself to the folder “C:/Documents and Settings/User” under two or three names (simply by adding an x or xx to at the end of its name). Subsequently, it does the same thing to the folder it is found in. It cannot be terminated via the Task Manager, it cannot be deleted (if it can be, it recycles itself unless every instance is detected and deleted at the same time), it hides as a system file, and as of now, i have not found a way to prevent it from installing itself in the USB. Not Panda USB Vaccine, not USB Defender, not even USB WriteProtect. So far, the most effective method is by using USB Flash Security, but it still infects the unprotected area and prevents me from accessing the protected area. The shortcuts also seem to work only once since after accessing one, the rest of the shortcuts are only good for launching the virus again and nothing more.
Why not simply install USB Disk Security, or any other security software for that matter?
Like I said, it’s in UST. It’s not mine. I’m not allowed to make changes to it. Norton 2008 is installed in it (our university’s very tightfisted when it comes to the betterment of the education system, but that’s another story XD) and so is the useless Autorun Eater.
Format your USB
Then what was the point in my making a presentation and bringing it all the way to UST?
[i]Try this instead: http://www.whoismadhur.com/2008/01/26/how-to-remove-virus-from-usb-drives/[/i]
Deletion of the virus’s main executable leads to the secure deletion of the files. They will be absolutely unrecoverable (I know because I tried using Recuva).
Try this and that. They’re portable.
And how am I to bring them? USB? Remember they also eat .exe’s.
Hm… It just came to me that instead of giving me methods of removal, I’d be more grateful if you’d tell me how I can prevent them.