Hacked by Godzilla!

Interesting - thats a relatively new one, and not very common outside of Asia, at least so far.

I recommend you first run

• Panda ActiveScan - if prompted to accept the download of ActiveX controls, allow them to install and run.
  
  
• Follow that with TrendMicro's free Housecall - again, allow required ActiveX controls to install and run.

Then, try the free-for-personal use version of Nick Skrepitos' SuperAntiSpyware - it very well may handle that for you if the above didn't help.

The free 30-day trial version of AVG Anti-Malware (formerly EWIDO) is another possibility.

Both of the above trial versions are fully functional and very good at what they do. Once downloaded and installed, they should be updated before use - see the documentation/help files accompanying each for details and specifics.

Save any and all logs or reports provided by the above apps for possible future reference.


If those none of that works for you, see Symantec: Manual Removal - VBS.Zodgila

Lemme know what happens.

Thanks timberlandko for your help. Definately I'll do that and come back

Hi timberlandko , I tried Panda active scan and house call. It took time

and the results were 3 viruses, 2 spywares and one hacking tools. Then I

went for my first option SuperAntiSpyware and updated it as you said. It

caught four potentially adware cookies ( tracking ) . It asked me to delete

it and I did.

I restarted my laptop , guess what? Still the words " Hacked by Godzilla "

the nightmare there. I will see AVG Anti Malware later, I saw the size 29 I

guess.


Thanks for being here and your help pal.

Godzilla virus
It seems to be exploiting the fact that autorun is not generally disabled in XP for USB drives. I got it from the night school i attend bringing my homework home.

It doesn't seem to do any harm apart from sticking a stupid message up in internet explorer. None of the virus detectors currently detect it.

There is apparently a small program written to remove this but i cant find it on the web at the moment


You need to open the disk explorer and set your file options to see everything (including system files).
Right click on each disk drive and USB drive you use and go into them using explore. Do NOT double click on them as this runs the autorun and script.

On each drive you will find

Autorun.inf
MS32DLL.dll.vbs


You will also find these files in the /Windows directory

Delete them all - make sure you check any USB drives you may have used since you got the problem.

Run Regedit and search for Godzilla. Delete that key or change it to something you prefer.

Normal caution should apply to all steps. If you dont know what you are doing find someone who does.

Hi timberlandko, hi noteapot and welcome to A2K. Thanks for your reply,

but problem solved following the last option symantic website.

It's as you said, I followed the registry key and found there with the

words " HACKED BY GODZILLA" . Then, I deleted it and I ran full system

scan in case. Before that, I turned off systems restore. Everything is just

fine.

I wonder what will happen if I kept the system restore off?!


Thanks timberlandko, you are great.

Timber is just doing his job. Try not to thank him.

link to remove
There is an auto remove link here

http://www.softbkk.com/software/antispyware-antivirus/remove_tools/hacked_by_godzilla_remove_tools.html

If all you did was search and remove in the registry it will probably come back if you havent removed the autorun.inf and vbs files


Mike

Also, speaking about laptop, my friend ( other one ) got a new laptop and

has the following details,


AMD ( AT ) 64*2 Mobile
Technology TL56
1.59 Ghz, 1GB ram

What is the best here AMD or CENTRINO ? Any differences. I know about

the numbers 1 GB is the ram speed maybe, and the 1.59 GHZ is for the

processor. Am I right? Do you recommend any other features or

anything?


Hi gustavratzenhofer, I'll try take your advice in the future, are you sure

that it's a good idea?!

My advice is always good, navigator.

And don't you ever forget that.

Just couple quick notes -

The Symantec manual removal process linked earlier does work. Another effective (and quite similar) manual removal process is available at TrendMicro: VBS_RESULOWS.A.

Also from TrendMicro, Sysclean will detect and eliminate the Godzilla nasty and many, many others. A tip: download, install, configure, and update Sysclean per its documentation, then boot into safe mode before running it. Following the safemode runthrough, reboot normally and run it once again - WHILE NOT CONNECTED TO THE INTERNET AND WITH NOTHING ELSE RUNNING

I don't know - haven't checked t find out for sure - but I'm informed most reputable, major-name online yuckware scan-and-remove tools now handle this Godzilla critter as well.

Finally, here is a direct link to the ESET/NOD32 removal tool NOD32 VBS Godzilla[Butsur.A] Fix mentioned by noteapot (BTW - welcome to A2K, noteapot); not to imply the site linked by noteapot is anything other than legitimate (and I'll make a point of saying that particular site is OK), but many ad-supported clickthrough/referer sites are far from legitimate.

Thanks noteapot, you are doing a gret job. Now, I didn't remove the

autorun.inf but if it came back, the remove link would be enough to

extradicate it for all. Is that right?

Also, what do you think of that laptop features?

Hi timberlandko, good notes there. Shall I follow them or wait till the

Godzilla come back and then go for your notes? Hope it won't come back.


Also, will the remove link handle the issue alone and perfectly for ever?


I will not say thank as I'm following gustavratzenhofer advice

If the problem's gone, navigator, prolly not much point pursuing it. I would, however, recommend you hunt down and if found eliminate any remaining related files or registry entries as detailed earlier.

As for anything that might " ... handle the issue alone and perfectly for ever ... " - or any other security/privacy issue - the best you can do is make infestations less likely; use your head, practice Safe Hex, and be careful out there.

mike-removal link for godzilla virus seems to work well:)
hi
thanks mike (noteapot)
and others

I found extensive advice on removal of Godzilla which was quite complex and by using search and find autorun.inf I couldn't find the files-

in any case the link you gave seemed to have done the trick for now at least- the "hacked by godzilla" text is gone-

we got the virus literally from Thailand by the way- somebody i know actually went there and so we got it-

it's probably gone by now

so thanks a lot mike!

One thing I want to point out is that the problem appears to be with Godzilla's autorun.inf file being in a place (C root directory, I believe) where it just starts up.

Microsoft offers information on how to test autorun.inf files here: http://support.microsoft.com/kb/136214

As always, if you don't know what you're doing, back up all your stuff onto CDs or otherwise off the computer and then ask someone who does know what they're doing.

External Hard Drive Hacked
can anyone here give my a hand removing this Godzilla virus from my external hard drive?

I infect whatever computer I connect it to, and an infected computer transmits the virus onto USB divices. Is there a way to beat this cycle and have a chance of removing it without formatting the drive.

I am living out in China and so most computers here have chinese text, not english. This makes it difficult to follow any complicated directions.

Cheers for any help

Godzilla virus
hi there timberlandko!

can you help me how will i detect the virus "Hacked by Godzilla" and how will i remove that virus because it has a big effects on my computer. it process slow and when i' am playing games it always logged. what should i do?
thanks! God bless!

Try this - eSet/NOD32 Godzilla Remover (Note: direct download, 156 kb file). Download to your desktop or some convenient folder, click the icon to launch it, and follow the onscreen prompts. It also can be downloaded to and run from a flash drive.

Any Virus Related to MS32DLL.DLL.VBS, hacked by godzilla,
Hi All,

My Name is Gihan and im glad i cud help mail me at [email protected]
How to get rid of the Hacked by Godzilla, John Sena and ms32dll.dll.vbs virus.

I was one of the few who got this virus and thought i'd never be able to get rid of it

unless i format the whole computer but after many trials i figured out a way to beat the

virus. I asked everyone i knew and searched on the web for a favourable soution and many

said i'll have to format it and the web solution was ok partly but it didnt take off the

whole virus, and this method will make sure u're virus free. If it doesn't work write to me

and I will see to it that u get it sorted.

The forums already posted on this virus are quite helpful but what it doesnt do is kill it

completely,

To get rid of it completely once and for all this is all you need to do.

1. Install latest AVG on u're C Drive
2. Run a scan and try and get it detected, might fail, in this case, go to folder options

and say show all files, note there shouldn't be any autorun.inf files on u're c drive if

that shows up you have to delete them.
3. go to windows directory and look for this file ms32dll.dll.vbs..if its there delete it
4. open task manager and look for the same file and if its there end task it
5. then type regedit in the "run"
6. PLease make sure its related to virus and if it is just go ahead and delete it. To do

this run a search in the windows registry for ms32dll.dll.vbs and del anything which comes

in the search results..but please double check.
7. ok almost there, now scan the computer again with the latest avg
8. Important note, when you have this virus you cannot open the D Drive with a double click

you then an error pops us saying ms32dll.dll.vbs is missing, and this is the virus and

everytime you say ok when the error msg pops up the virus spreads and you dont want to do

this, to avoid this right click on d drive and say explore or open then it wont spread
11. if by chance you do forget and double click it to open you have to follow all the steps

to see whether it spread anywhere.
12. ok after running the scan open d drive by right clicking and copy all the stuff u need

on to the c drive
13. format d drive
14. run antivirus again
15. and then put all the stuff you need in D Drive and format C Drive..
16. and now u're good to go u're machine will be out of the virus
17. its that simple if by chance you still have a problem please e-mail me and i'd be glad

to help coz I myself found it so hard to get rid of it cos i didnt want to format the whole

comp cos i had a whole lot of data which needed to be backed up if i was gng to format the

whole computer, so this solution is for those who are faced with the same problem.

my e-mail address is [email protected], ITS TIME TO BE VIRUS FREE AGAIN!!..cheers

mate. hope this helps