MS32DLL.dll.vbs, VBS.Zodgila, VBS_RESULOW.A

damn... virus, malware... all make me sick...
recently I got this surprise after my friend borrow my thumb drive and sadly my AV doesn't detect it :(
erm .. maybe because it is a malware ?

My IE also change title to "Hacked By Godzilla"



I google and found how to remove it... this info from symantec.com

Discovered: November 23, 2006

Updated: January 28, 2007 10:33:26 AM

Type: Worm

Infection Length: 3,642 bytes

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

How to Remove?

.....

1 .Kill process wscript.exe

• open Windows Task Manager>
• Sort Image Name
• find wscript.exe
• kill (end process) all wscript.exe

2. Unhide the hiden file(s)

• Open My Computer
• Select Tools --> Folder Options
• When Folder Options click at View tab
• check at Show Hidden files and folders
• uncheck the Hide extention… and Hide protected operating system file
• Click OK

3. Explore drive

• Open drive (By right click and select Explore. Must not Double Click !) Delete autorun.inf and MS32DLL.dll.vbs (Press Shift+Delete) in all drives include Handy Drive and Floppy disk.
• Open folder C:\WINDOWS to delete MS32DLL.dll.vbs inside (press Shift+Delete )

4. Remove from registry key

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
  Windows\CurrentVersion\Run
  MS32DLL = "%Windows%\MS32DLL.dll.vbs"
• Select HKEY_CURRENT_USER --> Software --> Microsoft --> Internet Explorer --> Main to delete Window Title “Hacked by Godzilla” (press Delete key on keyboard)

5. ClickStart --> Run and enter msconfig Click OK. the System Configuration Utility dialog will display

• Click Startup tab

• Uncheck MS32DLL

• Click Apply

• Clock OK (or Close)

When the System Configuration dialog display select Exit Without Restart

6. Hide hidden file

• On Folder Options dialog select View tab

1. Check at Hide extension… and Hide protected operating system file
2. Click OK

7. Empty the Recycle bin