How to get rid:
Extract contents of disk to hard disk then:
The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe
Codec.exe is the trojan. Extract setup.exe, and then delete the original. The setup.exe inside the container is actually the real install EXE, and I have verified it is clean, and that there are no other infected files on the disk. Then put the real setup.exe into the root of the folder, and build a bootable ISO with vLite.
I cannot guarantee that this Virus is present in every leak, but it appears to be present in a lot of them
Edited by warwagon, 28 April 2009 - 03:47.