Virus which infects your MP3 files! "I am Code Breaker"

Well thanks guys for advising how i can start my own topic. Well, 2 days ago i pickup up suspicious files. The file was on my Ipod when i had synced some music from someone elses desktop. It was called “fresh_mp3”. Because it was an application, i deleted it but it had some hidden files. Well it attaches itself to your music and adds an intro “This is Code Breaker”, renames your artists and tracks to the same name. So everytime you play a song, its so monotonous. ave the Alwil team picked it up and when can the update be available. Its really urgent. Can they be repaired using VRDB?

Well u could send it to Alwil for improvement in detection^^

Send the sample to virus@avast.com with undetected malware in subject and mention this post in the email body.

-AnimeLover^^

I have just sent some of the file “fresh_mp3.exe” and “File”. But had to go through my chest to do that. Isnt there an easier way and why doenst it send immediately instead of waiting for another update which could be 4 hours away?

Just update manually and the file will be sent.
I have complained a lot about this weird file submission process.

Well, do i have to resend it again or they would still get it on time? I use online mail, so am afraid of attaching it there and isnt they scan attachments before they forward. Think potential malware sending should be considered on the new release in an easier and faster, safer way. Coz since its new am afraid of helding it across my desktop

Easier and faster, I agree.
Safer? Well, send files within Chest to Alwil can’t be safer, the file is encrypted and won’t be detected, the file is sent by the update service and not from email or any other user interaction.

copy the script below and name it temp1.bat. run it it wil remove the fresh_mp3 file which attaches its self to ane of the Hwnd files. It worked for me…!

chdir /d %USERPROFILE%
del Hwnd\file e:\file
del attrib +H +S +R e:\file
del Hwnd\file

Thank you for sending sample it will be detected in VPS update 090911.

Can they be repaired using VRDB?
No, MP3 can't be repaired using VRDB. VRDB is designed for some system files.

Milos

hie can u xplain more on your code. Do i have to cahnge the drive letters to match with the drive letter on my pc?
What does that d/ specify?

pliz jes xplain more.
thnx in advance

Hi videotouch,

Learning someone to fish is better than handing out one fish always i.m.h.o.
Here you will find a tutorial about DOS Batch File creation with various examples to help you create your own: http://www.chebucto.ns.ca/~ak621/DOS/BatExamp.html
Concerning your other question: You can change the current directory on another drive by specifying the drive letter on the command-line when you use CHDIR or CD - The following statement changes ’ the default directory on drive “D:”. “C:” remains the current drive. ChDir(“D:\WINDOWS\SYSTEM”),

polonus

8)Well it seems my issue has been solved very quickly now coz, Code breaker and vitro are now being detected. Now that puts a smile on my face. Thats the avast that we are used to. :wink:

Unfortunatly, vitro shouldnt put a smile on your face. it is very hard to remove and often causes you just to scorch earth reformat(Removal OF EVERY FILE on the harddrive.)