While accessing the “.wma” which is a media file extension the following behavior is noticed :
A. A browser page opens to a certain webpage ( ie missing-codecs.com or fastmp3player.com)
B. It tries to download and execute (when the user hits run on IE ) a malware from the mentioned site.
C. The prompted file to download is named “Codec.exe” which has the Windows Media PlayerÂ icon (the name could vary (“PLAY_MP3.exe” or another).
Find out more about symptoms, tehnical description and removal instructions here.