Pin Me

WMA TrojanDownloader.GetCodec: Spread Via Infected Codecs

written by: PreciousJohnDoe•edited by: Bill Bunter•updated: 2/8/2011

WMA Trojan infects any system by installing fake codecs. Trojan Downloader forces a user to download movie or audio codecs on his/her system & then downloads a lot of malicious content to infect the user's PC. To protect your system, read this WMA Trojan removal help guide...

  • slide 1 of 5


    WMA TrojanDownloader.GetCodec Trojan as the name suggests forces the user to download or install certain codec files necessary to play a video or a song and then attempts to take control over the system. WMA TrojanDownloader.GetCodec makes use of fake audio and video files associated with website.

  • slide 2 of 5

    Risk Assessment

    Home Users – MEDIUM

    Corporate Users – LOW

  • slide 3 of 5

    Trojan Characteristics

    Filename: Associated with

    Type: Downloader

    Detection: TrojanDownloader

    Length: variable length

  • slide 4 of 5

    How it Works

    WMA TrojanDownloader.GetCodec is a medium profile risk for home users. This Trojan has been associated with website and makes use of fake audio and video files to infect the computer system. The size of the Trojan files is of variable length as these files are padded with nulls.

    This Trojan offers some of the most popular mp3 and mpg files, which are posted on the servers connected to a peer to peer network. When the user downloads and plays a particular file, he/she is asked to download certain codec files necessary to play the file. User is presented with a nice looking web page with a EULA agreement and a check box to ensure that you legally want to install this software. All this is done to make the software and the installation process look original.

    After the user clicks the “I Agree" button, FBrowsingAdvisor and SurfingEnhancer adware’s are downloaded on the system as specified in the EULA agreement. Before the installation ends, you will get an error message “regxpcom.exe – Unable To Locate Component" so that the user feels something wrong went with the installation. But, during the installation process, Trojan has infected the system.

  • slide 5 of 5

    Removal Instructions

    In order to remove WMA TrojanDownloader.GetCodec Trojan, download and install Trojan Remover and perform a quick scan. Reboot the system, when asked for. After rebooting the system, perform a thorough scan of the system using Trojan Remover. Also, you need to download and install spyware / adware removal software such as SpyBot. SpyBot is recommended and tested software for removing all kinds of spywares and adware’s.

    Don’t use any software other than recommended above. Since, these adware’s and spywares make changes to the system registry, it is necessary to use tested software that can revert back all the changes made by the WMA TrojanDownloader.GetCodec Trojan.