The culprit is WMV and it never went away
WMV or Windows Media Video is a container format (like MKV, MP4 etc.). It can contain video, audio and other streams that are encoded by any number of codecs. The flaw is that if Windows Media Player doesn't have the right codec / drm to play the video / audio in the WMV, it will offer to download and install it.
It's easy to see how this combined with human nature can trick some people into installing a trojan -
1. New movie appears in a web site claiming to suicide-squad.wmv (or whatever)
2. People download and click on it
3. WMP starts up, offers to download the codecs / drm to play the movie
4. People click through these popups
5. Trojan downloads and installs itself using media framework as the bootstrap
The remedy to this is fairly simple:
* Don't download videos with a .wmv extension. It is a dead format and nobody would EVER use it unless they had malicious intent.
* Don't download movies which claim to be self extracting .exes. Chances are they are trojans / malware.
* Don't download movies which are inside .rar or .zip files. The seeder is trying to prevent you from seeing inside so it's likely malicious in some way, either a trojan, garbage data, or some other kind of trick / scam.
* The only container formats in common use would be mp4, mkv and avi. The only video codecs in common use would be H264, HEVC/H265 and MP4 ASP. There are less common formats like m2ts, MPEG-2 etc. but these are the prevalent ones.
* Use a well tested non-default player like VideoLAN to play videos and set the defaults to launch this instead of WMP.
* Don't install or use software which claim to offer free movies / tv shows unless it comes from a reputable source that has the rights to that content.