Adware.KorAd
Posted: October 30, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 16,999 |
|---|---|
| Threat Level: | 9/10 |
| Infected PCs: | 8,118 |
| First Seen: | October 30, 2013 |
|---|---|
| Last Seen: | September 13, 2023 |
| OS(es) Affected: | Windows |
Adware.KorAd is an advertisement-delivery program that may be installed in multiple formats and usually is associated with pop-up advertisement attacks. Because some cases of Adware.KorAd detections are affiliated with legitimate applications, you should consider whether or not to uninstall Adware.KorAd on a case-by-case basis. As a rule of thumb, malware researchers recommend deleting Adware.KorAd with a good anti-malware product whenever Adware.KorAd is installed as a non-critical component or as a stand-alone program, since Adware.KorAd's advertisements don't benefit your computer and may be a potential source of security/performance issues.
When Your Daily Dose of Gaming Comes with a Side of Advertisements
Adware.KorAd usually is installed through software bundles that include Adware.KorAd either as an essential or optional component for other applications, such as the gaming application Cabal or ISP Life, a Korean mobile phone utility. Depending on the manner in which Adware.KorAd is installed, you may or may not be able to remove Adware.KorAd without removing the main program that's associated with Adware.KorAd. In many cases, Adware.KorAd's pop-up advertisements are used as a source of revenue for the company marketing the separate software – for example, Cabal has been known to use Adware.KorAd's pop-ups to promote its microtransaction store.
Adware.KorAd advertisements usually should not be considered unsafe to your PC unless they deliver content from third parties. Adware.KorAd may be a cause of minor browser performance issues, like most other kinds of adware, as a natural consequence of Adware.KorAd displaying advertisements without allowing you to disable them easily. Even though Adware.KorAd is, at worst, a low-level PC threat, its removal still is advised in most cases where Adware.KorAd isn't a critical component of another program that you trust implicitly.
Detaching the Adware from Your Web-Browsing Entertainment
In most scenarios where Adware.KorAd would be installed without the presence of other PC threats, Adware.KorAd doesn't present a major security problem to your PC. However, removing adware programs that display pop-ups automatically is a basic part of maintaining the optimal performance and security of your computer, and malware researchers recommend treating Adware.KorAd no differently from other pop-up-producing adware programs in any circumstance where Adware.KorAd can be uninstalled. Regardless of its means of entrance into your hard drive, deleting Adware.KorAd usually may require the use of anti-malware products for all of its components to be removed in full.
Because Adware.KorAd's installation usually is consensual but disingenuous, malware researchers suggest that you take a close look at any program that may include Adware.KorAd as a component prior to installing such software. In general, you should avoid programs that have known histories for triggering adware warnings from major PC security products. On the other hand, temporary Adware.KorAd alerts that are corrected by patches can be considered 'false positives' that may be ignored without any issues.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Quarantine\Folders\vcodec.2020112117151296.17.20.34.71\vcodecsvc.exe
File name: vcodecsvc.exeSize: 516.65 KB (516656 bytes)
MD5: ebbc5eb5ccc24810ab155626b471f184
Detection count: 6,862
File type: Executable File
Mime Type: unknown/exe
Path: C:\Quarantine\Folders\vcodec.2020112117151296.17.20.34.71\vcodecsvc.exe
Group: Malware file
Last Updated: August 22, 2023
C:\Quarantine_MZK\Folders\2015083018592902\vcodec.19.06.09.10\vcodecsvc.exe
File name: vcodecsvc.exeSize: 235.05 KB (235056 bytes)
MD5: bc0a8a487f0ac777b4840585ee2efe3d
Detection count: 349
File type: Executable File
Mime Type: unknown/exe
Path: C:\Quarantine_MZK\Folders\2015083018592902\vcodec.19.06.09.10\vcodecsvc.exe
Group: Malware file
Last Updated: December 20, 2021
%ALLUSERSPROFILE%\Window modus\Window modus.exe
File name: Window modus.exeSize: 71.18 KB (71189 bytes)
MD5: eb049974f01857fc5b0d1f5021a30d66
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Window modus
Group: Malware file
Last Updated: October 31, 2013
%USERPROFILE%\Desktop\file.exe
File name: file.exeSize: 75.34 KB (75344 bytes)
MD5: a71edf9f96c3a4466b617b19e52b256e
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Desktop
Group: Malware file
Last Updated: October 31, 2013
%PROGRAMFILES(x86)%\hcpop\hcpop.exe
File name: hcpop.exeSize: 40.96 KB (40960 bytes)
MD5: 1c470a7574db3dee217c6793b3ad49e3
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\hcpop
Group: Malware file
Last Updated: October 31, 2013
Registry Modifications
CLSID{2402B2ED-0F0A-4E5F-89A2-8BD09140352C}{FD532C54-FC82-4C97-9E7C-FB4397203A44}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Classes\AppID\WindowmodusUpdateService.EXESOFTWARE\Classes\Wow6432Node\AppID\WindowmodusUpdateService.EXESOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\hcsvc.exeSOFTWARE\Microsoft\Windows\CurrentVersion\Run\Window modusSOFTWARE\Wow6432Node\Classes\AppID\WindowmodusUpdateService.EXESOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Window modusSYSTEM\ControlSet001\services\WindowmodusUpdateServiceSYSTEM\CurrentControlSet\services\WindowmodusUpdateService
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.