InstantAccess

Description:	Adware
Risk Level:	High
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	Electronic Group Interactive, S. L.
Brief Info:	InstantAccess downloads ads, usually pop-up in nature.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "InstantAccess"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\MSpLOCK32.DLL MD5: AE81BEC769C269D02F1C1256FF0AFEE3 Size:20992 MD5: B6ACDFC78808478AECC8439D2173E6DF Size:10240 %SYSDIR%\EGACCESS4_1066.dll MD5: 0E85E17F8CA5EB76ECFAF340AA8BA897 Size:79872 %PROGRAMFILES%\instant access\Multi\20080721210752\instant access.exe MD5: 626E9C956D3632A9126368A4E55A6F15 Size:173334 %SYSDIR%\egaccess4_1064.dll MD5: 2AF20CCED78719C723F1F0C064DBAA4E Size:78848 %SYSDIR%\egaccess4_1063.dll MD5: AF37097704F3DF3BF1D6013662A140C3 Size:74240 %PROGRAMFILES%\instant access\Multi\20070108210112\instant access.exe MD5: 2BD2BCC1DAA28020DB0B658B30224E86 Size:166494 %SYSDIR%\msegcompid.dll MD5: 3248122AA80260EA21C281EDD50259F8 Size:22 %SYSDIR%\MSCLOCK32.DLL MD5: 904A1566E829DF251A2C447BE4BB00BE Size:10240
Detected Files with variable Filenames:

Detecting items list:

Files by Name %Windir%\access.exe %sysdir%\EGDACCESS_*.DLL %sysdir%\EGCOMLIB_*.DLL %Windir%\exedialer.exe %Windir%\exeinstaller.exe %Windir%\system\eghtmldialer.dll %programFiles%\instant access\p2esocks_*.dll %Windir%\eg_auth_*.dll %sysdir%\eg_auth_*.dll %Windir%\p2esocks_*.dll %sysdir%\p2esocks_*.dll %SYSDIR%\EGACCESS4_1061.DLL %SYSDIR%\EGACCESS4*.dll %sysdir%\MSCLOCK32.DLL %sysdir%\MSpLOCK32.DLL %sysdir%\msegcompid.dll
Files by MD5 MD5: 622FCC40E73432D9E92C7169273A896D Size: 71680 MD5: B67916804E37F787A0CA3B883A0B7C08 Size: 130904
Files by Directories %programFiles%\instant access %Windir%\dialpass %Windir%\egroup
Files by CLSID or Name CLSID=6AA93DF6-6757-4338-9087-F7601DE18402 CLSID=54C75FB0-6B8B-4278-BF7B-77036F15A69E CLSID=F3A257E6-FA04-4B30-A1B6-6B89EB814544 CLSID=C13FA88A-D264-4BC8-92ED-52EB8181E209 CLSID=D7B59209-0ED9-4986-BD4A-527BE836C6B2 CLSID=AD9B275B-E42D-4C7F-9FFB-29B5FB81688B CLSID=F8ACA5A0-060A-478A-8368-1407780D2251 CLSID=2ABE804B-4D3A-41BF-A172-304627874B45 CLSID=2F668A6D-2EC7-4E3A-A485-819E210738D6 CLSID=83F0D6AA-CD15-46B5-AA4E-BDB506B4AE53 CLSID=50AD557E-3426-41FD-AFDD-2AF39BB1C387 CLSID=0594AF7E-573B-40DF-8165-E47AB2EAEFE8 CLSID=2E30AC01-99D7-4E9C-B13E-94E1701B0AC9 CLSID=E8C88115-4951-425B-8C45-4DFC5A5540EE CLSID=8F0A06F6-DF4D-4D54-B8CA-E8EEDBAE6DDB CLSID=3947AC1D-DB09-4353-BBCC-55B97F5035EF CLSID=A58F3D09-4543-4396-8BE7-105F14DD6ED5 CLSID=0E594D22-ACE6-43A2-BCDA-BB7C65D3FE8C CLSID=EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1 CLSID=1EB17D1C-141D-4D9D-91CB-24D99215851D CLSID=469C7080-8EC8-43A6-AD97-45848113743C CLSID=CEFB7B49-9652-464F-8AFD-A577C0500F39
Registry Keys HKCU\Software\EGDHTML HKCU\Software\egroup
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=Instant Access

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »