Remote Access. How to remove? (Uninstall guide)

Remote Access | Type: Remote Administration Tools
Severity scale:  
A Remote Administration Tool is a special kind of hacker spyware, used for remote access and control of other people's computers. The attacker infects the PC via the e-mail or File and Print Sharing. A "server" allows him to connect via a "client" on his own machine. The functions of a RAT may vary, depending on the needs of the hacker. Some RATs can't really harm your PC and the only purpose they were made for is hooliganism. But some versions can steal vital information, delete files and even crash your system. The author of this RAT is a hacker called .:T.U.R:. He wrote this pest in Visual Basic programming language. Several versions (Remote Access (a), Remote Access (b), Remote Access 1.0, Remote Access Advanced) appeared from August 2002 to February 2003.

From the publisher:

"ResetPW. Invalid password. Please try again. I've loaded Remote Access on your PC. Your pc is doomed."

"/away = set status of victim to away, /busy = set status of victim to busy, /invisible = set status of victim offline, /phone = set status of victim on the phone, /lunch = set status of victim to out to lunch, /name = set nickname to remote access is controlling now, /logoff = logs the victim off, /whatareyou = let the victim says something, /about = about the program, /exit = let the program exit on the victims pc, /msg = Shows a message on the victims screen with the text remote access is controling now, /keyboard = disables victims keyboard (only with win95/98/NT/ME), /mouse = disables victims mouse (only with win95/98/NT/ME), /brb = set status of victim be right back, /scroll = scrolls the victims name 4 times, /opencd = opens victims cd, /closecd = closes victims cd, /shutdown = shuts victims pc down (only with win95/98/NT/ME), /restart = restart victims pc (only with win95/98/NT/ME), /disconnect = disconnects the victim (only with modem), /print = prints the text you've opened remote access. your pc is doomed.' /logform = logs the victim of and shows a fake login wizard where he must type his password then you can type /pass if he is back online and you gets his pass. The other commands are /logformNL and /passNL and then all works the same but the login wizard is dutch. /profile = changes the victims profile with things about remote access, /clearmail = delete all msgs in the inbox of the victim, /nick = change nick of victim customly (example /nick i am stupid), /kill = kills a file of the victim customly (example /kill c:\windows\regedit.exe), /add = adds a mail to the victims contactlist (example /add [email protected]), /block = blocks a mail on the victims contactlist (example /block [email protected]), /check = checks if remote access is running, /disable = disables victims ctrl+alt+del (if the victim has win2k it doesn't work), /enable = enables victims keyboard (if the victim has win2k it doesn't work), /war = kills whole victims pc, /say = let the victim says something (example /say hello), /exitforce = exits the program and doesn't anymore run at startup, /msgbox = shows a message on the victims desktop (example /msgbox remote access is controlling you now), /crashwin98 = let the victims pc crash (only with win95/98/NT/ME), /crashwin98 = let the victims pc uncrash (only with win95/98/NT/ME), /swap = swap mouse buttons of victims mouse (only with win95/98/NT/ME), /open = opens a file on the victims pc (example /open c:\windows\regedit.exe), -Advance Commands- /port = sets a new port open from the victim (example /port 6667) /IP = let the victim gives his IP to you /host = let the victim gives his hostname to you You can use the client too if you don't want to use commands." Remote Access properties:
• Allows remote user connection
• Logs keystrokes
• Hides from the user
• Stays resident in background

Automatic Remote Access removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Remote Access you agree with our Privacy Policy and Agreement of Use.
remover for Remote Access
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Remote Access. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for Remote Access Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Remote Access. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Remote Access using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
Alternate Software
We are testing STOPzilla's efficiency at removing Remote Access (2006-02-02 12:39:47)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Remote Access (2006-02-02 12:39:47)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Remote Access (2006-02-02 12:39:47)
Zemana Antimalware
Virus Removal Phone Support
Help Line to remove Remote Access

Remote Access manual removal

Kill processes:
client.exe, clientadvance.exe, remoteaccess.exe, remoteaccessadvance.exe
Delete files:
client.exe, clientadvance.exe, commands advance.txt, remoteaccess.exe, remoteaccessadvance.exe

Geolocation of Remote Access

Map reveals the prevalence of Remote Access. Countries and regions that have been affected the most are: United States, Australia, Singapore, New Zealand and Sri Lanka.

Information added: 04/26/05 13:32; information updated: 02/02/06 10:02

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post a comment

Attention: Use this form only if you have additional information about Remote Access parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove Remote Access using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!