Severity scale  

Remote Access. How to Remove? (Uninstall Guide)

removal by - -   | Type: Remote Administration Tools
A Remote Administration Tool is a special kind of hacker spyware, used for remote access and control of other people's computers. The attacker infects the PC via the e-mail or File and Print Sharing. A "server" allows him to connect via a "client" on his own machine. The functions of a RAT may vary, depending on the needs of the hacker. Some RATs can't really harm your PC and the only purpose they were made for is hooliganism. But some versions can steal vital information, delete files and even crash your system. The author of this RAT is a hacker called .:T.U.R:. He wrote this pest in Visual Basic programming language. Several versions (Remote Access (a), Remote Access (b), Remote Access 1.0, Remote Access Advanced) appeared from August 2002 to February 2003.

From the publisher:

"ResetPW. Invalid password. Please try again. I've loaded Remote Access on your PC. Your pc is doomed."

"/away = set status of victim to away, /busy = set status of victim to busy, /invisible = set status of victim offline, /phone = set status of victim on the phone, /lunch = set status of victim to out to lunch, /name = set nickname to remote access is controlling now, /logoff = logs the victim off, /whatareyou = let the victim says something, /about = about the program, /exit = let the program exit on the victims pc, /msg = Shows a message on the victims screen with the text remote access is controling now, /keyboard = disables victims keyboard (only with win95/98/NT/ME), /mouse = disables victims mouse (only with win95/98/NT/ME), /brb = set status of victim be right back, /scroll = scrolls the victims name 4 times, /opencd = opens victims cd, /closecd = closes victims cd, /shutdown = shuts victims pc down (only with win95/98/NT/ME), /restart = restart victims pc (only with win95/98/NT/ME), /disconnect = disconnects the victim (only with modem), /print = prints the text you've opened remote access. your pc is doomed.' /logform = logs the victim of and shows a fake login wizard where he must type his password then you can type /pass if he is back online and you gets his pass. The other commands are /logformNL and /passNL and then all works the same but the login wizard is dutch. /profile = changes the victims profile with things about remote access, /clearmail = delete all msgs in the inbox of the victim, /nick = change nick of victim customly (example /nick i am stupid), /kill = kills a file of the victim customly (example /kill c:\windows\regedit.exe), /add = adds a mail to the victims contactlist (example /add, /block = blocks a mail on the victims contactlist (example /block, /check = checks if remote access is running, /disable = disables victims ctrl+alt+del (if the victim has win2k it doesn't work), /enable = enables victims keyboard (if the victim has win2k it doesn't work), /war = kills whole victims pc, /say = let the victim says something (example /say hello), /exitforce = exits the program and doesn't anymore run at startup, /msgbox = shows a message on the victims desktop (example /msgbox remote access is controlling you now), /crashwin98 = let the victims pc crash (only with win95/98/NT/ME), /crashwin98 = let the victims pc uncrash (only with win95/98/NT/ME), /swap = swap mouse buttons of victims mouse (only with win95/98/NT/ME), /open = opens a file on the victims pc (example /open c:\windows\regedit.exe), -Advance Commands- /port = sets a new port open from the victim (example /port 6667) /IP = let the victim gives his IP to you /host = let the victim gives his hostname to you You can use the client too if you don't want to use commands." Remote Access properties:
• Allows remote user connection
• Logs keystrokes
• Hides from the user
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Reimage - remover Happiness
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Remote Access. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended remover to uninstall Remote Access. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
We are testing SpyHunter's efficiency (2006-02-02 10:02)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2006-02-02 10:02)
Webroot SecureAnywhere AntiVirus

Remote Access manual removal

Kill processes:
client.exe, clientadvance.exe, remoteaccess.exe, remoteaccessadvance.exe
Delete files:
client.exe, clientadvance.exe, commands advance.txt, remoteaccess.exe, remoteaccessadvance.exe

Geolocation of Remote Access

Map reveals the prevalence of Remote Access. Countries and regions that have been affected the most are: United States, Australia, Singapore, New Zealand and Sri Lanka.

Information updated:

Comments on Remote Access

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)