Title: Remote Access

Remove Remote Access
Removal instructions

 
Severity scale:Remote Access severity is 60  (60 / 100)
 
A Remote Administration Tool is a special kind of hacker spyware, used for remote access and control of other people's computers. The attacker infects the PC via the e-mail or File and Print Sharing. A "server" allows him to connect via a "client" on his own machine. The functions of a RAT may vary, depending on the needs of the hacker. Some RATs can't really harm your PC and the only purpose they were made for is hooliganism. But some versions can steal vital information, delete files and even crash your system. The author of this RAT is a hacker called .:T.U.R:. He wrote this pest in Visual Basic programming language. Several versions (Remote Access (a), Remote Access (b), Remote Access 1.0, Remote Access Advanced) appeared from August 2002 to February 2003.

From the publisher:

"ResetPW. Invalid password. Please try again. I've loaded Remote Access on your PC. Your pc is doomed."

"/away = set status of victim to away, /busy = set status of victim to busy, /invisible = set status of victim offline, /phone = set status of victim on the phone, /lunch = set status of victim to out to lunch, /name = set nickname to remote access is controlling now, /logoff = logs the victim off, /whatareyou = let the victim says something, /about = about the program, /exit = let the program exit on the victims pc, /msg = Shows a message on the victims screen with the text remote access is controling now, /keyboard = disables victims keyboard (only with win95/98/NT/ME), /mouse = disables victims mouse (only with win95/98/NT/ME), /brb = set status of victim be right back, /scroll = scrolls the victims name 4 times, /opencd = opens victims cd, /closecd = closes victims cd, /shutdown = shuts victims pc down (only with win95/98/NT/ME), /restart = restart victims pc (only with win95/98/NT/ME), /disconnect = disconnects the victim (only with modem), /print = prints the text you've opened remote access. your pc is doomed.' /logform = logs the victim of and shows a fake login wizard where he must type his password then you can type /pass if he is back online and you gets his pass. The other commands are /logformNL and /passNL and then all works the same but the login wizard is dutch. /profile = changes the victims profile with things about remote access, /clearmail = delete all msgs in the inbox of the victim, /nick = change nick of victim customly (example /nick i am stupid), /kill = kills a file of the victim customly (example /kill c:\windows\regedit.exe), /add = adds a mail to the victims contactlist (example /add [email protected]), /block = blocks a mail on the victims contactlist (example /block [email protected]), /check = checks if remote access is running, /disable = disables victims ctrl+alt+del (if the victim has win2k it doesn't work), /enable = enables victims keyboard (if the victim has win2k it doesn't work), /war = kills whole victims pc, /say = let the victim says something (example /say hello), /exitforce = exits the program and doesn't anymore run at startup, /msgbox = shows a message on the victims desktop (example /msgbox remote access is controlling you now), /crashwin98 = let the victims pc crash (only with win95/98/NT/ME), /crashwin98 = let the victims pc uncrash (only with win95/98/NT/ME), /swap = swap mouse buttons of victims mouse (only with win95/98/NT/ME), /open = opens a file on the victims pc (example /open c:\windows\regedit.exe), -Advance Commands- /port = sets a new port open from the victim (example /port 6667) /IP = let the victim gives his IP to you /host = let the victim gives his hostname to you You can use the client too if you don't want to use commands."

Remote Access properties:
• Allows remote user connection
• Logs keystrokes
• Hides from the user
• Stays resident in background

Automatic Remote Access removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Remote Access you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall Remote Access. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove Remote Access using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing Remote Access (2006-02-02 12:39:47)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing Remote Access (2006-02-02 12:39:47)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing Remote Access (2006-02-02 12:39:47)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing Remote Access (2006-02-02 12:39:47)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove Remote Access
Remote Access snapshot:

Remote Access manual removal:

Kill processes:
client.exe, clientadvance.exe, remoteaccess.exe, remoteaccessadvance.exe
Delete files:
client.exe, clientadvance.exe, commands advance.txt, remoteaccess.exe, remoteaccessadvance.exe

Geolocation of Remote Access:

This map reveals the prevalence of Remote Access. Countries and regions that have been affected the most are: United States, Australia, Singapore, New Zealand and Sri Lanka.

QR code for Remote Access removal instructions:

Remote Access qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Remote Access are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Remote Access right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.
Information added: 2005-04-26 13:32:49
Information updated: 2006-02-02 10:02:32

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post Comment:

Attention: Use this form only if you have additional information about Remote Access parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48600 Subscribers
Ask us
I failed to remove Remote Access using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other