> Spyware Encyclopedia Page 112 > Remote Access

Remote Access removal

Spyware Remote Access Information
Name: Remote Access Category: RAT Date: 2003-02-11 Author: .:T.U.R:. Coded in: Visual Basic Dangerous: Yes

Remote Access is one of RAT spywares.
Finding it on your computer means that your computer is infected with RAT and crucial data could be endangered or even lost.

Remote Access description by .:T.U.R:.:

from the code: ´ ResetPW. Invalid password. Please try again. I have loaded Remote Access on your PC. Your pc is doomed.´ Vendor: ´/away = define status of victim to away, /busy = define status of victim to busy, /invisible = define status of victim offline, /phone = define status of victim on the phone, /lunch = define status of victim to out to lunch, /name = define nickname to remote access is controlling now, /logoff = captures the victim off, /whatareyou = let the victim says smth, /about = about the application, /exit = let the application exit on the victims pc, /msg = Shows a message on the victims screen with the text remote access is controling now, /keyboard = disables victims keyboard (only with win95/98/NT/ME), /mouse = disables victims mouse (only with win95/98/NT/ME), /brb = define status of victim be right back, /scroll = scrolls the victims name 4 times, /opencd = opens victims cd, /closecd = closes victims cd, /shutdown = shuts victims pc down (only with win95/98/NT/ME), /restart = restart victims pc (only with win95/98/NT/ME), /disconnect = disconnects the victim (only with modem), /print = prints the text you have opened remote access. your pc is doomed.´ /logform = captures the victim of & shows a fake login wizard where he must type his password then you can type /pass if he is back online & you gets his pass. The other commands´re /logformNL & /passNL & then all works the same but the login wizard is dutch. /profile = changes the victims profile with things about remote access, /clearmail = delete all msgs in the inbox of the victim, /nick = change nick of victim customly (example /nick i´m stupid), /kill = kills a file of the victim customly (example /kill c:\windows\regedit.exe), /add = adds a mail to the victims contactlist (example /add iamalamer@hotmail.com), /block = blocks a mail on the victims contactlist (example /block iamalamer@hotmail.com), /check = checks if remote access is running, /disable = disables victims ctrl+alt+del (if the victim has win2k it doesn´t work), /enable = enables victims keyboard (if the victim has win2k it doesn´t work), /war = kills whole victims pc, /say = let the victim says smth (example /say hello), /exitforce = exits the application & doesn´t anymore run at startup, /msgbox = shows a message on the victims desktop (example /msgbox remote access is controlling you now), /crashwin98 = let the victims pc crash (only with win95/98/NT/ME), /crashwin98 = let the victims pc uncrash (only with win95/98/NT/ME), /swap = swap mouse buttons of victims mouse (only with win95/98/NT/ME), /open = opens a file on the victims pc (example /open c:\windows\regedit.exe), -Advance Commands- /port = sets a new port open from the victim (example /port 6667) /IP = let the victim gives his IP to you /host = let the victim gives his hostname to you You can use the client too if you do not wanna use commands.´

This RAT is also known as:

•Backdoor.Advertor.
• Backdoor.VB.di.
• BackDoor-ALV trojan.
• remoteaccessadvance.

>> Delete Remote Access automatically - Download Spyware Doctor

Remote Access Removal Instructions
Kill the following processes client.exe, clientadvance.exe, remoteaccess.exe, remoteaccessadvance.exe
Remove the following files client.exe, clientadvance.exe, commands advance.txt, remoteaccess.exe, remoteaccessadvance.exe.

Bookmark Remote Access page

Previous Spyware: Remove Remote

Next Spyware: Remove Remote Access (a)