Top 10 Alerts

Latest 10 Malware Files

Testimonials

I consider myself pretty good with a computer, but after 10 hours of trying to do this myself, the sysguard.exe whipped me. I couldn't find all the files and when I thought I had them all, they would replicate and play hide and go seek I have never endorsed a product in a comment, but if you want to rid yourself of this stuff, pay the $24.99 and download Exterminate-It It fixed my system in 5 minutes!

Mike T.

More ...

Searched as:

remote anything
remoteanything
UNINSTALL REMOTE ANYTHING
remove remote anything
Remote-Anything
remadm-remoteanything
remote anything remove
how to uninstall remote anything
uninstall slave.exe Remote Anything
remoteanything service

Remote.Anything

Aliases of Remote.Anything (AKA):

[Kaspersky] Backdoor.RA.358, Backdoor.RA.41112, Backdoor.RA.304, RemoteAdmin.Win32.RA
[McAfee] RemoteAnything, RemAdm-RemoteAdmin
[F-Prot] security risk or a "backdoor" program
[Panda] Backdoor Program, Backdoor Program.LC, Univ.AP.K, Application/RemoteAnything
[Computer Associates] Backdoor/RA.358, Backdoor/RA.304

How to Remove Remote.Anything from Your Computer

To completely purge Remote.Anything from your computer, you need to delete the files, folders, and Windows registry keys, and registry values associated with Remote.Anything. These files, folders, and registry keys are respectively listed in the Files, Folders, Registry Keys, and Registry Values sections on this page.

For instructions on deleting the Remote.Anything registry keys and registry values, see How to Remove Remote.Anything from the Windows Registry.

For instructions on deleting the Remote.Anything files and folders,
see How to Delete Remote.Anything Files (.exe, .dll, etc.)

How to Delete Remote.Anything Files (.exe, .dll, etc.)

The files and folders associated with Remote.Anything are listed in the Files and Folders sections on this page.

To delete the Remote.Anything files and folders:

Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
Note: The paths use certain conventions such as [%PROGRAM_FILES%]. These conventions are explained here.
Select the file or folder and press SHIFT+Delete on the keyboard.
Click Yes in the confirm deletion dialog box.

IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu, and restart your computer. You can install the RemoveOnReboot utility from here.

Files:

[%WINDOWS%]\slave.exe

view mapping details

Scan your File System for Remote.Anything

How to Remove Remote.Anything from the Windows Registry

The Windows registry stores important system information such as system preferences, user settings, and installed programs details as well as the information about the applications that are automatically run at start-up. Because of this, spyware, malware, and adware often store references to their own files in your Windows registry so that they can automatically launch every time you start up your computer.

To effectively remove Remote.Anything from your Windows registry, you must delete all the registry keys and values associated with Remote.Anything, which are listed in the Registry Keys and Registry Values sections on this page.

IMPORTANT: Because the registry is a core component of your Windows system, it is strongly recommended that you back up the registry before you begin deleting keys and values. For information about backing up the Windows registry, refer to the Registry Editor online help.

To remove the Remote.Anything registry keys and values:

On the Windows Start menu, click Run.
In the Open box, type regedit and click OK.
The Registry Editor window opens. This window consists of two panes. The left pane displays folders that represent the registry keys arranged in hierarchical order. The right one lists the registry values of the currently selected registry key.
To delete each registry key listed in the Registry Keys section, do the following:
- Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders.
- Select the key name indicated at the end of the path (KeyName1 in the example above).
- Right-click the key name and select Delete on the menu.
- Click Yes in the Confirm Key Delete dialog box.
To delete each registry value listed in the Registry Values section, do the following:
- Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2\,valueC=, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders and select the KeyName2 key to display the valueC value in the right pane.
- In the right pane, select the value name indicated after a comma at the end of the path (valueC in the example above).
- Right-click the value name and select Delete on the menu.
- Click Yes in the Confirm Value Delete dialog box.

Registry Keys:

HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_slave
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\slave
HKEY_LOCAL_MACHINE\software\twd\remote-anything

Registry Values:

HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=42F0874F
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, typessupported=7
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PROFILE%]\Downloads\VIRIIS2012\IDS-Slave.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=D:\installers\CS 1.3\cstrike speed\CS_Speed.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PROFILE_TEMP%]\Temporary Directory 1 for my_Slave.zip\my_Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=840E664F
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%SYSTEM_DRIVE%]\download\exploids\winhelp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=0061CF4E
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=396BCF4E
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=B92C9248
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%SYSTEM_DRIVE%]\Util\Ver 5.1.30\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=76C52441
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=92A6A54E
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=15FF934E
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=\\10.211.1.119\Software\Remotn\Remote Anything and Directory Server (c) [TWD Industries] Full Version\Remote Anything v5.1.30 Directory Server v4.1.30 (c) by TWD Industries\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=94A9FA47
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PERSONAL%]\Downloads\bht_www.softarchive.net(1)\Best Hacking Tools -85in1- [MUST HAVE] (AIO)\Best Hacking Tools\data\hacking\remoteanything365\Slave.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=D:\SAp\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=79086D4B
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=074ED94D00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=D8F6294C00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=CA0A654D00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=6459FE4C
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=38EF4A4B00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=64C46C4D
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=99E47D4D00000000
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%DESKTOP%]\Nueva carpeta\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=5C10744C
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PROFILE_TEMP%]\Rar$EX06.766\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=2DD9C74C
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PERSONAL%]\Downloads\Best Hacking Tools - 85in1\Best Hacking Tools - 85in1\Best Hacking Tools\data\hacking\remoteanything365\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=BB86114D00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=108FFF44
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=C86E4649
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=CCA0954A00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=B858B14C00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=78E0AB4800000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=D524544B00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=050FBB46
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=DA49084D00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=EAA4064C
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=252CC44C00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=39CBAB47
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=14F4454C00000000
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%DESKTOP%]\comics\comicslave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=871C2849
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%SYSTEM_DRIVE%]\DS\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=0864B348
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=83DDA04B00000000
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%WINDOWS%]\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=51DDC245
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=D241254B00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=FE49394B
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=9A3B9F4C00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=E8B0584B
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%COMMON_DOCUMENTS%]\Slave.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=H:\Master-slave\Slave.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=H:\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=C215E745
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=151CE745
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%SYSTEM_DRIVE%]\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=430FB147
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PROGRAM_FILES%]\RA\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=F1052A4C
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=7A2AEF4B00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=5583E64B
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=5FAD5847
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=B46E284C00000000
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=D:\source\driver\Drivers\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=B1AC214C00000000
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=B07AF749
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%SYSTEM_DRIVE%]\remote anything 4.33\Slave.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=0397EC48
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=[%PROGRAM_FILES%]\Microsoft Office\sleve.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=65BCF54B
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=501C6341
HKEY_LOCAL_MACHINE\software\microsoft\windows, {adb-d8ff-11cf-9377-00a1}=
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, eventmessagefile=
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\slave, typessupported=

Scan your Windows Registry for Remote.Anything

Remote.Anything Categorized as:

Backdoor

Of all trojans, backdoor trojans pose the greatest danger to users’ PCs because they give their authors remote control over infected computers. They are downloaded, installed, and run silently, without the user’s consent or knowledge. Upon installation, backdoor trojans can be instructed to send, receive, execute and delete files, gather and transfer confidential data from the computer, log all activity on the computer, and perform other harmful activities.

RAT

Remote Access Tool. A program that enables a hacker to remotely access and control other people’s computers. A RAT can serve a variety of malicious purposes, including hijacking and transferring private information, downloading files, running programs, and tampering with system settings.

How Did My PC Get Infected with Remote.Anything?

The following are the most likely reasons why your computer got infected with Remote.Anything:

Your operating system and Web browser's security settings are too lax.
You are not following safe Internet surfing and PC practices.

Downloading and Installing Freeware or Shareware

Small-charge or free software applications may come bundled with spyware, adware, or programs like Remote.Anything. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.

Using Peer-to-Peer Software

The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like Remote.Anything.

Visiting Questionable Web Sites

When you visit sites with dubious or objectionable content, trojans-including Remote.Anything-, spyware, and adware, may well be automatically downloaded and installed onto your computer.

Detecting Remote.Anything

The following symptoms signal that your computer is very likely to be infected with Remote.Anything.

PC is working very slowly
Remote.Anything can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Remote.Anything.

New desktop shortcuts have appeared or the home page has changed
Remote.Anything can tamper with your Internet settings or redirect your default home page to unwanted web sites. Remote.Anything may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC
Remote.Anything may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox
Remote.Anything may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam, and other types of unsolicited e-mail to other people.

Check now if your PC is infected with Remote.Anything

Also Be Aware of the Following Threats:

Backdoor

RAT

Download ExterminateIt!
to instantly get rid of Remote.Anything!

CURIOLAB S.M.B.A., Amagertorv 15, 2, 1160 Copenhagen K, Denmark, +45.36965533