Remove Remote-Access Tools and Lock Out Attackers
Cleanly remove every remote-access tool and shut the door behind them.
8 min read · Beginner friendly
Step 1: Disconnect from the internet first
Unplug the network cable or turn off Wi-Fi. This stops anyone currently connected from interfering while you remove their tools.
Stay disconnected until you finish step 4.
Step 2: Uninstall through Settings
Settings → Apps → Installed apps. Uninstall every remote-access tool you do not need: AnyDesk, TeamViewer, UltraViewer, ScreenConnect, Splashtop, RustDesk, Supremo, LogMeIn.
If an uninstaller asks 'Remove settings and configuration?' choose Yes — otherwise the attacker's saved access can survive.
Step 3: Disable Windows Remote Desktop and Remote Assistance
Settings → System → Remote Desktop → turn Off.
Press Win + R, type SystemPropertiesRemote, press Enter. Untick Allow Remote Assistance connections to this computer. Click Apply.
Step 4: Disable Quick Assist
Settings → Apps → Installed apps → search 'Quick Assist' → … → Uninstall. (Yes, you can remove it on Windows 11.)
Quick Assist is the most-abused tool in scam calls right now because it is built into Windows.
If your real IT support uses Quick Assist, leave it installed but only ever share the 6-digit code with someone you called yourself on a verified number.
Step 5: Run a malware scan
Reconnect to the internet and run Malwarebytes plus a Defender offline scan. Some attackers leave a backdoor or scheduled task behind so they can reinstall later.
Step 6: Change your passwords
From a different device, change passwords for: your Microsoft account, email, banking, password manager master password, and anything else valuable. Enable 2FA everywhere.