Netbus
Netbus is a remote control tool that allows users to access and control your machine by way of its Internet link. It also allows users to manage and control PCs or networks from a remote location.
General information:
| Malware Name: |
Netbus |
| Malware Type: |
Remote Control Tool |
| Company Name: |
Netbus.Org |
| Company URL: |
http://www.netbus.org/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
Netbus.Org provides you the software Netbus that allows a remote user to access and control your machine by way of its Internet link. Netbus runs under the NT operating system as well as Win95/98. Netbus is now capable of redirecting input to a specified
port to another IP address via the server machine. This means the remote user can do mischief on a third machine someplace on the Net, and his connection will appear to come from the redirecting address. This feature, truly useful as a tool for illegal
computer trespass.
Spyware Description:
Netbus is a remote control tool that allows users to access and control your machine by way of its Internet link. It also allows users to manage and control PCs or networks from a remote location.
Characteristics/Symptoms:
-> It allows users to access and control your machine by way of its Internet link. -> It also allows users to manage and control PCs or networks from a remote location.
Additional information might be found here:
Processes Running:
NetBus.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\All Users\Start Menu\Programs\NetBus Pro\NetBus Help.lnk |
600 |
Shortcut |
| C:\Documents and Settings\All Users\Start Menu\Programs\NetBus Pro\NetBus Server.lnk |
593 |
Shortcut |
| C:\Program Files\NetBus Pro\Skin\Logotype.bmp |
40962 |
Bitmap Image |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\NetBus Pro\D |
| C:\Program Files\NetBus Pro\Dow |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\NetBus |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NetBus Pro |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NetBus Pro |
Changed |
