ALERT

[WEBINAR] Index Insanity: How to Avoid Database Chaos

Netbus

Definition - What does Netbus mean?

Netbus is malware or, more specifically a Trojan, that was designed to remotely control Microsoft Windows applications over a network. The software is controversial because it can be used as a way to trigger unauthorized access to a remote computer for malicious purposes. Netbus was designed to work on Windows 95, Windows 98, Windows ME and Windows NT 4.0 operating systems.

Netbus has the ability to gain control of keystroke logging and injections, shut systems down, and perform screen captures. It can also be used to browse files, execute or delete file, open and close a computer's CD tray, format drives, and even create booting issues. It functions primarily through ".exe" files.

Netbus may also be known as Patch.exe or SysEdit.exe.

Techopedia explains Netbus

Netbus consists of a server program as well as a client program. The server version is installed on the victims' system, while the client version is installed on the systems used by the intruders. In addition, Netbus is able to randomly locate the systems that have an active Netbus server installed on them.

Netbus was developed by Swedish computer programmer Carl-Fredrik Neikter, who claimed to have developed it primarily for pulling computer pranks. Even so, Netbus has been notoriously abused for various malicious purposes. For example, in 1999, attackers used Netbus to plant child pornography on a law scholar's work computer at Lund University. Around 3,500 images were downloaded to the victim's computer, which was later discovered by the system administrators. As a result, the law scholar lost his research position at the institution, and had to flee from the country. In 2004, he was exonerated when the court found out that Netbus was used to carry out these illegal downloads.

Netbus functions more or less the same way as Back Orifice, another controversial software designed for remote system administration. It emerged in the lat '90s, when Netbus was already widely implemented.

The Netbus infection can be identified by verifying the Windows registry. If infected, Netbus can be removed either by using malware or spyware removal applications, or by manually deleting its entries in Windows registry.

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.