Welcome to the Virus Encyclopedia of Panda Security.
It allows hackers to access the resources of the affected computer.
|Detection updated on:||June 3, 2003|
|Yes, using TruPrevent Technologies
Netbus.160 is a Trojan that belongs to a program used for remote computer administration from other computers. It allows a user (the attacker) to access the resources of the computer belongingto a different user (the victim), thorugh an IP connection (either to the Internet or to an Intranet).
Netbus.160 has two elements:
The client program, which is installed in the attackers computer.
The server program. which is (automatically) installed in the targeted computer.
Once the serve has been installed in the affected computer, Netbus.160 opens several communication ports, thorugh which the serevr receives orders fro the client, using a TCP protocol.
By doing so, Netbus.160 allows hackers to carry out several actions in the affected computer, such as open and close the CD-ROM tray, display images, etc.
Netbus.160 is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
However, if certain actions, like the ones below, are carried out in the computer without user intervention, it can be a clear indication of the presence of Netbus.160 in that computer: