1. Symantec/
  2. Security Response/
  3. Netbus.160.W95


Risk Level 1: Very Low

September 10, 1998
February 13, 2007 11:49:14 AM
Trojan Horse

The Netbus.160.W95.Trojan places a reference in the Windows registry that attempts to load the infected file when Windows starts. This file, which Norton AntiVirus (NAV) detects as Netbus.160.W95.Trojan, is usually named MyComputer.exe, but at least one variant is named Hacker411.exe.

12/3/2002 2:39:19 PM -- Joel Gerstman -- <Outsourcer> -- New Suggestion
Dec. 03, 2002 -- Customer with Win XP clean install (no upgrade from Win98) had Netbus.160.W95. She had \Winnt\keyhook.dll and
Kernei32.exe in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Kernei32.exe brings up a
Netbus.W95.Trojan keyhook.dll link on Google.com.
Kernei32.exe is also associated with the W32.Yarner.A@mm in the Security Response Write-Ups

Antivirus Protection Dates

  • Initial Rapid Release version September 10, 1998
  • Latest Rapid Release version August 8, 2016 revision 023
  • Initial Daily Certified version September 10, 1998
  • Latest Daily Certified version August 9, 2016 revision 001
  • Initial Weekly Certified release date pending
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: George Koris

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube