What is Netbus?

NETBUS
Is a trojan, a backdoor that allows others access to your computer remotely.
Once they have that access they can change/steal your passwords, run or delete files,
reboot your computer, format drives, and even make your computer unable to be started up,
all without your knowledge or consent.

Diagnosing Netbus in your System

When using your Irc Client ie mIRC type the following in any window:- 

//say $findfile(c:,keyhook.dll,0)) 
//say $findfile(c:\,patch.exe,0)) 
//say $findfile(c:\,explore.exe,0))

MANUAL FIX

THIS FIX INVOLVES MODIFYING THE REGISTRY IN YOU SYSTEM 
BE EXTREMELY CAREFUL 
AS MISTAKES CAN DAMAGE YOUR SYSTEM. 

1. In Windows goto START then RUN and put on the line REGEDIT

2. Once in the REGEDIT Follow the Path below. 
      HKEY_LOCAL MACHINE 
      SOFTWARE 
      MIRCOSOFT 
      WINDOWS 
      CURRENT VERSION 
      RUNSERVICES 

3. Look in right hand window for the default it should be not set.  
   i.e. Value Not Set 

4. If it appears as i.e. exe you need to change the value to nothing by deleting the exe. 

5. Save and close your registry 

6. Back in Windows Goto your DESKTOP and open the following. 
      MY COMPUTER  
      WINDOWS 
      SYSTEMS 
In Systems select "show all files" (98 or later 95 versions only) 
Look for a file with No Name 
And No Icon (white) 
NOTE IT COULD BE NAMED .exe 

7. Goto find files folders and search in My Computer for windll.dll please delete all files of this name. If you are unable to delete this file you haven't done the above steps correctly. 

8. On completion of the above steps you should be clean. Please redo Diagnosis to be sure!