| Port No | 1001 |
| Service Name | Web Ex |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Web Ex 1.2 is a Visual Basic trojan that has a client resembling NetBus. Web Ex has the original feature of being able to fill your screen with text. |
| Reference Link | Web Ex |
| Attack | Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: RunDl32 Features: Draw circles Get information Open/Close CD-Rom Run program Send message Send text Send to URL Shutdown windows Swap mouse buttons View/close active programs Write on screen Fix: Remove the RunDl32 key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Which can be done with regedit or any other registry editing program Reboot the computer or close Task_bar.exe. Delete the trojan file Task_bar.exe in the windows system directory |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.