| Port No | 31415 |
| Service Name | Lithium |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This alert indicates that a remote user is using a Lithium client to connect to a trojaned server in your network. Lithium is a Trojan Horse program. Trojan Horse programs enable remote users to gain access to data or system functions on systems where the Trojan Horse has been installed. A Trojan does not copy itself and spread further through file sharing or auto-emailing like a worm; rather, it is typically installed from an executable, such as an email attachment. Once installed, it allows a remote client to open a connection to the affected system. With this open connection, the remote client has access to certain functions on the affected host. |
| Reference Link | More INformation |
| Attack | Name:Lithium How To Remove: The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1. Disable System Restore (Windows Me/XP). 2. Update the virus definitions. 3. Restart the computer in Safe mode or VGA mode. 4. Scan and delete the remaining infected files. 5. Reverse the changes that the Trojan made to the registry. For details on each of these steps, read the following Link. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.