| Port No | 5151 |
| Service Name | Optix Lite |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This server side of a backdoor Trojan, Optix Lite 0.2, sends via port 80 (HTTP) the IP address of its infected system. It allows an unauthorized access to its infected system. |
| Reference Link | OPTIX |
| Attack | Solution: Click Start>Run, type Regedit then hit the Enter key. Double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>Run In the right panel, search for any of the registry keys that contain the data value as follows and delete it: RunProg=%Windows%\server.exe Exit the registry. Click Start>ShutDown>"Restart in MS-DOS mode” and click OK. Go to the %Windows% folder, and then delete the following file: Server.exe Type “exit” then hit the Enter key to restart in Windows mode. Scan your system with Trend Micro antivirus and delete all files detected as TROJ_OPTIX2A.SRV. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.