| Port No | 19216 |
| Service Name | NTHack |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This password-stealing, backdoor Trojan uses several known Windows NT exploits. It targets Windows NT 4 server and is comprised of components from various sources. Upon infection, a system is vulnerable to unauthorized FTP access, altered network routing configurations, file permissions changes, and excessive bandwidth utilization. |
| Reference Link | NTHack |
| Attack | Solution: Click Start|Run, type Regedit and then press the Enter key. Delete the following Registry entry keys: Hkey_Local_Machine\SOFTWARE\Microsoft Windows NT\CurrentVersion\Winlogon\GinaDLL Hkey_Local_Machine\Software\Microsoft Windows NT\CurrentVersion\Winlogon\OriginalGinaDLL Exit the Registry Scan your system with Trend Micro antivirus and delete all files detected as TROJ_PSW.GINA.A. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.