Event ID - 29292

Port No29292
Service NameNTHack
RFC Doc0
ProtocolTCP
DescriptionThis password-stealing, backdoor Trojan uses several known Windows NT exploits. It targets Windows NT 4 server and is comprised of components from various sources. Upon infection, a system is vulnerable to unauthorized FTP access, altered network routing configurations, file permissions changes, and excessive bandwidth utilization.
Reference LinkNTHack
AttackSolution:

Click Start|Run, type Regedit and then press
the Enter key.
Delete the following Registry entry keys:
Hkey_Local_Machine\SOFTWARE\Microsoft
Windows NT\CurrentVersion\Winlogon\GinaDLL
Hkey_Local_Machine\Software\Microsoft
Windows NT\CurrentVersion\Winlogon\OriginalGinaDLL
Exit the Registry
Scan your system with Trend Micro antivirus and delete all files
detected as TROJ_PSW.GINA.A. To do this Trend Micro customers must
download the latest pattern file and scan their system. Other email
users may use HouseCall, Trend Micro’s free online virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.