Event ID - 1034

Port No1034
Service NameKWM
RFC Doc0
ProtocolTCP
DescriptionAVAILABLE IN DATABASE This backdoor program is similar to the Back Orifice and the Subseven malware that consist of a server program and a client program. It uses the server program to infect target systems and uses the client program to control the computer infected with the server program from a remote location.
Reference LinkKWM
AttackSolutions:

Delete the BODY.LG file from the Windows directory
Delete the PHOTO.JPG file in the root directory of the Hard Drive C:\.
Click Start>Run, type Regedit then hit the Enter key.
Double click the following:
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion
In the right panel, look for the following registry entries under value and delete these:
CmdID
SystemNumber
Close the Registry.
Click Start>Run, type SYSTEM.INI then hit the enter key
Look for the following lines. %Windows% is usually the C:\Windows directory:
[boot]
shell = Explorer.exe %Windows%\Netcfgw.exe
Delete the %Windows%\Netcfgw.exe so that the above lines should finally appear as follows:
[boot]
shell = Explorer.exe
Save and exit SYSTEM.INI.
Restart your system.
Scan your system with Trend Micro antivirus and then delete all files detected as BKDR_KWM.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s free online virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.