PC Security Shield Virus Alert:
This worm was found on July 27 2009.
It infects the system that opens TCP port 1034, and upon infection, it attempts to Denial of Service(DoS) attack microsoft.com.
How it spreads:
Worm scans TCP port 1034 of random IP address and when it finds the opened port, it copies worm. At this time, worm is created and
executed as a random name in the Window temporary folder.
Notes : TCP port 1034 is the port number that is opened when it is infected by specified backdoor. This backdoor is dropped by I-
Worm.Win32.Mydoom.27648 so if it is infected by Mydoom.27648 the backdoor is infected as well.
1. Worm attempts to DoS(Denial of Service) attack to the following domain.
2.Worm is added in the following registry to be auto-executed when the system reboots.
Name : Tray
Data : (Worm file name which is not regular).EXE
How to repair: [Repair by using The