[Win32.doll.Trojan Downloader] Install log(Remove All) : 325ms

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-05-16
----------------------------------------------------------------------
D000 C:\Documents and Settings\Administrator\Application Data\Goorma\Flash.ocx
D001 C:\Documents and Settings\Administrator\Application Data\Goorma\goorma.exe
D002 C:\Documents and Settings\Administrator\Application Data\Goorma\goormaUpdater.exe
D003 C:\Documents and Settings\Administrator\Application Data\Goorma\sqlite3.dll
D004 C:\Documents and Settings\Administrator\Application Data\Goorma\uninstall.exe
D005 C:\Documents and Settings\Administrator\Application Data\ToolonSetup.exe
D006 C:\Documents and Settings\Administrator\Recent\istarnews_co1.exe
D007 C:\Documents and Settings\Administrator\Recent\mcmst_mb.exe
D008 C:\Documents and Settings\Administrator\Recent\ToolOn_king.exe
D009 C:\Program Files\dolll\dolll.exe
D010 C:\Program Files\ecao\ecao.exe
D011 C:\Program Files\findsearch\bhobacone.exe
D012 C:\Program Files\findsearch\Uninstall.exe
D013 C:\Program Files\findsearch\vbdllzip.exe
D014 C:\Program Files\findsearch\wfindsearch.dll
D015 C:\Program Files\gomserv\gomserv.exe
D016 C:\Program Files\iStarNews\findsearch.exe
D017 C:\Program Files\iStarNews\istarnews.exe
D018 C:\Program Files\iStarNews\istarnewsdel.exe
D019 C:\Program Files\iStarNews\istarnewsup.exe
D020 C:\Program Files\iStarNews\PA2B3AD091C74694545594F23580C5D2F_setup.exe
D021 C:\Program Files\iStarNews\Supportbar_heal.exe
D022 C:\Program Files\iStarNews\tc_grooma.exe
D023 C:\Program Files\iStarNews\update\istarnews.exe
D024 C:\Program Files\iStarNews\update\istarnewsdel.exe
D025 C:\Program Files\iStarNews\update\istarnewsup.exe
D026 C:\Program Files\iStarNews\WSListarnews.exe
D027 C:\Program Files\mcmst\mcmst_mb.exe
D028 C:\Program Files\Microsolution\Microsolution.exe
D029 C:\Program Files\Microsolution\Microsolution_se.exe
D030 C:\Program Files\Microsolution\Microsolution_updater.exe
D031 C:\Program Files\TCodecLite2\TCodecLite.exe
D032 C:\Program Files\TCodecLite2\TCodecLiteSetup2.exe
D033 C:\Program Files\TCodecLite2\TCodecUninst.exe
D034 C:\Program Files\TCodecLite2\unins000.exe
D035 C:\Program Files\ToolOnNY\ADPopupTO.dll
D036 C:\Program Files\ToolOnNY\ToolOnNY.dll
D037 C:\Program Files\ToolOnNY\ToolOnUpdateNY.exe
D038 C:\Program Files\ToolOnNY\tosghelp.exe
D039 C:\Program Files\ToolOnNY\TOUninstallNY.exe
D040 C:\Program Files\WebCompass\free.exe
D041 C:\Program Files\WebCompass\sqlite3.dll
D042 C:\Program Files\WebCompass\unins000.exe
D043 C:\Program Files\WebCompass\update.exe
D044 C:\Program Files\WebCompass\wc_src_3f8.dll
D045 C:\Program Files\WebCompass\wcsv.dll
D046 C:\WINDOWS\Microsolution_uninstaller.exe
D047 C:\WINDOWS\system32\inetko.dll
D048 C:\WINDOWS\system32\MSINET.OCX
D049 C:\WINDOWS\system32\msvbvm60.dll
D050 C:\WINDOWS\system32\VB6KO.DLL
----------------------------------------------------------------------
S051 Microsolution Update Service - Microsolution Support Service - "C:\Program Files\Microsolution\Microsolution_se.exe" /service -
S052 wcsv - WebCompass Updater Service - C:\WINDOWS\system32\svchost.exe -k WebCompass - C:\Program Files\WebCompass\wcsv.dll
----------------------------------------------------------------------
C053 Windows dolll | Windows dolll | dolll | - |
C054 Windows ecao | Windows ecao | ecao | - |
C055 findsearch 1.00 | - | findsearch 1.00 | - | -
C056 Media Newssuppot Enter(t) | - | iStarNews_is1 |  -
C057 Microsolution | - | Microsolution |
C058 Multimedia Total Codec Lite 2.0 (Video/Audio) | T-Codec, Inc. | TCodecLite2_is1 |
C059 ToolOn Uninstall | - | ToolOnNY | - | -
C060 WebCompass(웹컴파스) | Datawave Inc. | WebCompass(웹컴파스)_is1 | | -
C061 Windows Desktop Widget Goorma | Goorma | Goorma | - | -
----------------------------------------------------------------------
U062 istarnews - C:\Program Files\iStarNews\istarnewsup.exe
U063 Goorma - C:\Documents and Settings\Administrator\Application Data\Goorma\goormaUpdater.exe
U064 gomserv - C:\Program Files\gomserv\gomserv.exe
U065 TCodecLite2 - C:\Program Files\TCodecLite2\TCodecLite.exe
L066 dolll.exe - C:\Program Files\dolll\dolll.exe
L067 ecao.exe - C:\Program Files\ecao\ecao.exe
L068 mcmst_mb.exe - C:\Program Files\mcmst\mcmst_mb.exe
L069 toolonupdateNY - C:\Program Files\ToolOnNY\ToolOnUpdateNY.exe
----------------------------------------------------------------------
B070 WebCompass Search Class - C:\PROGRA~1\WEBCOM~1\WC_SRC~1.DLL - {2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}
B071 AdPopupB - C:\Program Files\ToolOnNY\ADPopupTO.dll - {397CFDD8-762F-44D4-9517-E3969F89639E}
B072 windowfind.wfindsearch - C:\Program Files\findsearch\wfindsearch.dll - {B46CBFB5-CC7A-4A91-A481-6AB8DC6447E2}
B073 ToolOnNY - C:\Program Files\ToolOnNY\ToolOnNY.dll - {C2972818-EF13-4dac-9FB1-5553F5B32EDE}
----------------------------------------------------------------------
A001 ZXKFYAHNITVHE.itplayshop.com
A002 xmlconf.webcompass.co.kr
A003 t-codec.com
A004 search-log.webcompass.co.kr
A005 search-***.webcompass.co.kr
A006 s.011st.com
A007 petchaburi.net
A008 petchaburi.kr
A009 pd.goorma.co.kr
A010 NDCB.dgplayshop.com
A011 naver.com
A012 live-istarnews.net
A013 juneip.com
A014 image.auction.co.kr
A015 dw.toolon.co.kr
A016 dw.supportbar.co.kr
A017 cygogo.co.kr
A018 cybermy.co.kr
A019 codebase.webcompass.co.kr
A020 codebase.rewardnetwork.net
A021 221.143.20.250
A022 218.50.4.166
A023 121.254.254.136
A024 ***.toolon.co.kr
A025 ***.t-codec.com
A026 ***.naver.com
A027 ***.makao.kr
A028 ***.increasingly.kr
A029 ***.gmarket.co.kr
----------------------------------------------------------------------
Deleted Files : 51
Remove Service : 2
Remove Uninstall Entry : 9
Remove Startup Entry : 8
Remove Browser Helper Object : 4
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**istarnews
[01-HKCUREG]**Goorma
[01-HKCUREG]**gomserv
[01-HKCUREG]**TCodecLite2
[02-HKLMREG]**dolll.exe
[02-HKLMREG]**ecao.exe
[02-HKLMREG]**mcmst_mb.exe
[02-HKLMREG]**toolonupdateNY
[03-BHOCLSD]**{2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}
[03-BHOCLSD]**{397CFDD8-762F-44D4-9517-E3969F89639E}
[03-BHOCLSD]**{B46CBFB5-CC7A-4A91-A481-6AB8DC6447E2}
[03-BHOCLSD]**{C2972818-EF13-4dac-9FB1-5553F5B32EDE}
[05-SERVICE]**Microsolution Update Service
[05-SERVICE]**wcsv
----------------------------------------------------------------------
Total Processing Time : 325ms
----------------------------------------------------------------------