I can't remove this virus;java\shinwow.bh;hijack this log file

[pheonix73]

Judy will be able to tell you more about your log.First things first though,did you follow the steps in the read me before posting sticky?As for the programs you have already used,they are a start,but the admins here will need a few more logs if they are to know where to begin.Also what are the problems you are experiencing,this information is very helpful in judging what one might be dealing with.Once you have posted all the appropriate logs,the healing can begin.Best of luck.

[jholland1964]

First thing I see is that you are running HiJackThis from a temporary file...this is a NO-NO. It MUST be run from it's own folder in order to make back ups of any fixes done. As Phoenix has noted, you need to follow ALL the steps in this sticky READ ME Before Posting A Request For Assistance!
which included instructions for the correct renaming and location of HiJackThis.

Who told you to remove all java from the machine?

What you should have done is just clear the java cache which could have been done like this;
1. From the Start button, click Settings> Control Panel
2. In the Control Panel, open the "Java Plug-in Control Panel"
3. Select the Cache Tab
4. Click the Clear button inside the Cache Tab, which will clear your JRE cache directory

For more information on these malicious applets and their use, please visit the Sun Microsystems Java Technology Help Knowledgebase here: http://java.com/en/download/help/cache_virus.jsp


Java/ByteVerify!exploit is not a virus, but rather a method to exploit a security vulnerability in the Microsoft Virtual Machine.
If you were using the Sun JVM as your default virtual machine, these malicious applets cannot cause any harm to your computer.

Note: this detection may be triggered by merely visiting a web page that contains malicious code. It does not necessarily mean your machine has been compromised, nor that your machine is vulnerable to this particular exploit.

Microsoft has a patch for this problem which was originally posted in April 2003. http://www.microsoft.com/technet/sec.../MS03-011.mspx

try navigating this file path (though you didn't show us the full path so only you know that) you'll need to Show hidden files and folders:

C:\documents and settings\hp_administrator\application data etc.
. . . . then delete the contents.

I would still recommend that you follow all the steps in the "Read Me..." sticky, including the running of all the programs noted. Once you have done that save all the logs requested and post back here with those and a new HJT scan from the properly located and renamed program.