Well, if you remember that we went from 6 to 5 viruses, and lost another one to OTMoveIt2.exe, we now have 4...right?
were at least making headway, slow headway, but it's something...rofl
Thank you for your guidance and patience, it is greatly appreciated!!!
Started scanning at 4/17/2008 11:34:25 PM. Engine Ver: 31.1.0. Sig Ver:5708. Sig Date: 4/18/2008. ArcLib Ver: 7.3.0.9.
C:\hiberfil.sys - Could not open the file.
C:\pagefile.sys - Could not open the file.
C:\57a16f205bb0730095b1551589ae83f7\%temp%dd_msxml_retMSI.txt - Could not open the file.
C:\Documents and Settings\All Users\Application Data\CA\Consumer\AV\ond30.tmp - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Could not open the file.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\LocalService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\LocalService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\Documents and Settings\NetworkService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\Owner\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Owner\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\bl.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\is2.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012008041720080418\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_3c8.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF2792.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF33CF.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF47A7.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF6D80.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DFF04C.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\legitcheckcontrol.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spmsg.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spuninst.exe - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgalogon.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgatray.exe - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\billing_Owner.log - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\client_Owner.log - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\network_Owner.log - Could not open the file.
C:\System Volume Information\_restore{0A438C3B-A487-4C6D-850C-C76CC3327FD0}\RP5\change.log - Could not open the file.
C:\WINDOWS\SchedLgU.Txt - Could not open the file.
C:\WINDOWS\Sti_Trace.log - Could not open the file.
C:\WINDOWS\wiadebug.log - Could not open the file.
C:\WINDOWS\wiaservc.log - Could not open the file.
C:\WINDOWS\WindowsUpdate.log - Could not open the file.
C:\WINDOWS\Debug\PASSWD.LOG - Could not open the file.
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log - Could not open the file.
C:\WINDOWS\SYSTEM32\h323log.txt - Could not open the file.
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log - Could not open the file.
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb - Could not open the file.
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\default - Could not open the file.
C:\WINDOWS\SYSTEM32\config\default.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\Internet.evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SAM - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SAM.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SECURITY - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\software - Could not open the file.
C:\WINDOWS\SYSTEM32\config\software.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\system - Could not open the file.
C:\WINDOWS\SYSTEM32\config\system.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP - Could not open the file.
C:\_OTMoveIt\MovedFiles\04172008_213911\windows\system32\config\systemprofile\application data\sun\java\deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
Files Scanned: 360759
Files Infected: 5
Files Cleaned \ Deleted: 0
Files Quarantined: 0
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0
Top infections found during scan (Limited to 10).
Java/Shinwow.BH
Files not Cleaned\Deleted\Quarantined (Limit 100): 5
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\_OTMoveIt\MovedFiles\04172008_213911\windows\system32\config\systemprofile\application data\sun\java\deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
Finished scanning at 4/18/2008 1:12:45 AM.
Started scanning at 4/18/2008 7:16:41 AM. Engine Ver: 31.1.0. Sig Ver:5709. Sig Date: 4/18/2008. ArcLib Ver: 7.3.0.9.
Files Scanned: 3205
Files Infected: 0
Files Cleaned \ Deleted: 0
Files Quarantined: 0
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0
Files not Cleaned\Deleted\Quarantined (Limit 100): 0
Finished scanning at 4/18/2008 7:19:18 AM.
Started scanning at 4/18/2008 7:20:03 AM. Engine Ver: 31.1.0. Sig Ver:5709. Sig Date: 4/18/2008. ArcLib Ver: 7.3.0.9.
C:\hiberfil.sys - Could not open the file.
C:\pagefile.sys - Could not open the file.
C:\57a16f205bb0730095b1551589ae83f7\%temp%dd_msxml_retMSI.txt - Could not open the file.
C:\Documents and Settings\All Users\Application Data\CA\Consumer\AV\ond2F.tmp - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Could not open the file.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\LocalService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\LocalService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\Documents and Settings\NetworkService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\Owner\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Owner\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\bl.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\is2.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012008041820080419\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_2ec.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF3305.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF3B8E.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DFC7A5.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DFE68A.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DFF4FB.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\legitcheckcontrol.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spmsg.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spuninst.exe - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgalogon.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgatray.exe - Could not open the file.
Files Scanned: 57586
Files Infected: 3
Files Cleaned \ Deleted: 0
Files Quarantined: 0
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0
Top infections found during scan (Limited to 10).
Java/Shinwow.BH
Files not Cleaned\Deleted\Quarantined (Limit 100): 3
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
Scanning aborted at 4/18/2008 7:39:12 AM.
Started scanning at 4/18/2008 10:18:50 PM. Engine Ver: 31.1.0. Sig Ver:5714. Sig Date: 4/19/2008. ArcLib Ver: 7.3.0.9.
C:\hiberfil.sys - Could not open the file.
C:\pagefile.sys - Could not open the file.
C:\57a16f205bb0730095b1551589ae83f7\%temp%dd_msxml_retMSI.txt - Could not open the file.
C:\Documents and Settings\All Users\Application Data\CA\Consumer\AV\ond61.tmp - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Could not open the file.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Could not open the file.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\LocalService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\LocalService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\Documents and Settings\NetworkService\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\NTUSER.DAT - Could not open the file.
C:\Documents and Settings\Owner\ntuser.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\Documents and Settings\Owner\Cookies\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\bl.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\is2.db - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012008041820080419\index.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_33c.dat - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF43F7.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF6176.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF6368.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temp\~DF9515.tmp - Could not open the file.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\legitcheckcontrol.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spmsg.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\spuninst.exe - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgalogon.dll - Could not open the file.
C:\e68665dedc2511ab6d714168d76d68\wgatray.exe - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\billing_Owner.log - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\client_Owner.log - Could not open the file.
C:\Program Files\Yahoo!\Messenger\logs\network_Owner.log - Could not open the file.
C:\System Volume Information\_restore{0A438C3B-A487-4C6D-850C-C76CC3327FD0}\RP8\change.log - Could not open the file.
C:\WINDOWS\SchedLgU.Txt - Could not open the file.
C:\WINDOWS\Sti_Trace.log - Could not open the file.
C:\WINDOWS\wiadebug.log - Could not open the file.
C:\WINDOWS\wiaservc.log - Could not open the file.
C:\WINDOWS\WindowsUpdate.log - Could not open the file.
C:\WINDOWS\Debug\PASSWD.LOG - Could not open the file.
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log - Could not open the file.
C:\WINDOWS\SYSTEM32\h323log.txt - Could not open the file.
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log - Could not open the file.
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb - Could not open the file.
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\default - Could not open the file.
C:\WINDOWS\SYSTEM32\config\default.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\Internet.evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SAM - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SAM.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SECURITY - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\software - Could not open the file.
C:\WINDOWS\SYSTEM32\config\software.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt - Could not open the file.
C:\WINDOWS\SYSTEM32\config\system - Could not open the file.
C:\WINDOWS\SYSTEM32\config\system.LOG - Could not open the file.
C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA - Could not open the file.
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP - Could not open the file.
C:\_OTMoveIt\MovedFiles\04172008_213911\windows\system32\config\systemprofile\application data\sun\java\deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> - Java/Shinwow.BH trojan. Infected.
Files Scanned: 363367
Files Infected: 5
Files Cleaned \ Deleted: 0
Files Quarantined: 0
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0
Top infections found during scan (Limited to 10).
Java/Shinwow.BH
Files not Cleaned\Deleted\Quarantined (Limit 100): 5
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\WINDOWS\SYSTEM32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-620c90b7.zip <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
C:\_OTMoveIt\MovedFiles\04172008_213911\windows\system32\config\systemprofile\application data\sun\java\deployment\cache\6.0\56\3c28cc78-369899c4 <HiPointInstallShieldRT.class> (Java/Shinwow.BH)
Finished scanning at 4/19/2008 12:13:41 AM.