Hi, everyday NOD32 pops-up telling me it bocked a connection: 03/02/2012 18:25:57 HTTP filter file ~Link removed~ HTML/ScrInject.B.Gen virus connection terminated - quarantined NT AUTHORITY\NETWORK SERVICE Threat was detected upon access to web by the application: C:\Windows\SysWOW64\uniime32.exe. Yes, thanks NOD, but I scanned the whole system and it doesn't find any HTML/ScrInject.B.Gen virus.... so I really don't know what to do. It seems me to be the only one experiencing this sisutation... there's something opening a connection to a virus site but NOD doesn't help me finding WHHAT is opening the connection...
I'd suggest uploading C:\Windows\SysWOW64\uniime32.exe to VirusTotal as it could be malware. If it is, copy & paste here the MD5/SHA1 hash of the file.
Yes it's malware!!! 7 / 43 Here is the sha 4f8f2f9a848d658e07fbb1fa965f2a3d446fcb430952417821cb5acd5c196bcd What could I do now?
So is ScrInject.b.gen a virus or not? According to microsoft.com Threat Encyclopedia it is an alias for the Trojan JS/BlacoleRef.A. Ever since I got hit with the ScrInject.B.gen (eset currently shows no infections) my machine has started acting crazy.