yes its exploited… i use also NOD 32 to scan it…
avast and NOD 32 alert it… its seem changed the ip