Hello, thanks in advance for your attention.
It seems that my rundll32.exe file has been infected. I recently receive a lot of messages from malware Bytes and Avast.
Following you will find the files from farbar recovery, malware bytes and aswMBR.
Here are the type of message that bring my attention to the problem, I just have a message saying that this ip as been blocked every 10minutes since yesterday:
Malwarebytes
-Log Details-
Protection Event Date: 12/8/16
Protection Event Time: 11:45 PM
Logfile:
Administrator: Yes
-Software Information-
Version:
Components Version:
Update Package Version:
License: Trial
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Domain: aresoslave.xyz
IP Address: 217.23.6.100
Port: [40977]
Type: Outbound
File: C:\Windows\System32\rundll32.exe
(end)
Malwarebytes
www.malwarebytes.com
-Log Details-
Protection Event Date: 12/8/16
Protection Event Time: 11:45 PM
Logfile:
Administrator: Yes
-Software Information-
Version:
Components Version:
Update Package Version:
License: Trial
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Domain: aresoslave.xyz
IP Address: 217.23.6.100
Port: [40977]
Type: Outbound
File: C:\Windows\System32\rundll32.exe
(end)