rundll32.exe attempt to website blocked. Is this a virus?

[Falling]

Kaspersky found a trogen and then attempted to clean. ever since, ever 3 minutes it says blocked

Windows host process (Rundll32);rundll32.exe;C:\Windows\SysWOW64\rundll32.exe;C:\Windows\SysWOW64;17876;ESCAPEMENT\Escapement;Initiator;Blocked;Blocked;https://files.nflxso.ca/downloads/winapp/latest-installer.exe;Malicious link;High;Exactly;https://files.nflxso.ca/downloads/winapp/latest-installer.exe;latest-installer.exe;https://files.nflxso.ca/downloads/winapp;Web page;Cloud Protection

is there anyway to stop this from attempting every 3 minutes? Is it a virus?

[harlan4096]

Welcome to Kaspersky Community.

 

Please provide Windows operating system and Kaspersky product versions installed.

[ash_910]

Hello,

I am also getting this message, and multiple times a day since yesterday. Also, a tmp file is detected by Kaspersky in the AppData\Local\Tmp folder, I delete that again and again but the file pops up after sometime with some other but similar name like . This is the text shown in antivirus:

Event: Object deleted
User: NT AUTHORITY\SYSTEM
User type: System user
Application name: svchost.exe
Application path: C:\Windows\System32
Component: File Anti-Virus
Result description: Deleted
Type: Trojan
Name: HEUR:Trojan.Win32.Agent.gen
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: wnsF23E.tmp
Object path: C:\Users\Ash\AppData\Local\Temp
MD5 of an object: 599994A58F433D5751E2964FDEC0E48C

 

I am using Kaspersky Premium on Windows 11.

[harlan4096]

Try downloading this tool and run it:

 

https://www.malwarebytes.com/adwcleaner?lr

 

Attach in Your next post, the log of detections.

 

Also check:

 

Quote

 

Check the Startup Programs that are running from your Task Manager.

Startup Programs are programs that start automatically when your PC is turned on. Sometimes, there are Startup Programs that you do not use or that you do not know are starting and need to be stopped. To check what programs are starting on Startup, follow the steps below:

1. Press CTRL+ALT+Delete
2. Go into your Task Manager
3. Select the Startup Tab.
4. You will see all the applications that start automatically when turn on your computer.  You can see the Startup Impact as Low, Medium or High. This indicates the Impact that the Program has on your computer.
   • If you see a program that is having an High impact on your computer, you may want to disable it, if is not a necessary program.
5. To disable a program, Right Click on it then select Disable so the program will no longer Auto-Start automatically.

 

 

[ash_910]

I have solved the issues by restarting windows in safe mode and then deleted all files inside Tmp folder.