Windows Updates Service.vbe virus

[wardbesseling2]

Today I got a strange message that my "Windows update service" cloudn't start.
I forgoto to take a screenshot.
But i have fount the location of the encoded .VBE file and decoded it to .VBS.
Path: C:\Users\User\AppData\Roaming\Windows Updates Files\Windows Updates Service.vbe

When scanning with Avast, I get a virus warning. But on 7 December I did a full virus scan. I am curious how this got here.
Here is the decoded virus:
https://paste.ubuntu.com/p/XWqNrFp3jy/
This has a very weird site. And I got like 3 antivirus vendors to react: ESET, Kaspersky and Sophos.

Can someone tell me if i need to wipe all my data  ?
I got  a back-up to Nextcloud. And this data is back-upped on a write protected drive in Debian. That is only accessible in a certain format XD

Here the Encoded file:
https://paste.ubuntu.com/p/mcZYkbDgWv/

[Pondus]

https://www.virustotal.com/gui/file/322d255f72a93f733320930109cfb6bf78cec0468fc1b23f7ed13ef4b0b69729/detection

https://www.virustotal.com/gui/file/18b503756b83094c964abad6fb455851e3eeda4551fed2a974abfb2c6da07b3d/detection

[wardbesseling2]

Yes im seeing successfull installed virus register values as well TEMP files.
Now removing them. Thanks bot, good idea to scan the .vbs file

But it's still going to the website...
Did a full Avast scan and that even didn't work and blocking the site in the firewall isn't preventing the query of the website...
What is best for me to do?
Did a Malwarebytes, Avast and Adwcleaner scan.

[Asyn]

Start a topic in V&W and post your logs there: https://forum.avast.com/index.php?action=post;board=4
Instructions (basic diagnostic logs): https://forum.avast.com/index.php?topic=194892.0