Blocked web keep poping

[coffecat]

At the start there was a .zip file in my mail and i opened it (it was from well known companie) later i discover in their forum that it was attack from some hackers that send thise .zip files to their clients.

I made a full scan on my computer.
A pop-up keep poping saying that URL is being blocked, then it increased to 4 URL's. Now they keep poping on my screen, i dont enter their websites.

What are my chances?
Thanks/

[DavidR]

Can you post an image of the avast alert window (attach it to your post using the "Attachments and other options" link below the reply window).

- This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.

[coffecat]

please excuse me for the background

[DavidR]

Looks like something is misusing wuauclt.exe, Windows Update AutoUpdate Client, to connect to malicious sites (assuming that this is a legit wuauclt.exe file), http://www.neuber.com/taskmanager/process/wuauclt.exe.html. There would obviously be no legit reason for this file to connect to this site.

So avast is preventing it download more malware.

- This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and  attach the logs here, not in the LOGS topic.

[coffecat]

Ok there are the logs, sorry for renaming the first one (i copied it and paste it in new .txt file, sorry) its from MalwareBytes, wich is blocking a malware.

[DavidR]

OK, it may be a little while before one of the malware removal specialists can check them out (time zone).

[coffecat]

Ok i will wait, but one question. I did a scan with Avast! Free but the malware was still inside my computer (they were 3).

[DavidR]

What were the file names, folders and malware name of the detections ?

Hopefully essexboy should be on-line soon, he should be back from work soon.

[essexboy]

Hi I will need to use something a tad stronger

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks
• Allow the installation of the recovery console

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[DavidR]

Thanks for joining the topic essexboy.

[coffecat]

I pressed Exit on MalwareBytes, then ComboFix asked me to make other machine. MalwareBytes turned on after the reboot was done.
Im sure i saw MalwareBytes blocked that incoming malicious website after the reboot, once.

[essexboy]

Is Avast still alerting now ?

[coffecat]

MalwareBytes just alerted now, Avast! didnt

[essexboy]

I must admit I am getting a tad tired of the aggressive nature of MBAM in its blocking

Could you post the blocking log please so that I can see what it is alerting on

[coffecat]

The after scan window says No malicious items were detected.