At the start there was a .zip file in my mail and i opened it (it was from well known companie) later i discover in their forum that it was attack from some hackers that send thise .zip files to their clients.
I made a full scan on my computer.
A pop-up keep poping saying that URL is being blocked, then it increased to 4 URL’s. Now they keep poping on my screen, i dont enter their websites.
Can you post an image of the avast alert window (attach it to your post using the “Attachments and other options” link below the reply window).
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Looks like something is misusing wuauclt.exe, Windows Update AutoUpdate Client, to connect to malicious sites (assuming that this is a legit wuauclt.exe file), http://www.neuber.com/taskmanager/process/wuauclt.exe.html. There would obviously be no legit reason for this file to connect to this site.
So avast is preventing it download more malware.
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Ok there are the logs, sorry for renaming the first one (i copied it and paste it in new .txt file, sorry) its from MalwareBytes, wich is blocking a malware.
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[]Accept the disclaimer and allow to update if it asks
[]Allow the installation of the recovery console
I pressed Exit on MalwareBytes, then ComboFix asked me to make other machine. MalwareBytes turned on after the reboot was done.
Im sure i saw MalwareBytes blocked that incoming malicious website after the reboot, once.