Today i got multiple (up to 30) incidents of blocked access on svchost.exe. Infection: URL:Mal
I tried adwcleaner, malwarebytes and avast of course but nothing helped. I attached the logs, I hope I did it correctly.

EDIT: One attachment had the wrong format

Lots to do, you can re-install chrome on completion

Re-install Chrome
Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let’s save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the “Stop and Clear” button and click on the button. At the prompt click on “Ok”
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.

NEXT

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: BHO: qquickshop -> {3b7320fe-a8e9-4ca5-ae1c-5b7e819ac970} -> C:\Program Files (x86)\qquickshop\4srpCYMQKrXYwb.x64.dll No File BHO: No Name -> {41564952-412D-5637-4300-7A786E7484D7} -> No File BHO: niitrOdeaal -> {e34a3a71-2f40-4a43-88e4-972c2269ac1f} -> C:\Program Files (x86)\niitrOdeaal\aXQPwo6e1GgJzQ.x64.dll No File FF Extension: No Name - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0ll4pbqs.default\Extensions\abs@avira.com [2014-11-25] FF Extension: No Name - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0ll4pbqs.default\Extensions\xU4@y.org [2015-02-27] S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe" [X] S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptStats.dll",ENT 2015-03-08 19:00 - 2015-03-08 19:00 - 00003082 _____ () C:\Windows\System32\Tasks\{827E380C-3823-4989-97BB-681C9C91CFEB} 2015-03-06 17:48 - 2015-03-08 17:08 - 00000000 ____D () C:\Users\Jan\AppData\Local\Temp5e57f1d1009eccc4b6e66532aa7569fc 2015-03-06 16:52 - 2015-03-08 17:08 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2015-02-24 22:02 - 2015-03-10 11:26 - 00000000 ____D () C:\Program Files (x86)\ofiferapp 2015-02-24 22:01 - 2015-03-09 13:19 - 00000000 ____D () C:\ProgramData\14215487833158104796 2015-02-17 18:45 - 2015-02-17 18:45 - 00000000 ____D () C:\Users\Jan\AppData\Local\41080593 C:\Program Files (x86)\qquickshop C:\Program Files (x86)\niitrOdeaal C:\Users\Jan\AppData\Local\Google\Chrome C:\Program Files (x86)\Google\Chrome RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.

Thanks for the fast answer and pardon my delay. The log files are attached.

You may now re-install Chrome, once done could you let me know how the computer is behaving

I’m taking a break with chrome ;D eats too much ram anyway, i will browse with firefox now and let you now if he does anything funny. Thanks a lot!

Let me know when you are happy and I will tidy up