Windows 7: Werbeseiten stamplive und youradexchange öffnen sich ungewollt

DMatrix

Hallo allerseits,
Seit kurzem habe ich ein Problem mit ungewollten sich selbst öffnenden Werbeseiten, wie stamplive und youradexchnage. Ich habe Windows 7 und benutze den Chrome Browser. Ich habe auch schon versucht das Problem mit mbam zu lösen, jedoch ohne Erfolg. Das Programm hatte zwar einige Sachen entfernt, aber mein Hauptproblem ist leider noch nicht gelöst. Mit weiteren Angaben kann ich leider nicht dienen, da es der Rechner meiner Mutter ist, die sich damit nich gut auskennt.

Ich hoffe das mir hier jemand helfen kann.

Danke schon mal im Voraus

Der Log von mbam:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 22.01.2015
Scan Time: 17:33:18
Logfile: mbam log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.22.09
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Rick

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371610
Time Elapsed: 9 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.WindowsUpdateService.A, C:\Program Files (x86)\Security Updates Service\winupdsvc.exe, 1236, Delete-on-Reboot, [0869c337a6e30531893c23262dd307f9]

Modules: 0
(No malicious items detected)

Registry Keys: 14
PUP.Optional.WindowsUpdateService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Security Updates Service, Quarantined, [0869c337a6e30531893c23262dd307f9],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [00719763513850e668ccb83ff40e11ef],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [00719763513850e668ccb83ff40e11ef],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [00719763513850e668ccb83ff40e11ef],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [00719763513850e668ccb83ff40e11ef],
PUP.Optional.WowSearch.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391}, Delete-on-Reboot, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Delete-on-Reboot, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Delete-on-Reboot, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKU\S-1-5-21-2790997394-819634382-3889172451-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Delete-on-Reboot, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKU\S-1-5-21-2790997394-819634382-3889172451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Quarantined, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Quarantined, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.WowSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB2C1CC-4A7D-4CD5-BCE9-0CA5F9FF8391}, Quarantined, [0f626991d8b164d26b9ab44058aa0ef2],
PUP.Optional.SecurityUpdatesService.A, HKLM\SOFTWARE\SecurityUpdatesService, Quarantined, [6908c7338aff0036d55499f39f64ac54],
PUP.Optional.SecurityUpdatesService.A, HKLM\SOFTWARE\WOW6432NODE\SecurityUpdatesService, Quarantined, [f180a951bccd41f5ea3f3a5222e145bb],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.SecurityUpdatesService.A, C:\Program Files (x86)\Security Updates Service, Delete-on-Reboot, [531e49b14049c4720b81aea42bd89769],

Files: 8
PUP.Optional.WindowsUpdateService.A, C:\Program Files (x86)\Security Updates Service\winupdsvc.exe, Delete-on-Reboot, [0869c337a6e30531893c23262dd307f9],
PUP.Optional.Yappyz.A, C:\Users\Rick\AppData\Roaming\Angry_Birds_Space\Angry_Birds_Space.exe, Quarantined, [e38e6d8d7e0b3204d48b3ebb26db5ea2],
PUP.Optional.Yappyz.A, C:\Users\Rick\AppData\Local\Temp\Tempdir\Angry_Birds_Space.exe, Quarantined, [96db4ab01574ec4a2c33c3360ff220e0],
PUP.Optional.Clara.A, C:\Users\Rick\AppData\Local\Temp\Tempdir\BoBrowser.exe, Quarantined, [700199610f7ac3731aac9342f50cec14],
Hacktool.Agent, C:\Users\Rick\Windows Loader\Windows Loader.exe, Quarantined, [383932c8c5c4bd79244bc5a8778afb05],
PUP.Optional.SecurityUpdatesService.A, C:\Program Files (x86)\Security Updates Service\search_checker.exe, Quarantined, [531e49b14049c4720b81aea42bd89769],
PUP.Optional.WowSearch.A, C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\JpDbVPNk.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "hxxp://wow.utop.it/"), Replaced,[6011e119bccdf73f7e758952fd08ea16]
PUP.Optional.WowSearch.A, C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\JpDbVPNk.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "hxxp://wow.utop.it/?q={searchTerms}"), Replaced,[502105f52f5ac373af4507d4d82d718f]

Physical Sectors: 0
(No malicious items detected)


(end)