Boot in Safe Mode.
Switch System restore OFF.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
DDCMan.exe
winupdates.exe
NoAdware3.exe
PartyPoker.exe
Next, click Start/Run and type
services.msc and click OK. Look for the service:
dlbtcoms.exe
Doubleclick it, click Stop if it's running, and change the Startup type to Disabled.
Next, UNinstall anything to do with (not delete yet):
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\NoAdware3\NoAdware3.exe
C:\Program Files\PartyPoker\PartyPoker.exe (you can re-install it again later if you trust it, (I don't))
Next, run a HJT scan and place a tick-mark in the little square before (if still there):
...................................................................................................
C:\Program Files\
WildTangent\DDC\DDCManager\DDCMan.exe
C:\Program Files\
winupdates\winupdates.exe
C:\Program Files\
NoAdware3\NoAdware3.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.adelphia.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [Winzip Archiver] Winzip32.exe (no need to run this all day)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\
PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) -
http://www.rovion.com/Controls/Rovion.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
FIX ALL your
O18 - Protocol: entries
O23 - Service: dlbt_device - Dell - C:\windows\system32\
dlbtcoms.exe
...................................................................................................
Now click on the
Fix Checked button in HJT.
When done, from between the dotted lines, delete the highlighted
bold files.
When a \
directory-name\ is
bold, delete everything in it, including that directory itself.
Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
Repeat this for ALL [usernames].
Boot normal. When all OK, switch System Restore back on.