need help!!!!!!! z1.adserver.com

i've been recently getting this z1.adserver.com and partypoker.com pop-ups...Please check my hijackthis and tell me if anything seems suspicious....thanks!

Logfile of HijackThis v1.99.1
Scan saved at afternoon 10:36:26, on 2005-04-03
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Ahnlab\Smart Update Utility\Ahnsdsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\PROGRA~1\Ahnlab\V3\MonSvcNT.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\WINDOWS\Explorer.EXE
C:\Ahnlab\Smart Update Utility\AhnSD.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\rotr.exe
C:\WINDOWS\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\Program Files\Ahnlab\V3\MonSysNT.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\Program Files\Ahnlab\V3\V3IMPro.exe
C:\Program Files\SPACE INTERNATIONAL\CDSpace 4.1\LCDPlyer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\SYSTEM32\аttrib.exe
C:\WINDOWS\System32\fscagent.exe
C:\WINDOWS\System32\clubbox.exe
C:\WINDOWS\System32\KukiProc110.exe
C:\Documents and Settings\Andy You\Desktop\대권이의방 원조\다운로드\HijackThis.exe

O2 - BHO: sPeerObj Class - {00000097-7C67-4BA6-8B42-05128941688A} - C:\WINDOWS\speeryox.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22B6690E-8CBA-A541-953F-DF7843B8C89D} - C:\WINDOWS\System32\xnj.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {80CE0170-EBC3-993D-BC8F-E19B6DAA3193} - C:\WINDOWS\System32\vplgl.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\WINDOWS\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AHNSD] "\Ahnlab\Smart Update Utility\AhnSD.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ADSpider] C:\Program Files\ADSPider\ADSpider.exe /start
O4 - HKLM\..\RunOnce: [adspider] C:\Program Files\ADSPider\ADSpider.exe /del2
O4 - HKLM\..\RunOnce: [ftC2] "c:\Program Files\xmodclean2.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Ieuu] C:\WINDOWS\System32\rotr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: LCDPlayer.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {00001015-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter15 Class) - http://www.netmarble.net/game/NMStarter15.cab
O16 - DPF: {00001016-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter16 Class) - http://www.netmarble.net/game/nmstarter/NMStarter16.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {15EDD727-C89B-4639-8157-A731271E2EA6} (PZLaunch Control) - http://update.pcziggy.co.kr/update/V4/ASP/Naver/PCZiggy.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://data1.vgl.co.kr/scriptx/ScriptX.cab
O16 - DPF: {21C53A86-E5A0-477B-BD3C-5CF0EB121799} (ssctl Class) - http://sd4.entica.com/z/o/ssunit.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {2C197E55-080B-42A4-BFD0-9595B3534CF4} (KVPplugin00 Control) - https://www.vpay.co.kr/KVPplugin01.cab
O16 - DPF: {31A04871-C94A-41A2-8E85-65D701353B5D} (UpdownCtrlIn Control) - http://hyundal.infomaster.co.kr/bbs/activex/UpdownCtrlIn.CAB
O16 - DPF: {53C484E5-CE56-477A-A9EC-F2300CBDC632} (N1472Ctrl Control) - http://www.1472.com/N1472Ctrl.cab
O16 - DPF: {79419762-2D03-48F8-A63E-0544D95143DE} (AutoPatchOCX Control) - http://www.x2game.com/Control/AutoPatchOCX.cab
O16 - DPF: {8284A6F2-146C-4B51-9C88-C60FD3E4494D} (ENTICA Class) - http://ftp.entica.com/EnLaunch/EnLaunch.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netmarble.com/NMChatX/NMTransX.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9/dmcc2.cab
O16 - DPF: {946AC280-68C2-4B04-9047-A613AB71103D} (SharePage Control) - http://211.115.89.50/p2p_site/codebase/creforum.cab
O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myfirewall/myfirewall20.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/wallet50/INIwallet50.cab
O16 - DPF: {B81CB889-C7A7-4CF0-B34F-54B3F94BCAD9} (OpenBIRD pcBrowser Control) - http://www.ezdrive.net/ezbrowser/pcbrowser/pcBrowser_v14.cab
O16 - DPF: {BF628973-1E86-4D0E-B42C-EDDECFFABDBC} (Bugs AoD Class) - http://player.bugs.co.kr/install/bugsLoader20041018.cab
O16 - DPF: {CE0C23AC-6E2B-4DA2-AC88-DBF58B2BEAC1} (CSLauncher Control) - http://activex.webprogram.org/file/call/app/CSLauncher.CAB
O16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - http://qbic.hanafos.com/component/Qbic.CAB
O16 - DPF: {ED1EEBEE-F0AA-474B-9829-61C482E72644} (PDBox25 Control) - http://www.pdbox.co.kr/filebox/ctrl_down/PDBox25.cab
O20 - Winlogon Notify: asnt3 - C:\WINDOWS\SYSTEM32\AsntDll.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ahnlab Task Scheduler - AhnLab, Inc. - \Ahnlab\Smart Update Utility\Ahnsdsv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MonSvcNT - AhnLab, Inc. - C:\WINDOWS\PROGRA~1\Ahnlab\V3\MonSvcNT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WUSB54Gv2SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv2.exe (file missing)

Hi daekwon88,

Welcome to Dev Shed!

I would like you to run the three tools listed in this sticky. Some of this malware can be automatically removed.

http://forums.devshed.com/t216825/s.html

Please post a fresh log and describe what was or was not removed.

Tom