Anyways, here's the HijackThis log & SDFix report as well....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:23:34 PM, on 4/6/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\S3apphk.exe
C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Freedom BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - Global Startup: customize__IE.lnk = C:\hp\REGION\customizeIe.wsf
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: MsnFixer.lnk = ?
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6456A712-7D8D-4F27-8FE4-F69857C82954}: NameServer = 207.69.188.187 207.69.188.186
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 3357 bytes
SDFix: Version 1.167
Run by Owner on Sun 04/06/2008 at 02:43 PM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\WINDOWS\SYSTEM32\EK.EXE - Deleted
C:\WINDOWS\system32\1.htm - Deleted
C:\WINDOWS\system32\i - Deleted
C:\WINDOWS\system32\o - Deleted
C:\WINDOWS\Temp\removalfile.bat - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-06 14:59:38
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Sat 18 Aug 2001 94,784 ..SH. --- "C:\WINDOWS\twain.dll"
Sat 18 Aug 2001 46,592 ..SH. --- "C:\WINDOWS\twain_32.dll"
Fri 22 Mar 2002 36,864 A.SHR --- "C:\Program Files\Detto\DettoWeb.exe"
Thu 21 Mar 2002 2,513,981 A.SHR --- "C:\Program Files\Detto\IntelliMover Demo.exe"
Sat 18 Aug 2001 995,383 ..SH. --- "C:\WINDOWS\system32\mfc42.dll"
Sat 18 Aug 2001 50,688 ..SH. --- "C:\WINDOWS\system32\msvcirt.dll"
Sat 18 Aug 2001 401,462 ..SH. --- "C:\WINDOWS\system32\msvcp60.dll"
Sat 18 Aug 2001 322,560 ..SH. --- "C:\WINDOWS\system32\msvcrt.dll"
Wed 4 Apr 2007 1,242,605 ..SH. --- "C:\WINDOWS\system32\nqtwa.bak1"
Sat 18 Aug 2001 569,344 ..SH. --- "C:\WINDOWS\system32\oleaut32.dll"
Sat 18 Aug 2001 106,496 ..SH. --- "C:\WINDOWS\system32\olepro32.dll"
Sat 18 Aug 2001 9,728 ..SH. --- "C:\WINDOWS\system32\regsvr32.exe"
Fri 30 Mar 2007 1,277,392 A.SH. --- "C:\WINDOWS\system32\yccdd.tmp"
Thu 29 Mar 2007 1,272,878 A.SH. --- "C:\WINDOWS\system32\yccdd.bak1"
Fri 30 Mar 2007 1,274,691 A.SH. --- "C:\WINDOWS\system32\yccdd.bak2"
Sat 14 Apr 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\432b7d8c0af6fbb39177c4091c0bfe14\BIT11.tmp"
Sat 14 Apr 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7385ee21bf1530c2e77f4e9a68b5c196\BITC.tmp"
Mon 14 May 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\cdbe7c798e60d7c87f164d8de7e7e7e8\BIT1.tmp"
Thu 26 Apr 2007 426,344 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f1029acf04e464ca3acb87136d905ad9\BIT5.tmp"
Finished!