Hi Broni,

sorry - I wasn't very clear in the last mail - I did Reset the System Restore as per your instructions (rather then actually do a system restore). I think the reset failed as there are still restore points showing prior to the Reset. Anyway, I'll look into that again when we next get to that stage. In the meantime here are the new logs...

ComboFix 10-01-28.05 - Michael 29/01/2010 17:08:10.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.506 [GMT 0:00]
Running from: c:\documents and settings\Michael\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Michael\Desktop\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

FILE ::
"c:\docume~1\Michael\LOCALS~1\Temp\CTT2B7.tmp"
"c:\windows\system32\ezsidmv.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ezsidmv.dat
c:\windows\TEMP\logishrd\LVPrcInj01.dll

.
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-29 )))))))))))))))))))))))))))))))
.

2010-01-27 19:29 . 2010-01-27 19:29 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-27 09:03 . 2010-01-27 09:03 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-26 11:33 . 2010-01-26 11:33 38 ---h--w- c:\windows\system32\ccmichael.sys
2010-01-25 17:22 . 2010-01-25 17:22 2145 ----a-w- c:\documents and settings\Michael\Application Data\.purple\certificates\x509\tls_peers\ows.messenger.msn.com
2010-01-25 10:10 . 2010-01-25 10:10 -------- d-sh--w- c:\documents and settings\Michael\PrivacIE
2010-01-25 09:36 . 2010-01-25 09:36 -------- d-sh--w- c:\documents and settings\Michael\IETldCache
2010-01-25 09:22 . 2010-01-25 09:27 -------- dc-h--w- c:\windows\ie8
2010-01-25 09:12 . 2010-01-25 09:18 -------- d-----w- c:\documents and settings\Michael\Local Settings\Application Data\ApplicationHistory
2010-01-23 00:30 . 2010-01-23 00:30 -------- d-----w- c:\program files\MSXML 4.0
2010-01-22 23:14 . 2010-01-22 23:14 -------- d-----w- c:\program files\Java
2010-01-22 22:59 . 2010-01-22 22:59 348160 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58cc6249-n\msvcr71.dll
2010-01-22 22:59 . 2010-01-22 22:59 503808 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58cc6249-n\msvcp71.dll
2010-01-22 22:59 . 2010-01-22 22:59 61440 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3d90a155-n\decora-sse.dll
2010-01-22 22:59 . 2010-01-22 22:59 499712 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58cc6249-n\jmc.dll
2010-01-22 22:59 . 2010-01-22 22:59 12800 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3d90a155-n\decora-d3d.dll
2010-01-22 22:50 . 2010-01-22 23:10 -------- d-----w- c:\documents and settings\Michael\.SunDownloadManager
2010-01-22 13:38 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-22 13:38 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-22 13:38 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-22 13:38 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-22 13:38 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-22 13:38 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-22 13:38 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-22 13:38 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-22 13:37 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-22 13:36 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-22 13:34 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-22 13:34 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-01-22 13:33 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-01-22 13:31 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-22 13:31 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-01-22 13:31 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-22 13:31 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-01-22 13:30 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-22 13:30 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-01-22 13:28 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-22 13:28 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-22 13:28 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-22 13:28 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-22 13:28 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-01-22 13:27 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-22 13:27 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-01-22 13:02 . 2010-01-22 13:02 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-22 13:02 . 2010-01-22 13:02 -------- d-----w- c:\program files\MSBuild
2010-01-22 13:02 . 2010-01-22 13:02 -------- d-----w- c:\program files\Reference Assemblies
2010-01-22 13:02 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-22 13:01 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-22 13:01 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-22 13:01 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-22 13:01 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-22 13:01 . 2010-01-22 13:02 -------- d-----w- C:\1e89650396acbe257bfb44ee4a71ca
2010-01-22 13:01 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-22 13:01 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-22 13:01 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-22 13:01 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-22 12:31 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-22 12:31 . 2009-03-08 04:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2010-01-22 12:31 . 2009-03-08 04:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-22 12:31 . 2009-02-06 21:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2010-01-22 11:40 . 2010-01-26 09:02 -------- d-----w- c:\windows\ie8updates
2010-01-22 11:32 . 2009-12-21 19:14 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-22 11:32 . 2009-12-21 19:14 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-22 11:32 . 2009-12-21 19:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-22 11:32 . 2009-12-21 19:14 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-22 11:31 . 2009-12-21 19:14 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-22 11:31 . 2009-12-21 19:14 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-22 11:31 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-22 11:17 . 2008-04-14 00:15 46592 ------w- c:\windows\system32\drivers\irbus.sys
2010-01-22 11:14 . 2010-01-22 11:18 -------- d-----w- c:\windows\ServicePackFiles
2010-01-22 11:14 . 2007-08-13 18:54 33792 -c--a-w- c:\windows\system32\dllcache\custsat.dll
2010-01-22 10:58 . 2009-08-06 19:24 327896 ----a-w- c:\windows\system32\wucltui.dll
2010-01-22 10:58 . 2009-08-06 19:24 209632 ----a-w- c:\windows\system32\wuweb.dll
2010-01-22 10:58 . 2009-08-06 19:24 35552 -c--a-w- c:\windows\system32\dllcache\wups.dll
2010-01-22 10:58 . 2009-08-06 19:24 35552 ----a-w- c:\windows\system32\wups.dll
2010-01-22 10:58 . 2009-08-06 19:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-01-22 10:58 . 2008-04-14 05:42 165888 ----a-w- c:\windows\system32\wuauclt1.exe
2010-01-22 10:58 . 2008-04-14 05:42 183296 ----a-w- c:\windows\system32\wuaueng1.dll
2010-01-21 23:15 . 2010-01-21 23:15 -------- d-----w- C:\_OTM
2010-01-20 11:37 . 2010-01-20 13:02 288 ----a-w- c:\windows\system32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
2010-01-20 11:37 . 2010-01-20 13:02 288 ----a-w- c:\windows\system32\DVCState-{00000004-00000000-00000000-00001102-00000004-10031102}.dat
2010-01-20 11:35 . 2007-04-09 12:32 335872 ----a-w- c:\windows\system32\ctdc0001.dll
2010-01-20 11:35 . 2007-04-09 12:32 131072 ----a-w- c:\windows\system32\ctdcifce.dll
2010-01-20 11:35 . 2007-04-09 12:32 227840 ----a-w- c:\windows\system32\ctdc0000.dll
2010-01-20 11:35 . 2007-04-09 12:22 76800 ----a-w- c:\windows\system32\ctdproxy.dll
2010-01-20 11:35 . 2007-04-09 12:32 8704 ----a-w- c:\windows\system32\ctagent.dll
2010-01-20 11:31 . 2001-03-30 02:00 62976 ----a-w- c:\windows\system32\CTDetres.dll
2010-01-18 14:12 . 2010-01-18 14:12 -------- d-----w- C:\found.000
2010-01-14 09:31 . 2010-01-25 16:04 -------- d-----w- c:\documents and settings\Michael\Application Data\skypePM
2010-01-14 09:29 . 2010-01-25 20:53 -------- d-----w- c:\documents and settings\Michael\Application Data\Skype
2010-01-14 09:29 . 2010-01-14 09:29 -------- d-----w- c:\program files\Common Files\Skype
2010-01-14 09:28 . 2010-01-14 09:29 -------- d-----r- c:\program files\Skype
2010-01-12 00:12 . 2010-01-12 00:12 2165 ----a-w- c:\documents and settings\Michael\Application Data\.purple\certificates\x509\tls_peers\rsi.hotmail.com
2010-01-02 17:31 . 2010-01-02 17:31 -------- d-----w- c:\program files\SyncToy 2.1
2010-01-02 17:30 . 2010-01-02 17:30 -------- d-----w- c:\program files\Microsoft Sync Framework