Hey thanks Maniac! I had a go with HJT myself and tried to "fix" these entries in safe mode. Sure enough, next scan didn't have these entries and after those files (spoolsv.exe and lsm.exe) were deleted, I haven't seen them pop up again! I'd still like to know what I was infected with and more importantly, whether it was possible to resolve it using just MBAM and without HJT's help (messing with the registry always makes me paranoid. But these entries seemed to be the culprit) Anyway, since you asked, I've followed your instructions and these are my logs (taken AFTER doing the above fix) MBAM log: DDS.log Attach.txt