Possible new spyware/worm

[Jeff the Brit]

An odd case here:
XP2600 box running XP Home SP1, IE6 wouldn't load, but was showing under processes in Task Manager, but only using 8Mb or so of memory.
I cleaned off a lot of junk with Adaware and Spybot, installed AVG and got rid of everything it found, mostly trojans. IE6 still wouldn't load.
Hijack This showed a funny file, msbl.exe in the log. Windows let me delete it but the file and the registry key were re-created on each boot.
It turned out to be another file, mslb32.dll which was responsible for this. This file wouldn't delete. I only found the mslb32.dll file by looking at files in the system32 folder by date to see what else had the same date stamp as the msbl.exe file and looking in a text editor at the file contents. I have no idea of the origins of these two files, Google turned up a very few links with little to be gained from them.
I eventually fixed it by deleting the files in safe mode command prompt and dumping the registry key again.

Snippet of HijackThis log:

F0 - system.ini: Shell=explorer.exe C:\WINDOWS\System32\msbl.exe
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\System32\msbl.exe

Adaware, Spybot, AVG and Trend Micro's Housecall all missed this little horror.

I'd be interested to hear if anybody else has seen this particular beastie before. Nothing else appeared to be affected, only IE6. Maybe this will save some of you some time, I certainly used enough of my time cleaning this box !