Thanks skyviper. I was doing it late at night and I guess I didn't read the whole thing through zzzzz... Deleted those files you listed and everything back to normal. One thing worries me though is how it got through. When the original file d/led and I got the alarm from my Symantec a/v, I did all the right things but it still got through. The only thing I can think of is afterwards, I noticed I didn't have the 'scan in compressed files' box checked in the a/v software. Maybe that was it.

A couple of observations that might be of use to someone are that:
1) Although I uninstalled limewire using Start>All Programs>limewire>uninstall, which ended with a 'successfully uninstalled' dialog, most if not all of the original files were still there (though lw didn't show up in Control Panel>Add/Remove Progs). Manually deleting the l/w directory produced a regular error dialog in place of re-running lw, meaning lw was finally off the system.
2)When I'd cleaned everything up and all seemed ok, I ran the security check on the Symantec site and all ports came up as stealthed, which suggests the back door is now closed.
3) winupdates was not part of the payload, so I suspect outlook.exe was the equivalent file in this instance.
4) It showed up on my system as Alcra C.
Thanks for the advice folks, I'll keep this one tagged in case I can do the same. Good hunting

Late addition: Just ran spydoctor and picked up the following reg entry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr ent Version\run outlook=C:\Program Files\outlook\putlook.exe /auto