Today I ran into additional spyware that install through a security hole. Fortunately it seems not to completely install itself since some of its processes crashed immediately after the installation began.
This piece of spyware has many names, the most common is probably VxGame, dubbed by its file names. It install itself on the system and starts every time a user logs on. In addition, it also disables the Task Manager, preventing users from shutting down the unwanted processes.
I ran into this malware for the first time back in 2005. It is remarkable that the people behind the malware are still using the same practices now more than two years later, without being subject to legal action.
This one is straightforward to remove. I have saved a FreeFixer log and marked the unwanted files and setting below. If you are troubled with this spyware infection, just check the same items as I did and press the "Fix" button in FreeFixer and your computer should be clean.
FreeFixer v0.20 log http://www.freefixer.com/ Operating system: Windows NT 5.1 Log dated 2007-08-19 17:07 System policies HKCU\..\policies\system, DisableTaskMgr = 1 (Remove) Registry Startups HKLM\..\Run, System = C:\WINDOWS\System32\kernelwind32.exe (Remove) HKLM\..\Run, spoolsvv = C:\WINDOWS\System32\spoolsvv.exe (Remove) HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background Processes (23 whitelisted) C:\Program\Messenger\msmsgs.exe C:\Program\FreeFixer\freefixer.exe C:\3456346345643.exe (Remove) C:\syst.exe (Remove) C:\WINDOWS\System32\vedxg4am1et2.exe (Remove) C:\WINDOWS\System32\vedxga4m1et4.exe (Remove) C:\WINDOWS\System32\vedxga4m1et4.exe (Remove)