I was updating a Windows XP SP3 box and happened to notice that I had a new user account in documents and settings, called "UpdatusUser".

It had shortcuts to Windows remote assistance and LG updater. The LG item is the DVD drive in this box.

I looked at user accounts in control panel and the account wasn't displayed there.

A bit of investigation revealed that it must have happened when I updated the nVidia management software and drivers for the GeForce 8400GS video card. I allowed the updater utility to be installed, as there was no warning that it would create a system account.

Apparently it will do the same thing in Vista and Windows 7.

I am no expert at malware authorship but it did occur to me that this could be a potential exploit vector?

I uninstalled the nVidia updater utility and noticed that this does not get rid of the phantom account.

I am still trying to figure out the LG DVD drive bit though, as I can't quite see the connection?

The driver was 270.61