I believe, it will be best if it's somehow automated. The security question used to do a good job for a long time, but obviously a human user has hardcoded it inside the spam bot repertoire, so might just think of another security question. Another option integrating: Google's NO-Captcha ( http://googleonlinesecurity.blogspot.de ... ptcha.html )
I ran clamwin over it and didn't pick up anything. That file (RRebels.exe) doesn't seem to have been modified at all in the last year. It's going to be hard to not get false positives from software that manipules memory like that one does. Any more info?