No AV or anitmalware picked this up. The file wwwpos32.exe hides in user/start menu/startup. Search for this name on google: wwwpos32.exe
Only two results came up. This must be rare.

At first a cmd look-alike window popped up with netsh in the caption and then disappeared.

I have no idea what it does but i just found it and deleted it after a lot of hassle.

It could be this file:
C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\wwwpos32.exe

Upload to virustotal to see if it is legit,

polonus

I dont have any logs cuz it didnt come up in any scan. And no, it ain’t legit. That thing was using superhide on my PC and wasnt even visible with “show hidden files”. You gotta kill the process and unload it with something like killbox.

EDIT: Can’t upload it as i cudnt see it in explorer.

Hi streamlined,

Hi, 100% of users decided to remove it:
http://www.freefixer.com/library/file/50158/

It is a 04 section entry
O4 - Startup: wwwpos32.exe

For info on the 04 autostarting programs: http://www.bleepingcomputer.com/tutorials/tutorial42.html#O4Diag

There was some=one with a similar problem here:
http://www.viry.cz/forum/viewtopic.php?f=13&t=96563#p800493
Could be a rootkit,

polonus

Exactly. This is a rootkit. I killed it before it could even start up I posted this thread just to give everyone else a heads-up on this file.

I also request Avast to do some professional forensic research on this threat and its mechanism.

Hi streamlined,

They will read here, while it is their own forum, I assume, so they will notice these postings and will act accordingly, stay secure and safe, is the wish and command of,

polonus