I cleaned someone's computer...and then after endless hours of hard work and everything is working fine...he downloads some "web media player" that had the same virus that takes advantage of dllhost.exe. At least a dozen scanners and various programs fail to find the virus, I had to bomb the hard drive and start from scratch...so the first thing he does after endless hours of bad support for drivers and setting up and cleaning out the XP defaults (and having to order his Windows CD that he lost) he gets the same virus or a similar one on his system.

Anyway I had a single executable file (no other files required) that would in real time show you every file that is read or written to on the hard drive and what process it's associated with. Problem was that nForce 4 boards do not actually support onboard raid as advertised (on my 4th brand (or 10th board) socket 939 nForce4 board right now) and so before I was able to run a raid 1 had a hard drive crash.

The virus somehow reopens dllhost.exe so I've got it in my head that I can use this program that I can't remember the name (and can't remember what type it would be referred to as in the search engines). I could close dllhost.exe...and when it reopens watch the files requested....repeat a few times and figure out where the virus was...and then continue with my research to figure out what virus it is and how to remove it as it generates a(n apparently) random name in the startup. Since it's a laptop I can't clear it from the startup and hard boot and when I've tried it still pops up. Anyway I should be able to tackle the virus if I can find that program, oh it's freeware too. There is a pause option too (the scanner goes pretty fast). Does anyone know of the program I'm talking about? He had all the media players working just fine too! Gah!

- John