Cheat Engine

[Burningmace]

Could you launch Process Explorer and view the info on dllhost.exe, then paste the parameters that it was called with here?

e.g: dllhost.exe /load something.dll

[Haswell]

[Thanitos]

System restore to BEFORE you got the virus or your last resort of reformating, I found with the temp folder viruses they were just easier to system restore or reformat

[Haswell]

Not that I intend to keep the virus within my PC, but I could really learn something from its source code and the 'keepalive' process.

[Thanitos]

Alright, those are just the ways I used, but good luck

[Hero]

Delete cookies, temp folders, and system volumes back dating to when it started. if its backing up in any of these places it wont go away. It may also be locating in system folders.

[WhiteByte]

Record Packets with wpe pro or any efficent packet editor. Turn on all av's and firewall protections. When you find the ip use whois to discover more info about the originating location. I may be wrong but this might help.

[Haswell]

WPE Pro records packets within a specific process, and I still don't know how the virus got in. AV and firewall is on and running.

Still waiting for the virus to pop up again so I can root the rest out.

[Thanitos]

Whats your OS, fire wall, and virus software?

[Haswell]

XP Home Edition SP3, Outpost Firewall, AVG 8.5 Free.

[Luigi]

[Thanitos]

Ugh AVG should be considered a virus it self, you should look for a torrented version of Avast! or, my favorite, Eset nod32. I used a fire wall called ZoneAlarm, that is a good firewall.

[Haswell]

No warez. (hint hint)

I tried ZoneAlarm once. For every process I try to run it keeps asking me for permission. Based on this inconvenience, I uninstalled it.

1.5 hours to go until the anticipated time of the virus launch.

[Haswell]

20:30 passed without a hitch. I guess either the attacker quit, or he used an exploit in uTorrent, which I didn't run today.

Problem solved, requesting lock.

[Burningmace]

Glad to see you solved it