I found a link to what I thought was just some memory veiwing software at this thread:


I'm not completely sure but I think the program from Sysinternals.com loaded a spyware virus. My browser would slow down to the point of just stopping all together. I checked in "Network and Dial-up connections" and saw that I was sending huge amounts of data to the internet as opposed to what I was receiving. I used a program also from Sysinternals "Process Explorer" to see what was running. I saw a program call "mslaugh.exe" and immediately became suspicious. I checked it's properties and researched it as best I could with my ailing browser and find it was indeed a virus. I renamed it than rebooted then deleted it. It worked temporarily but I beleive it uses another file too. Maybe someone knows of this file and if possibly this could be duplicated. The file "DLLHOST.exe". If I kill that process than my browser behaves normally and I receive more bytes than I send as it should be.
Posted on 2003-12-21 12:07:57 by mrgone
That link isn't to a Sysinternals website, why would you blame them?

Go to Google and paste "mslaugh.exe" in and search, there are several hits on how to remove it.

While you are at Google search on ad-aware from Lavasoft. Download and run it to find any other spyware.

Then go get a antivirus program AVG at grisoft is free for home use.

Add zonealarm or one of the other firewalls and disable scripting in your browser.
Posted on 2003-12-21 12:25:07 by SFinegan
:sweat: Did you patch up the DCOM RPC? Looks like it came from blaster worm.

Posted on 2003-12-21 12:35:26 by roticv
Thanks roticv that was a very excellent link. :) Right on the money!
Posted on 2003-12-21 12:56:20 by mrgone
For future reference, SVCHOST.EXE nasties are running as SERVICES (NT), rundll32.exe are running as EVIL DLL, and DLLHOST.EXE is a locust abortion, is not part of os, is totally suspicious and implies infection by the FAGGOT WORM :)
lmfao and I thought the last funny one was the Brazillion Circus Midget Porn Virus hehehehehehehehe
Posted on 2003-12-24 06:12:22 by Homer