Blog

Sitemap

Home Blog Forums FAQ YouTube Email
Feeeed Me
Blog RSS Blog
Releases RSS Releases
Whats Eating My CPU
Date: 27/1/2005
In my previous post I mentioned that only when my CPU is pegged at 100% did the overheating thing happen. So surprisingly enough when my machine started falling over every 15 minutes I didn't twig to the fact that something was actually using all the CPU. Anyway I was poking around in the Task Manager and found that 'iosdt.exe' was eating all my CPU and I couldn't even kill it.

Oh great, my box is infected. This was what started causing my system to overheat all the time.

Well kinda, you see it's actually a legit application. But I certainly didn't install it. It's the distributed.net client installed as a service. In my case it's ridden in on some other apps back. Although I have no idea which.

The next question is how do I kill it?

Well lots of articles on the net say boot into safe mode and then delete it. It's much easier than that to rid yourself of the pest. Firstly, being a service, you can just stop the service using the control panel's Administrative Tools section. Look for 'distibuted.net client' in the services list. Stop the client and then check out the properties, it'll tell you where it's running from. Go to that directory and delete it. In my case it was installed here: 
C:\\WINNT\\system32\\iosdt\\iosdt.exe
I just deleted the whole folder. Interestingly enough it was generating work for someone with the email address nordom@o2.pl. Who will now start getting (more) spam now that I've posted their address on a well linked site. Hehe.
Comments:
Craig Rettig
27/01/2005 2:04pm 		You may want to send an e-mail to distributed.net (if you haven't already) and alert them to this user's misdeeds, since there can be monetary rewards for some of the work being done.

Disqualification AND more spam... Gotta love it!
MD
27/01/2005 9:17pm 		Yeah, i've encountered a D.net client on one of my computers too once... didn't check who it was for but now you know it, just inform distributed.net :) Ban the fucker!
fret
27/01/2005 9:21pm 		Distributed.net know about it already, when I googled the address their page about it came up. I wrote this article to help explain a better way of cleaning the infection so that google would index it and thus help others.
ParaNoiMia
30/01/2005 4:08pm 		Do you have any idea what the installation source was ? If so, please inform me
fret
03/02/2005 11:46am 		So far it crashes a few more times with a stop 0x0000000a and address in the kernal itself rather than a driver.

I have Win2k with service pack 4, so I guess the only thing for me to try now is the hateful XP. *sigh*
fret
03/02/2005 11:48am 		But at least the tempurature of the CPU (Athlon 1.4ghz) doesn't go over 60°C when running at 100% and idles at 47°C.
Looney1
02/03/2005 6:11pm 		Thanks for the information on "IOSDT.exe" This thing has been killing me and even though I had identified it, I couldn't get rid of it with any of the other methods that were reccommended. I went to Google and found your post - so thanks again for helping me. I'm sure that you've helped many others as well!!
lstud
03/07/2005 11:28pm 		My Norton ID'it and I went thru all the gymnastics to get rid of it deleted the windows\system32\iosdt\file. It doesn't show up in my Norton anti virus runs anymore, however whenever Spysweeper runs it Id's it and there is no indication that it is still residing in the system 32 file. Does Spysweeper have a bug that just keeps recognizing this as a remnent though it appears to be gone or has it gone into hiding somwhere else and Norton doesn't recognize anymore? Anybody else have this problem?
 
Reply
From:
Email (optional): (Will be HTML encoded to evade harvesting)
Message:
 
Remember username and/or email in a cookie.
Notify me of new posts in this thread via email.
BBcode:
[q]text[/q]
[url=link]description[/url]
[img]url_to_image[/img]
[pre]some_code[/pre]
[b]bold_text[/b]