Whats Eating My CPU
|
---|
Date: 27/1/2005
| In my previous post I mentioned that only when my CPU is pegged at 100% did the overheating thing happen. So surprisingly enough when my machine started falling over every 15 minutes I didn't twig to the fact that something was actually using all the CPU. Anyway I was poking around in the Task Manager and found that 'iosdt.exe' was eating all my CPU and I couldn't even kill it.
Oh great, my box is infected. This was what started causing my system to overheat all the time.
Well kinda, you see it's actually a legit application. But I certainly didn't install it. It's the distributed.net client installed as a service. In my case it's ridden in on some other apps back. Although I have no idea which.
The next question is how do I kill it?
Well lots of articles on the net say boot into safe mode and then delete it. It's much easier than that to rid yourself of the pest. Firstly, being a service, you can just stop the service using the control panel's Administrative Tools section. Look for 'distibuted.net client' in the services list. Stop the client and then check out the properties, it'll tell you where it's running from. Go to that directory and delete it. In my case it was installed here:
C:\\WINNT\\system32\\iosdt\\iosdt.exe
I just deleted the whole folder.
Interestingly enough it was generating work for someone with the email address nordom@o2.pl. Who will now start getting (more) spam now that I've posted their address on a well linked site. Hehe.
|
Comments:
|
Craig Rettig 27/01/2005 2:04pm
| You may want to send an e-mail to distributed.net (if you haven't already) and alert them to this user's misdeeds, since there can be monetary rewards for some of the work being done.
Disqualification AND more spam... Gotta love it!
|
MD 27/01/2005 9:17pm
| Yeah, i've encountered a D.net client on one of my computers too once... didn't check who it was for but now you know it, just inform distributed.net :) Ban the fucker! |
fret 27/01/2005 9:21pm
| Distributed.net know about it already, when I googled the address their page about it came up. I wrote this article to help explain a better way of cleaning the infection so that google would index it and thus help others. |
ParaNoiMia 30/01/2005 4:08pm
| Do you have any idea what the installation source was ? If so, please inform me |
fret 03/02/2005 11:46am
| So far it crashes a few more times with a stop 0x0000000a and address in the kernal itself rather than a driver.
I have Win2k with service pack 4, so I guess the only thing for me to try now is the hateful XP. *sigh* |
fret 03/02/2005 11:48am
| But at least the tempurature of the CPU (Athlon 1.4ghz) doesn't go over 60°C when running at 100% and idles at 47°C. |
Looney1 02/03/2005 6:11pm
| Thanks for the information on "IOSDT.exe" This thing has been killing me and even though I had identified it, I couldn't get rid of it with any of the other methods that were reccommended. I went to Google and found your post - so thanks again for helping me. I'm sure that you've helped many others as well!! |
lstud 03/07/2005 11:28pm
| My Norton ID'it and I went thru all the gymnastics to get rid of it deleted the windows\system32\iosdt\file. It doesn't show up in my Norton anti virus runs anymore, however whenever Spysweeper runs it Id's it and there is no indication that it is still residing in the system 32 file. Does Spysweeper have a bug that just keeps recognizing this as a remnent though it appears to be gone or has it gone into hiding somwhere else and Norton doesn't recognize anymore? Anybody else have this problem? |
|
Reply
|
---|
From:
|
|
Email (optional):
|
(Will be HTML encoded to evade harvesting)
|
Message:
|
|
|
|
|
|
|