• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Think I have got a trojan?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Quattro

Member
Joined
Nov 30, 2003
Right I think I have got a trojan that's causing iosdt.exe to run my CPU at 100% all the time. How do I get rid of this problem?

Many thanks,
James

BTW: How did I get a trojan?
 
I did have Norton until recently when I did a reinstallation of XP and I didn't put Norton back on there. Is that what have done it?
 
Thanks. I just downloaded AVG and it found a trojan straight away.
So let's see if it worked.
 
In the last day or so I have also been getting a lot of stupid random pop-ups which I thought was odd considering I'm using firefox.

EDIT: What is the best free firewall? I guess anything is better than the crappy built in XP one?

:santa2:
 
I still have "isodt.exe" running away in the background taking up all my cpu.
 
Run a search for Bargains.exe. It is a nasty little program that will send you pop-ups like crazy. The only way to remove it is to uninstall it and that takes answering a questionaire. It drove me freaking nuts :temper:
 
The Windows firewall is good enough for most users: normal users won't be able to deal with another type of personal firewall, which doesn't really protect you anyways
 
That is the main file of a trojan which allows remote access to your PC, and it is often obtained through pirate distributions of Microsoft software. It also has variants which travel through P2P according to some sources.

Supposedly all that needs to be done is a search for IOSDT from safe mode and deleting any files or folders you turn up. While in safe mode, if you scan with Spybot and Adaware, then save a logfile from HJT, we can take a look to see if there are any other problems your machine may have which are causing your popups.

You may want to take a look here:

C:\*windir*\system32\iosdt\

galador said:
Run a search for Bargains.exe. It is a nasty little program that will send you pop-ups like crazy. The only way to remove it is to uninstall it and that takes answering a questionaire. It drove me freaking nuts :temper:

The file he mentioned has no association with bargains.exe, running a search for it will likely not do any good - there are tens of thousands of infections which could cause the same symptoms bargains.exe causes. Picking any one and searching for it would be time poorly spent. ;)
 
Last edited:
I found that bargains.exe file hidden away.

How do I get into safe mode, do I hold F7 in the BIOS?
 
Quattro said:
I found that bargains.exe file hidden away.

How do I get into safe mode, do I hold F7 in the BIOS?

F8 while it boots. I would definitely recomend you download the trial to TDS-3. I linked it in my previous post.
 
Does a search for iosdt turn up nothing?

You might want to look at this article which will tell you where to look in the registry to find keys that might point to the iosdt.exe file at startup:

http://support.microsoft.com/kb/179365/EN-US/

In short, look here:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices

<Logon Prompt>

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

StartUp Folder

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

Quattro said:
I found that bargains.exe file hidden away.

How do I get into safe mode, do I hold F7 in the BIOS?

:eek:

:D Talk about a shot in the dark... There might be a lot of bargain buddy infections around, but sheesh, just out of the blue? Or did I miss something?

Seeing as you had a bargain buddy infection, you really need to install, update, and run spybot and adaware... Bargain buddy is a really good sign that someone has been hitting the freeware junk pretty hard, and there is likely a good amount of spyware on there.
 
Last edited:
I've wiped as much as I can find using like 8 different programs.
But nothing picks up with IOSDT thing.
 
And if you could be any more descriptive that may help also. "I can't find it manually" would become "a search with windows search tool found nothing and I looked in these folders but nothing was there" and "8 different programs" would become names of specific applications you used.

Personally, I get frustrated when I offer help and I get mostly vague responses and no answer as to whether any of my advice has been followed. If you ask questions, be courteous enough to respond to the people offering you answers.

Within explorer, you should go to tools>options>view>show hidden files or folders then look for the iosdt file/folder. It is on your filesystem if it is running as a process.
 
Last edited:
Back