virus scanner detects suspicious "WINDOWS\system32\iosdt": Delete ?

  • Thread starter Thread starter Thommy Kanther
  • Start date Start date
T

Thommy Kanther

When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

....not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network ?

Thommy
 
Thommy,

If you have a ISODT.EXE process then you have malware on your computer

Did you run one of thos cracker XP Product Activation patches? This is one way
to get this threat

Also, spoof your e-mail from the spammers that collect e-mail addresses from
these newsgroups
 
Thommy said:
When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

...not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network ?

Thommy
Click to expand...

You most definitely have a trojan, probably received during some
peer-to-peer file swapping. Yes, you should delete the iosdt.exe file
since that is the trojan's main file. You should probably do some
virus/malware housekeeping too since you don't practice "Safe Hex".

http://www.elephantboycomputers.com/page2.html#Removing_Malware

http://www.wilderssecurity.com/showthread.php?t=27971 - So How Did I Get
Infected Anyway?
http://www.getsafeonline.org/
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://www.claymania.com/safe-hex.html
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://msmvps.com/blogs/harrywaldron/archive/2006/02/05/82584.aspx - MVP
Harry Waldron - The Family PC - How to stay safe on the Internet
http://www.spywarewarrior.com/rogue_anti-spyware.htm - Eric Howes on
Rogue Antispyware Programs


Malke
 
Thommy said:
When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

...not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network ?

Thommy
Click to expand...

Already answered in the other newsgroup to which you posted. Please
don't multipost; it makes more work for everyone and will get you *less*
help, not more. See this for why:

http://www.blakjak.demon.co.uk/mul_crss.htm

If you have forgotten where you posted or can't find your post, use
Google Groups Advanced Search and search for your name.


Malke
 
Thommy Kanther said:
When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

...not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network
?

Thommy
Click to expand...



Look in Task Manager, is it taking a lot of CPU? If yes - delete it.
http://forum.tweakxp.com/forum/shwmessage.aspx?ForumID=28&MessageID=140660

Google iosdt for more help.
 
When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

...not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network ?

Thommy
Click to expand...

anytime you have such a question simply put the file name into a
search engine. Many will be rubbish hits. In your case, from
file.net. This one elooks "ugly" to eradicate.

"Description: iosdt.exe is located in a subfolder of C:\Windows
\System32 - normally C:\WINDOWS\System32\iosdt\. The file size on
Windows XP is 212992 bytes. The program is not visible. It is an
unknown file in the Windows folder. It is not a Windows system file.
iosdt.exe is able to record inputs, hide itself, monitor applications.
Therefore the technical security rating is 55% dangerous."

Start -> run -> msconfig (startup) and disable what that looks like a
distributed download client.

from another web site

This is a very sneaky infection. In order to find and remove the exe
you need to:
1. Open Control Panel > Folder Options
2. Click the View tab
3. Under Hidden Files and Folders click "Show Hidden Files and
Folders"
4. Next UNCHECK "Hide protected operating system files" Click APPLY.
5. Reboot in safe mode, (in XP press F8 before Windows begins loading)
6. Click "START " > "Run". Open C:\WINDOWS\system32
7. Delete files with IOSDT in the name. (there should be 1 folder,
iosdt, containing all the corrupt files). You may want to do a search
for iosdt to make sure everything is removed.
8. EMPTY the recycle bin
9. Reboot in Normal mode

If you find it is still there, go back and start again, sometimes the
APPLY function does not work first time. If when performing action 7
you cannot find iosdt, go back to the Control panel(you can do it in
Safe Mode, and perform Items 1 to 4 again. You will get to it with
this method I promise you. Good Luck and Good hunting
 
When I run my virus scanner it marks the following file:

C:\WINDOWS\system32\iosdt

...not as virus but as

Virus: not-a-virus:NetTool.Win32.Calc-DNet.h (Engine A)

Should I delete this file ?

Can I delete this file or is this an essential part of the windows network ?

Thommy
Click to expand...

(Sorry if this is a replication - the original reply seems to have
gone missing, but could pop up much later I guess)

iosdt is, from the internet, a nasty malware program. Anytime you are
curious about a program simply enter the name in a search engine.

start -> run -> msconfig (startup) and disable a "distributed download
client" if it appears.

then (from a web site)

This is a very sneaky infection. In order to find and remove the exe
you need to:
1. Open Control Panel > Folder Options
2. Click the View tab
3. Under Hidden Files and Folders click "Show Hidden Files and
Folders"
4. Next UNCHECK "Hide protected operating system files" Click APPLY.
5. Reboot in safe mode, (in XP press F8 before Windows begins loading)
6. Click "START " > "Run". Open C:\WINDOWS\system32
7. Delete files with IOSDT in the name. (there should be 1 folder,
iosdt, containing all the corrupt files). You may want to do a search
for iosdt to make sure everything is removed.
8. EMPTY the recycle bin
9. Reboot in Normal mode

If you find it is still there, go back and start again, sometimes the
APPLY function does not work first time. If when performing action 7
you cannot find iosdt, go back to the Control panel(you can do it in
Safe Mode, and perform Items 1 to 4 again. You will get to it with
this method I promise you. Good Luck and Good hunting
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Suspicious file problem 7
Error loading System 32 file 3
Files in system32/drivers/etc 3
WinXP restarts to the Welcome screen... Help, PLEASE!!! 3
Error loading c:\windows\system32\onmsnsmp.dll 4
lsass.exe help (might be sasser virus) 5
Accessing Directory C:\System Volume Information 5
Accessing Directory - System Volume Information 6

Back
Top