Solved

backdoor.eggdrop

Posted on 2004-09-14
2
186 Views
Last Modified: 2013-12-04
Symantec Corp Edition discovered the backdoor.eggdrop thingy on my win2k server.  I've tried all my tricks with no success.  I can isolate two dll's associated w/svchost.exe and can kill the process, delete files, edit registry.  Darn thing keeps poppin back up on boot.  Please help.  
0
Comment
Question by:rmperrett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 12058337
Hello rmperrett =)

Run Norton scan in Safemode,,,, u can also try running Stinger in Safemode ==> http://vil.nai.com/vil/stinger
Delete everything there, means the infected files and registries manually......
reboot back in Normal Mode and now check ??

Coz in normal Mode may be the virus\trojan variants are running in background, and cloflicting with the cleaning process !!
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12058376
here are some more information on backdoor.eggdrop, may be can narrow down things for u >> http://www.pestpatrol.com/pestinfo/b/backdoor_eggdrop_17.asp
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question