• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 210
  • Last Modified:


Symantec Corp Edition discovered the backdoor.eggdrop thingy on my win2k server.  I've tried all my tricks with no success.  I can isolate two dll's associated w/svchost.exe and can kill the process, delete files, edit registry.  Darn thing keeps poppin back up on boot.  Please help.  
  • 2
1 Solution
Hello rmperrett =)

Run Norton scan in Safemode,,,, u can also try running Stinger in Safemode ==> http://vil.nai.com/vil/stinger
Delete everything there, means the infected files and registries manually......
reboot back in Normal Mode and now check ??

Coz in normal Mode may be the virus\trojan variants are running in background, and cloflicting with the cleaning process !!
here are some more information on backdoor.eggdrop, may be can narrow down things for u >> http://www.pestpatrol.com/pestinfo/b/backdoor_eggdrop_17.asp
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now