My NAV sent an alert message that I've been infected by Backdoor.BladeRunner trojan horse. I made a full systen scan and deleted the virus file. My problem is, I cannot find the value to edit my registry as it is recommended at symantec's website. Please help...

I could find very little information on this backdoor. I do know, that if you are looking for it in the registry, I would check Run. Run Services. and Run Once. The backdoor itself isn't very well made, and shouldn't be a major problem. When infected it opens port: 5400, 5401, 5402. It has the typical features of a mediocre backdoor, perfect for some script kiddie. When looking for it in the Run key, look for values the refer to the infecting file. Usually C:\windows\(infected file name) or c:\windows\system\(infected file name). Also, a large number of virus scanners automatically delete the value in the registry when they disinfect. If you don't find it after extensive searching around HKEY_Local_Machine\Software\Microsoft\Windows\Run, then I would assume Nav got rid of it for you. Bis dann, Wolftech

thanx. I checked the run, run once and runonceex and couldn't find anything suspicious.