I have the Trojan, "Dark.Ftp on my harddrive, Can you help me remove it?

I posted yesterday that something was up with my computer. A couple of folks suggested I had a Trojan. My McAfee software didn't pick it up so I downloaded a free version of PC Doorguard and it picked up the Trojan Dark.FTP... Of course after they found it a window pops up and say's it won't delete it unless I buy the damn product..

So I googled and found how to do it manually... BUT...it's in computer talk and I'm a bit limited in that arena..LOL

Here's the link that tells me how to remove it manually... Can someone break it down and put this in laymans terms for me on exactly how to do this?
http://www.dark-e.com/archive/trojans/darkftp/141/index.shtml

Much appreciated...

Tru

Lets start there...

First we need to back up your registry and then we will need to edit it to remove the trojan. It is easier than it sounds.

To open your registry editor go to Start>Run> OK>regedit>ok

When you get to the part of this line that says regedit you need to type that word into the field and then press OK.

This will open regedit. Now click on Edit>Find and in the find field type MSRegScan (which is the name of the place we need to delete)

At the very bottom of the registry editor you should see this path:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

If you don't you aren't in the right location.

If you do highlite the MSRegScan and delete.

Reboot your computer search for the msregscn.whi file and then delete it.

click on START

click on RUN

type regedit and press ENTER

Click on EDIT then FIND and type in the word MSRegScan

Once found delete by pressing the DEL key.

Press F3 to search for more.

Once the registry is cleared of the trojan close the registry.

Restart the PC

Once restarted click on START then SEARCH then FILES OR FOLDERS

Search the harddrive for the file msregscn.whi and delete that by pressing the DEL key. Don't forget to empty the trash can.

That should do it.

... go to http://www.trojanshield.com and download the free 15 day trial of TrojanShield. Install it, update it and do a scan.


.... or

1)type in " regedit " into the box after clicking on "run" in the start menu. Click on HKEY_LOCAL_MACHINE scroll down to "Software" scroll down again to "Microsoft" and then down to "Windows" then "CurrentVersion" , scrolling again down to "Run". In the frame to the right, you should see "MSRegScan" .... right click on it in the frame and click on "delete"..... follow the rest of the instructions: 2)Reboot the computer. 3) Open Windows Explorer and delete " msregscn.whi ", or, if you can't find it, use the search to let windows find it for you and delete it.

on edit: Oh yeah, empty the trash bin.

...oh...you meant remove the virus, not the harddrive. My bad. :)

or is it on?

Start---->Run - type in 'msconfig' - go to the 'startup' tab. There are items listed with check marks. What I've done in the past if I wasn't sure what a module / app listed there was would be to plug the name into google - the first hit or two would usually provide adequate clarification.

Take it from someone 'in the biz' - be VERY careful tinkering with the registry - make certain you back it up before you do, well, pretty much anything with it. Its one of those things that's very touchy, so to speak.

Oh, and get yourself a good firewall (software or hardware) - and, even then, occasionally run 'netstat' from a command prompt - just to see EXACTLY who / what is connected to your PC and what they're doing.

-darknemus