trojan removal

my brother has downloaded a trojan called deep throut on to our pc and ever time i try to deleate it the sever file say that the programe is running and i cant get rid of it ??
some said run FDISK and restart your pc what is he talking about ??

can any one help

cheers stuart

Which version of Windows are you using and is it connecting or searching the internet?

you can run Spy++ or some other process killer and then kill it, and delete it (if you're lucky you can use altctrldel and kill it)
you could take it off your startup (win.ini system.ini registry startup folder autoexec etc.) and then delete it after you reboot
you could get antivirus software to remove it

good luck

Hit Ctrl+Alt+Del and see if the trojan is in the Close Program list. If it is, close it. Then you should have no trouble deleting it.

the best thing i like to do is to go into MS-DOS mode, not ms-dos prompt and delete it. That way the system wont be using the files so you can delete it, (unless it's in a file ms-dos uses, then you need to definatly get an ANTI-Virus)

I would suggest doing the following.

Goto Start-->Run. and type "msconfig".

Check through the autoexec.bat, win.ini, and system.ini tabs. Look under the Windows, and Boot files in each tab, and uncheck anything that appears suspicious, note the filepath, then restart.

Once you've retarted, with a bit of luck - the trojan shouldn't be running. Use windows explorer to navigate to the filepath you nothed down, and delete it. If its says its still running then its being booted via another method. Its too tricky to find if you dont know what youre looking for so I would recommend using a trojan remover. Theres plenty around, try searching the web.

Deep throat isn't a particularly sinister trojan, its only decent capability being the opening of a public FTP port.

You can type "netstat -n" at a DOS prompt, and if you see a port 21 LISTENING on the local side - then its active. Disconnect immediately.

Good luck

Chief