You have been running TripWire, and have found and deleted a malicious Trojan. You do not know what accounts have been compromised.
Boot into Knoppix. Be sure to not enable networking as you boot into Knoppix (press F2 at the boot screen to see the options) so as to keep your system "dead" from the network.
chroot into your installation and change the password for the administrator. Also, disable all other accounts on the machine.
Disable all running services, as you do not know which (if any) have been compromised, and set up a very restrictive firewall to run at boot (one that does not allow any incoming or outgoing traffic).
Once you have done this, you now control your system again and the repairs can begin. You do not need to perform these repairs in class.
