Monday, 25 June 2007

Network Problem, Win32/Robknot.CA

On Friday last week the network went down, discovered 5 hours later, one of the network cards in one of the many servers that we have went down, this was causing intermittent network packets and bad packets to go flying around our network.

Now today we were looking at the network down again, one of the things that was looked at this time was the integrity of the network, were things were plugged in. We have had local loop problems before, but not on this scale. the problem was identified to be in E Block, so being told to get out of someones office, I talked to one of my colleges who informed me of a teacher who plugs her network cable into a the network plug beside her desk so it doesn't dangle. One quick run over and pull the network cable out the whole network goes back to normal. Why were both ports made active in the first place? There is only one teacher laptop!

So in all, both Friday and Monday, 6 hours of teaching with no network, unstable computers, and students. Things are now back to normal. Now for students to come running to me panicking about there assessments now being able to be handed in is all over.

One would have though things would be back to normal, however when our antivirus software Computer Associates eTrust starts throwing up errors and infected object windows it is not a help.

Win32.Robknot.CA, 258 Infections :(

From the ca website.

Win32/Robknot.CA
Date Published: 7 Jun 2006
Last Updated: 7 Jun 2006

Characteristics
Type:
Worm
Category: Win32
Also known as: Email-Worm.Win32.Brontok.q (Kaspersky), W32/Brontok-N (Sophos), Win32.Robknot.CA (EZ Antivirus), Win32/Robknot.Variant!Worm (InoculateIT), W32.Rontokbro@mm (Symantec)

Description
Win32.Robknot is a worm that spreads via e-mail and modifies system settings in order to inhibit its detection and removal.
For more detailed information regarding the functionality of the Win32.Robknot family, please visit the Win32.Robknot description elsewhere in our encyclopedia.

Win32/Robknot.CA
eTrust Antivirus v7/8* (Vet Engine)
Removal Instructions


Signature: 12.6.2235

Removal Instructions:
Download and apply the latest eTrust Antivirus signature file update. Launch the eTrust Antivirus - Local Scanner and run a full scan on all affected computer systems, with the "Infection Treatment File Actions" set to "Cure File" and enable the System Cure feature.

No comments: