Jump to content

Recommended Posts

Hi, I'm the network admin for a school. About 2 years back, I had a WSUS server on the network to keep the Windows Updates current. I had group policy set so it wasn't supposed to reboot the PCs after the updates. But for some reason, users were complaining their PCs were rebooting without any notice. After weeks of users complaining, I turned off the updates. Probably the biggest mistake I made.

(In my defense, they hire me 2 days a week to take care of a whole district which includes 4 buildings and an admin office. The previous tech had a full week... I'm given 2 days to do the same she had a whole week to do. So I have to let the ball drop on some issues.)

Well, now almost 2 years later and the PCs are not updated. Now I have the conflicker virus on the loose on the network. I called Trend and they said it's because the PCs are not patched.

I asked them how to go about getting the virus off the network and they said I need to have all the PCs on the network patched. There are about 700 PCs on the network. I definitely don't have enough time in my 2 days a week to manually walk around and patch 700 PCs and keep up with my normal day-to-day stuff.

I have the WSUS server running again. I still have a lot of PCs that WSUS is reporting are not updating for whatever reason.

According to Trend, every single PC needs to have all the Windows patches on them to get rid of the virus. If 699 of my PCs are 100% patched and one PC is shy a few patches, my whole network is still compromised.

We are coming up on summer vacation and I have to get this figured out during the summer. Does anyone have any bright ideas on how to get rid of this virus on the network? The virus on the rogue PCs are constantly trying to reinfect the patched PCs. When it happens, the user gets a pop-up on the screen saying they're reinfected with the virus and gives the name and file that is infected. The file doesn't exist. Trend support confirmed what I thought that the virus isn't on the hard drive. The anti-virus is deleting as it's being attacked. But users are constantly getting alerts and they're complaining..

Link to post
Share on other sites

As a business you are not allowed to install or use the product in any capacity and is a violation of the EULA to do so.

As a licensed reseller, affiliate, corporate, non-profit or government user or tech shop, your current inquiry is eligible for Malwarebytes

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.