GeneriClean is a feature in Damage Cleanup Engine (DCE) that provides automatic clean-up for detected malware.
GeneriClean incorporates referential cleaning to clean registry entries and processes which reference detected malware files.
Below are the new and enhanced features of GeneriClean:
- Restores modified general policy settings to Trend Micro recommended settings
- Disables malware related services
- Deletes re-spawned autostart registry entries upon reboot
- Detects and removes malware rootkit components
- Terminates malware running processes
- Deletes related autostart registry entries
- Deletes component AUTORUN.INF files
The following are required to enable the Enhanced GeneriClean:
- Damage cleanup engine (DCE) 5.32 or above (tsc.exe)
- Damage cleanup pattern (DCT) 948 or above (tsc.ptn)
These are available in the ActiveUpdate Server.
- tsc.ini file
- On the Security Server, delete the ..\PCCSRV\Download\hotfixnt.txt file.
- Rename the tsc.ini file to "tsc.ini_old".
- Download tsc.ini and then copy it to the ..\PCCSRV\admin folder.
- Open the file and save it.
- Check the timestamp of the tsc.ini file. It should reflect the date today.
- Open the ..\PCCSRV\Autopcc.cfg\apnt.ini file.
- Look for the "admin\Tsc.ini" line. If it does not exist, add it.
- Save and close the file.
- Wait for 2-3 minutes and the hotfixnt.txt will be automatically generated.
The Security Server will now notify the security agents and deploy the tsc.ini file. If hotfixnt.txt was not automatically generated, restart the Trend Micro Security Server Master Service:
- Click Start > Run.
- Type "services.msc" in the Open field.
- Right-click Trend Micro Security Server Master Service and select Restart.