Damage Cleanup Services can remotely assess and repair system damages on Microsoft Windows NT 4 Server and Workstation with Service Pack 6 or later, Windows 2000 Professional/Server/Advanced Server with Service Pack 3, Windows XP Professional, and Windows 2003 Server Standard/Enterprise from the Control Management Web console.
DCS 2.0 now only displays if
an NVW 1.x device is present on the Control Manager network. Control Manager
will automatically detect and display DCS 2.0. However, if there are no
NVW 1.x devices present on the Control Manager network, DCS 2.0 will not
display.
DCS 2.0 is now only used by NVW 1.x devices. If you require the benefits
of DCS, version 3.0 is now available to provide cleanup services.
No DCS license information is shown in License Information screen when installing Control Manager, unless performing an upgrade from a previous Control Manager version, with NVW 1.X devices registered to the previous Control Manager version.
If you install Control Manager 3.5, and then register NVW 1.x devices to Control Manager, you must enable DCS manually.
Open the SystemConfiguration.xml file located at in the Control Manager home directory.
Locate m_iEnableDCS2_0 in the SystemConfiguration.xml file.
Set m_iEnableDCS2_0 to 1 to enable DCS.
Setting m_iEnableDCS2_0 to 0 disables DCS.
Damage Cleanup Services offers the following features and benefits:
Damage assessment reports: Damage Cleanup Services offers the ability to generate and view damage assessment reports using the latest damage cleanup engine and damage cleanup template. This information is vital to ensure optimal system performance, especially after an outbreak occurs.
Regular and scheduled tasks: use Damage Cleanup Services to create regular and scheduled tasks. These tasks provide central reporting back to the Control Manager server.
The following two centralized management actions are available when performing tasks:
Assessment only: assessment on machines with possible virus remnants still in the network
Cleanup: assessment and cleanup including removal of virus remnants that could re-attack a network
Remote deployment: create and perform scheduled damage assessment and cleanup tasks from the Control Management Web console
Seamless integration with other Control Manager services: Damage Cleanup Services is easy to integrate with other Control Manager services such as Outbreak Prevention Services and Network VirusWall 1200. After an outbreak is contained, Control Manager can prompt Damage Cleanup Services to assess and cleanup existing managed products (under the Product Directory) with minimal intervention. This prevents additional damage and saves time.
This screen shows the current Damage Cleanup information:
Damage cleanup template (DCT): displays the damage cleanup template in use. The damage cleanup template includes the database for all Internet threats (worms, trojans, and backdoors) and works with the damage cleanup engine
Damage cleanup engine (DCE): displays the damage cleanup engine in use. The damage cleanup engine removes unwanted registry entries created by worms or Trojans, and memory resident worms or Trojans. The engine can also repair a system configuration file such as "system.ini" after it has been altered or infected by malicious code.
Scheduled template download: displays status of the schedules template download. Click on Scheduled template download to see the list of all Control Manager scheduled component downloads. Alternatively, you can also manually download the damage cleanup template.
To manually download the damage cleanup engine and template, do the following:
Click Administration > Manual Download. The Manual Download screen appears.
Select Patterns/rules > Damage Cleanup Template in the Manual Download screen.
Select an update source.
Select a retry frequency.
Configure proxy settings (if not previously configured). To save your settings, click Save, and then OK.
Click Download Now.
This table displays the following information:
Task Name: displays the name of each completed task. To see a task's history, click on the task name. In the Task History screen click Run Now to run the task.
Completion Date/Time: displays the date and time for each completed task. The date and time is sorted in descending order. The task completed most recently is the first one starting from the top.
This field may also display In progress if a task is currently running.
Deploy Failed: the number of machines Damage Cleanup Services attempted to, but failed to assess due to connection problems or incorrect login credentials. Damage Cleanup Services will only find damages when the deployment is successful.
To view additional details about the machines in which the deploy failure occurred, click the respective number under Deploy Failed.
Damage Found: the number of machines Damage Cleanup Services found to be damaged while performing an assessment only task. For cleanup tasks, the Damage Found column displays n/a. To view additional details about the machines on which damage was found, click the respective number under Damage Found.
Cleanup successful: the number of machines Damage Cleanup Services cleaned while performing a cleanup task. For assessment only tasks, the Cleanup successful column displays n/a. To view additional details about the machines in which damage was cleaned, click the respective number under Cleanup successful.
Cleanup Failed: the number of machines Damage Cleanup Services could not clean. Machines cannot be cleaned if they are still infected, or executable or .DLL files on the target machine that need to be removed have been locked by the system. To view additional details about the machines the task failed to clean, click the respective number under Cleanup Failed.
Damage Free: the number of machines determined to be damage free while performing either an assessment only, or a cleanup task
Total: the total number of machines assessed and/or cleaned while performing a task
Unsupported: the number of machines Damage Cleanup Services found to be using incompatible operating system versions. To view additional details about the unsupported machines, click the respective number under Unsupported.
Template Number: the damage cleanup template number used to perform a task