Common Diagnostic steps for Antivirus

Common Diagnostic steps for Antivirus

1.      Checking the logs from system report or the event logs of TrendMicro/Symantec Antivirus, must know what happened and what we can do.

2.      Updating the virus definitions to up-to-date, and checking the logs from TrendMicro/Symantec Antivirus, to clean up the Quarantine, Backup Items and Repaired Items.

3.      Removing unknown programs and rubbish from Add/Remove Programs.

4.      Removing malicious search bar, tool bar and unknown ActiveX.

5.      Emptying the Temporary Internet Files

a.      Backup Cookies

6.      Turn off System Restore or reduce the disk space which could delete the previous restore points.

7.      Perform Full scan for the entire computer.

8.      Run AutoRun program to check the auto running programs in system

9.      Run ProcessNT program to check the unexpected running programs

10.  Check unknown Exe/DLL module from Google

11.  Check unknown DLL handle in ProcessNT and try to kill it

12.  Run Netstat �Can common in XP to check the listen port or run ICESWORD to check listen port directly

13.  Isolate the affected file/path, boot in Rescue Disc (WinPE) and then delete it directly, remember, backup before deleting