Suspicious hard drive activity?

Hi folks, new here so sorry for my lack of knowledge.

We’re read through various threads but it’s all a bit too technical for our heads :smiley: We’ve noticed of late that our system (Toshiba with XP Home & Office Pro) has been acting a little strange. It takes a lot longer to start up and the HD is very busy, the left button on the mouse has a mind of it’s own and we can’t pull or drag pictures. We assume we have some sort if malware or trojan…to be honest we really don’t know what it is. A few days ago there was an Avast warning pop up, telling us not to panic but yet it wouldn’t allow me to move to virus chest so I deleted it. We ran Avast Virus Cleaner and nothing came up. We also downloaded SpyWare Doctor, which found 3 mediun high and 2 low threats, but we must register and pay to have a full clean up so we deleted off the files thinking it was a bit of a scam.

We’re guessing the best thing to do is to clean the drive and start from fresh. Are we better off giving it to some professional to do this? Any advice or help would be greatly appreciated.

Cheers…

The better will be send to Chest… if you couldn’t… well, maybe running avast at boot time.
Is there anything into avast logs, I mean, the file path and name, the virus name?

It’s a very limited scanner. You need to run a full scanning with avast.

I suggest:

  1. Disable System Restore and then reenable it again.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

I couldn’t move or send it to the chest, it just wouldn’t let me. Each time I tried it would pop back up again, leaving me no alternative but to delete it. Probably exactly what it wanted me to do. I have no file path, name or virus name in Avast logs.

I ran a full scan with Avast after I ran the Virus Cleaner and nothing showed up.

I recon it’s some form of key stroke logger as the hard drive light goes ballistic each time I open a new web page.

I’l try the steps you advised, in that order. I assume you mean the temp internet folder files?

Oh and by the way, we’re running Mozilla Firefox now as we believe it got in through IE. Or could it have been Skype or other instant messaging applications?