new red dot - recording activity - need password wt..????

Hey
This is actually just the newest strange thing to happen with my pc.
A red dot popped up next to the avast tray icon & when holding the cursor over it it says ‘Activity is being recorded’ When I click on it a password box pops up to access the viewer. This is definitely NOT something I set up. And have no clue what or where the viewer is.
So far the dot pops up regardless if I’m on or off the internet. avast never recorded my activity before & if it did it never alerted me or told me I need a password to access the viewer.
Any idea where I can find the viewer & password & stop the recording??

Similar problem - the 4th time I ran the virus scanner the archive files popped up as password protected.
Again something I never did & they scanned fine the 1st few times.
How do I even get to my archive files - much less find out what the ‘password’ is???

avast! has found trojans, adware, & spyware on my pc & cleaned it out. All that was before this red dot that started today.

This is my home pc - me & my hubby are the only ones w/access, I have a cable provider, [which has been compromised before.]

fyi - My password was changed on my photobucket account & 4pages of pix were deleted. So I changed all my passwords - this was before today & the red dot. None of my old passwords work.

Any ideas are welcome!!
Thanks tons!!
stumped

avast antivirus is disabled!

Never saw this avast behavior… are you sure this is the real avast icon?

Maybe this is the avast settings password. Are you the administrator of this computer?

Run RogueRemover, a utility that can remove various rogue antispyware, antivirus and hard drive cleaning utilities. Rogue applications are applications that rather than remove spyware, provide false positives, distribute malware or spyware, advertise, or provide useless uninstallers. The main point is that rogue applications are useless and eat up system resources.

Check http://www.malwarebytes.org/rogueremover.php

Any archive file or the ones that belongs to other applications? I mean, some applications password their archive files (Ad-aware, SpyBot, etc.).

I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Thank you so much for your detailed reply!!!
I’m in the process of scanning my brains out right now. I really appreciate all of the links.
I have noticed the red dot popped up when I tried to scan w/avast [nothing detected] & is up now while I scan w/Dr. Web [9 trojans found so far & it’s not even 1/2 way done]. It also disappeared when I closed those screens.

As far as the archive files these were files I had not seen before, the majority of them with game names, like frogger.exe & doom.exe & all are .exe. 2791 files in the archives I don’t all are involved. I did not download 1 much less all of these “games”.

It’s my pc so I guess you would call me the System Admin. I have had my pc taken over & used to hack into a mainframe through a comcast cable connection about 4yrs ago & I had McAfee back then. Some of the infected files now are Norton. Which I disabled when I loaded avast.

I’ll update you tomorrow. Back to scanning.
Thanks again!!
Wish me luck! ::slight_smile:

Is PC Pandora installed on your PC ? What you describe has all the symptoms of this keylogger. I remember this topic about it :

http://www.malwarebytes.org/forums/index.php?showtopic=2126

That would also explain how someone knew your photobucket password …

Greetz, Red.

Hello again!

I have run DR.Web CUREIT!, SUPERantispyware, MBAM, Spyware Terminator, Trend Micro Rootkit buster, Spyware Blaster, Windows Advanced Care, Secunia Software Inspector, Rogueremover, AVIRA, Kapersky Rootkit Scan, Runscanner, Panda Active Scan, Spyhunter 3, & went through the steps on 411 on PC Security to remove extra hidden files left from PC Pandora. A keylogger & supposedly the reason for the red dot.

They all found different trojans, malware & other nasty things, & now it is scanning clean - BUT the red dot is still there. saying “Your activity is recorded” & asking for a password to access the viewer.

I had Norton Internet Security before I installed avast!.

I’m at a total loss now.
I’m thinking of wiping the system - my only concern is if I do a back up, wipe the pc & then reload, I’ll just be putting the red dot files back on my pc.
Any ideas?
Thanks!!

Did you read the the link I posted ?

http://www.malwarebytes.org/forums/index.php?showtopic=2126

I would ask Miekiemoes for help who posted about PC Pandora there. She has her own forum now where she helps people with malware problems :

http://support.bluemedicine.be

It’s a Dutch forum, but it has also an English section where you have to post a HijackThis log to start with :

http://support.bluemedicine.be/mybb/forumdisplay.php?fid=62

Post also the symptoms and that you think it is PC Pandora. And when she is finished helping you give her a kiss from me :wink:

Greetz, Red.

Do you have Norton yet in your system? Disable is not enough.

  1. Remove NAV through Add/Remove programs from Control Panel. Boot.
  2. Use Norton Removal Tool for Windows 2000/XP/Vista. Boot.
  3. Install avast! (or repair the installation) and boot.

I suppose you’re not using more than one antivirus at a time…