Sign-in / Sign-up
Your question
Solved

Avast found a virus (or something else malicious) in Catalyst Control Center?

Tags:
  • Windows 7
  • Antivirus
  • Catalyst
  • Trace
Last response: in Windows 7
June 9, 2014 12:25:38 PM

Hi, so when I turned on my PC today I saw this message:



I cannot find any way to trace the filepath, and I also ran an OTL scan (if that means anything), which you can find here.

https://www.dropbox.com/s/djwgvgrjvzo06f5/OTL.Txt

Anyway, it says no further action is required, but is there anything to worry about? Are there more threats to come? Thanks for any help.

More about : avast found virus malicious catalyst control center

a c 281 $ Windows 7
a b è Antivirus
June 9, 2014 12:36:33 PM

don't look good. did it got a update just before the scan?
https://forum.avast.com/


AVAST forum offline due to attack

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

All the best,
Ondrej Vlcek
COO AVAST Software
m
0
l
June 9, 2014 12:45:44 PM

rgd1101 said:
don't look good. did it got a update just before the scan?
https://forum.avast.com/


AVAST forum offline due to attack

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

All the best,
Ondrej Vlcek
COO AVAST Software


I never made an account on the forum. I also don't think it updated... I will run Hitman Pro like blackbird says, see what shows up.
m
0
l
June 9, 2014 12:46:45 PM

rgd1101 said:
don't look good. did it got a update just before the scan?
https://forum.avast.com/


AVAST forum offline due to attack

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. No payment, license, or financial systems or other data were compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

All the best,
Ondrej Vlcek
COO AVAST Software


I never made an account on the forum. I also don't think it updated... I will run Hitman Pro like blackbird says, see what shows up.
m
0
l
a b $ Windows 7
June 9, 2014 12:55:32 PM

CCC.exe from what I remember was Catalyst Control Center, the software to run your ATI/AMD Video Drivers. Did you recently update it? If so, this is probably a false positive (been a while for Avast to do that), that it didn't know what that version of CCC was and quarantined it (locked it away not in the normal filepath is why you couldn't 'find it' when you browsed, to prevent it from causing damage). Have you checked Avast! for software updates (Open Avast, Click Settings, Update then click UPDATE next to PROGRAM)?
m
0
l
June 9, 2014 12:58:10 PM

SR-71 Blackbird said:
Run

Hitman Pro.

http://www.surfright.nl/en/hitmanpro


Thanks for the suggestion. I ran hitman pro and it found some toolbars and "malware" which was dogecoin mining software. That was it.
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:01:03 PM

YOU SHOULD BE CLEAR IT'S REAL THOROUGH.
m
0
l
June 9, 2014 1:02:00 PM

SR-71 Blackbird said:
YOU SHOULD BE CLEAR IT'S REAL THOROUGH.


What should be thorough? Hitman?
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:05:02 PM

It finds and gets rid of almost anything out there.
Great tool.
m
0
l
June 9, 2014 1:05:51 PM

SR-71 Blackbird said:
It finds and gets rid of almost anything out there.
Great tool.


It did a very thorough job. Thank you for recommending it. It doesn't seem like there was really anything besides ask toolbars which I SWEAR I SAID NOT TO INSTALL. However, when I restarted my PC it had a little Hitman thing popup before the "welcome" screen. Is this recurring?
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:15:29 PM

I just uninstall it when I'm done using it.
m
0
l
June 9, 2014 1:19:24 PM

SR-71 Blackbird said:
I just uninstall it when I'm done using it.


Yeah, I just did the "one time" run.
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:21:44 PM

That's sufficient.
m
0
l
June 9, 2014 1:25:56 PM

SR-71 Blackbird said:
That's sufficient.


Thanks for all your help.
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:28:44 PM

No problem.
m
0
l
a b $ Windows 7
June 9, 2014 1:33:21 PM

Xexoxix said:
SR-71 Blackbird said:
It finds and gets rid of almost anything out there.
Great tool.


It did a very thorough job. Thank you for recommending it. It doesn't seem like there was really anything besides ask toolbars which I SWEAR I SAID NOT TO INSTALL. However, when I restarted my PC it had a little Hitman thing popup before the "welcome" screen. Is this recurring?


That is called 'BUNDLED" software. You install one thing (Java update for example) and it installs additional stuff with it. Just slow down when installing / updating things and don't "CLICK CLICK CLICK CLICK CLICK through all the prompts" slow down and READ them. You will then get used to what to 'look for' to avoid such things being installed in the future.
m
0
l
a c 598 $ Windows 7
a c 154 è Antivirus
June 9, 2014 1:39:03 PM

Not all software is honest about listing these add-ons unfortunately.
m
0
l