Previous Topic Next Topic

Malware panel appearing C:\Google\googleupdate.a3x

Closed
Bunhuon Posts 1 Registration date Wednesday September 10, 2014 Status Member Last seen September 10, 2014 - Sep 10, 2014 at 01:47 AM
¡El Desaparecido! Posts 1519 Registration date Tuesday October 4, 2011 Status Member Last seen October 23, 2015 - Nov 21, 2014 at 04:38 AM
Dear sir
I'd like to ask you about my computer lap top HP. It appear the the panel after window starting. Line 0 (File"C:\Google\googleupdate.a3x") error. So how can I solve this?
Thanks in advance for your answer.

Best regard
Related:

4 responses

Answer 1 / 4
Gideon Macha
Nov 20, 2014 at 01:50 PM
Verecno is a malware classified as worm. This malware infection most possibly dropped by other malware or as a file downloaded by drive-by download technique when users visiting malicious sites.

Windows Defender and Microsoft Security Essential will detect this virus as Worm:Win32/Verecno.A

The verecno worm drops the following files:

C:\Google\Autoit3.exe
C:\Google\Google.lnk
C:\Google\Windowsupdate.lnk
C:\Google\GoogleUpdate.lnk
C:\Google\GoogleUpdate.a3x
%User Startup%\GoogleUpdate.lnk
%User Startup%\GoogleUpdate.a3x
%User Startup%\WindowsUpdate.lnk
{removable drive letter}:\Hot.lnk
{removable drive letter}:\Movies.lnk
{removable drive letter}:\My Games.lnk
{removable drive letter}:\My Pictuers.lnk
{removable drive letter}:\My Videos.lnk
File size 133.4 KB (136649 bytes)

Line 0 (File"C:\Google\googleupdate.a3x"): Error: Error opening the file

Each time at Windows startup the above error message window will appear because of this worm removed by anti-malware installed in the system. But malicious registry entry created by malware to auto-start & run itself on every reboot that entry still be present that's why getting this error on system startup.

Follow below steps to get rid of this error,

Press Win+r, type regedit and enter.
Now press ctrl+f, type googleupdate.lnk and hit find.
Windows registry search and show detect entries under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run path just delete it and hit find to found next.
Similarly search with autoit3.exe, windowsupdate.lnk, googleupdate.a3x
#D09r
6
Answer 2 / 4
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Sep 10, 2014 at 03:47 PM
Hello,

- Download MBAM by clicking " Free Download Version".
- Save it on your desktop.
- Double- click the downloaded file to launch the installation process (if the firewall asks for permission to connect to Malwarebytes, accept)
- Once the software is installed and running, go to the "Review " tab.
- Select Review "Custom" and then click Check Now.
- Select all drives and all exam options (including search rootkits).
- Ensure that Process as malicious detections is selected for PUP and PUM.
- Click Start exam.
- If an update is shown click Update Now and then wait for the review
- Once the review is completed , make sure that the action Quarantine is selected for all elements detected.
- Click Apply actions. If asked to restart the PC, do it.
- In the Review tab, click Export Log = > text file (txt). Otherwise, go to the history tab and Application logs.
- Paste the report.

Gabriel.
3
Answer 3 / 4
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,163
Sep 10, 2014 at 07:44 AM
Hello

Looks like you got yourself a worm type virus.

Stand-by for help from our expert 2011N2 (Gabriel)
1
Answer 4 / 4
¡El Desaparecido! Posts 1519 Registration date Tuesday October 4, 2011 Status Member Last seen October 23, 2015 3
Nov 21, 2014 at 04:38 AM
Hi,

UsbFix Clean this worm with only one Click ;)

-> http://ww25.how-to-remove.us/remove-googleupdate-a3x-autoit-8/

Regards
0

Similar discussions

Chrome extension keeps coming back
Ezpz -
Ezpz -

12 responses