Malware panel appearing C:\Google\googleupdate.a3x [Closed]

Report
Posts
1
Registration date
Wednesday September 10, 2014
Status
Member
Last seen
September 10, 2014
-
Posts
1556
Registration date
Tuesday October 4, 2011
Status
Member
Last seen
October 23, 2015
-
Dear sir
I'd like to ask you about my computer lap top HP. It appear the the panel after window starting. Line 0 (File"C:\Google\googleupdate.a3x") error. So how can I solve this?
Thanks in advance for your answer.

Best regard

4 replies

Verecno is a malware classified as worm. This malware infection most possibly dropped by other malware or as a file downloaded by drive-by download technique when users visiting malicious sites.

Windows Defender and Microsoft Security Essential will detect this virus as Worm:Win32/Verecno.A

The verecno worm drops the following files:

C:\Google\Autoit3.exe
C:\Google\Google.lnk
C:\Google\Windowsupdate.lnk
C:\Google\GoogleUpdate.lnk
C:\Google\GoogleUpdate.a3x
%User Startup%\GoogleUpdate.lnk
%User Startup%\GoogleUpdate.a3x
%User Startup%\WindowsUpdate.lnk
{removable drive letter}:\Hot.lnk
{removable drive letter}:\Movies.lnk
{removable drive letter}:\My Games.lnk
{removable drive letter}:\My Pictuers.lnk
{removable drive letter}:\My Videos.lnk
File size 133.4 KB (136649 bytes)

Line 0 (File"C:\Google\googleupdate.a3x"): Error: Error opening the file

Each time at Windows startup the above error message window will appear because of this worm removed by anti-malware installed in the system. But malicious registry entry created by malware to auto-start & run itself on every reboot that entry still be present that's why getting this error on system startup.

Follow below steps to get rid of this error,

Press Win+r, type regedit and enter.
Now press ctrl+f, type googleupdate.lnk and hit find.
Windows registry search and show detect entries under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run path just delete it and hit find to found next.
Similarly search with autoit3.exe, windowsupdate.lnk, googleupdate.a3x
#D09r
6
Thank you

A few words of thanks would be greatly appreciated. Add comment

CCM 3407 users have said thank you to us this month

Posts
13336
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
37
Hello,

- Download MBAM by clicking " Free Download Version".
- Save it on your desktop.
- Double- click the downloaded file to launch the installation process (if the firewall asks for permission to connect to Malwarebytes, accept)
- Once the software is installed and running, go to the "Review " tab.
- Select Review "Custom" and then click Check Now.
- Select all drives and all exam options (including search rootkits).
- Ensure that Process as malicious detections is selected for PUP and PUM.
- Click Start exam.
- If an update is shown click Update Now and then wait for the review
- Once the review is completed , make sure that the action Quarantine is selected for all elements detected.
- Click Apply actions. If asked to restart the PC, do it.
- In the Review tab, click Export Log = > text file (txt). Otherwise, go to the history tab and Application logs.
- Paste the report.

Gabriel.
Posts
48725
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
June 23, 2020
15,104
Hello

Looks like you got yourself a worm type virus.

Stand-by for help from our expert 2011N2 (Gabriel)
Posts
1556
Registration date
Tuesday October 4, 2011
Status
Member
Last seen
October 23, 2015
2
Hi,

UsbFix Clean this worm with only one Click ;)

-> http://ww25.how-to-remove.us/remove-googleupdate-a3x-autoit-8/

Regards