Malware panel appearing C:\Google\googleupdate.a3x

Closed
Posts
1
Registration date
Wednesday September 10, 2014
Status
Member
Last seen
September 10, 2014
-
Posts
1522
Registration date
Tuesday October 4, 2011
Status
Member
Last seen
October 23, 2015
-
Dear sir
I'd like to ask you about my computer lap top HP. It appear the the panel after window starting. Line 0 (File"C:\Google\googleupdate.a3x") error. So how can I solve this?
Thanks in advance for your answer.

Best regard

4 replies

Verecno is a malware classified as worm. This malware infection most possibly dropped by other malware or as a file downloaded by drive-by download technique when users visiting malicious sites.

Windows Defender and Microsoft Security Essential will detect this virus as Worm:Win32/Verecno.A

The verecno worm drops the following files:

C:\Google\Autoit3.exe
C:\Google\Google.lnk
C:\Google\Windowsupdate.lnk
C:\Google\GoogleUpdate.lnk
C:\Google\GoogleUpdate.a3x
%User Startup%\GoogleUpdate.lnk
%User Startup%\GoogleUpdate.a3x
%User Startup%\WindowsUpdate.lnk
{removable drive letter}:\Hot.lnk
{removable drive letter}:\Movies.lnk
{removable drive letter}:\My Games.lnk
{removable drive letter}:\My Pictuers.lnk
{removable drive letter}:\My Videos.lnk
File size 133.4 KB (136649 bytes)

Line 0 (File"C:\Google\googleupdate.a3x"): Error: Error opening the file

Each time at Windows startup the above error message window will appear because of this worm removed by anti-malware installed in the system. But malicious registry entry created by malware to auto-start & run itself on every reboot that entry still be present that's why getting this error on system startup.

Follow below steps to get rid of this error,

Press Win+r, type regedit and enter.
Now press ctrl+f, type googleupdate.lnk and hit find.
Windows registry search and show detect entries under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run path just delete it and hit find to found next.
Similarly search with autoit3.exe, windowsupdate.lnk, googleupdate.a3x
#D09r
Posts
13334
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Hello,

- Download MBAM by clicking " Free Download Version".
- Save it on your desktop.
- Double- click the downloaded file to launch the installation process (if the firewall asks for permission to connect to Malwarebytes, accept)
- Once the software is installed and running, go to the "Review " tab.
- Select Review "Custom" and then click Check Now.
- Select all drives and all exam options (including search rootkits).
- Ensure that Process as malicious detections is selected for PUP and PUM.
- Click Start exam.
- If an update is shown click Update Now and then wait for the review
- Once the review is completed , make sure that the action Quarantine is selected for all elements detected.
- Click Apply actions. If asked to restart the PC, do it.
- In the Review tab, click Export Log = > text file (txt). Otherwise, go to the history tab and Application logs.
- Paste the report.

Gabriel.
Posts
47366
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 1, 2021
11,363
Hello

Looks like you got yourself a worm type virus.

Stand-by for help from our expert 2011N2 (Gabriel)
Posts
1522
Registration date
Tuesday October 4, 2011
Status
Member
Last seen
October 23, 2015
3
Hi,

UsbFix Clean this worm with only one Click ;)

-> http://ww25.how-to-remove.us/remove-googleupdate-a3x-autoit-8/

Regards