The Au_.exe executable file belongs to the rogue anti-spyware program, SpyFalcon. This malicious program camouflages itself as an anti-spyware utility when in fact it is a Trojan. This malware has the capability to infiltrate your computer through security exploits and install itself along with other Trojans. What the file basically does is hijack the user’s desktop and changes user settings to make it function according to its own requirements.
Au_.exe is also linked to many other spyware, adware and cloaked malware groups. Where some say that the origin of this Trojan is unknown, some are of the opinion that the malicious software to which the file belongs can be downloaded easily from manufacturer’s website. The file is also said to be a part of the Arovax Anti-Spyware software. This may be probable, as the initial description says that this executable pretends to be an anti-spyware application.
How Au_.exe Infects your PC
The following are some of the ways au_.exe is known to affect the PC it infects:
- Deletes essential processes from the disk
- Executing harmful processes stored in temporary folders
- Creates other potentially dangerous processes on your system.
- Uses HTTP protocols to communicate with other computer systems for malicious purposes.
- Adds bad entries to the registry.
- Hijacks system processes to delete links in the Start Menu and can be a source of annoyance for many users.
- Looks at what’s inside the autoexec.bat file and invades your privacy by reading email addresses and phone book details.
- Go to Start and click on Search.
- Select All files and Folders.
- In All or part of the file name, enter au_.exe.
- Select Local Hard Drives or My Computer in the Look in: box and then click Search.
- Highlight Au_.exe in the results.
- Copy path to the file from the address bar and save in notepad.
- Open Windows Task Manager by pressing CTRL+ALT+DEL or CTRL+SHIFT+ESC key combination
- On the Processes tab, click Image Name and search for au_.exe.
- Select the au_.exe process and click End Process.
- Click Start, select Run, type cmd and press Enter to open Command Prompt.
- Use cd FullPathToAuFolder to navigate to this folder and the type dir to view the contents.
- If you find a file you want to delete, use the del filename command to delete it. To delete the entire directory, type rmdir directoryName and then press Enter.
- Type Exit and press Enter to close Command Prompt.
- Restart your PC.
As you can see that the manual removal process is quite complicated and the chances of deleting an essential file are always there. You should also note that this is not the only bit of malware floating around. There are many types of malware found on the Internet, and the best recourse is to use an anti-malware program like STOPzilla Antivirus and Spyware Cease to sweep your machine clean of spyware and other malicious programs.
You should also use a registry cleaner to repair any registry errors caused by malware.
Even though Au_.exe is neither classed as adware, browser hijacker, dialer, keylogger or remote administration tool, immediate removal is still recommended.