Attention Before you read this post, I highly recommend you check out my resources page for access to the tools and services I use to not only maintain my system but also fix all my computer errors, by clicking here! |
If you’ve recently noticed the au_.exe process in Windows Task Manager, then you may have been taken aback by how much resources it was consuming. Many end users observe the au_.exe process consuming a considerable amount of system resources, especially during the installation or uninstallation of an app.
There are a number of internet security tools, such as McAfee, Avira and Avast that frequently flag this specific process. However, in the vast majority of cases, these reports are false positives.
Although, in the most cases, au_.exe is not malicious, it’s definitely in your best interest to, at the very least, investigate. A simple investigation may entail, monitoring the amount of resources the process is consuming during the installation (or uninstallation) of a program. Then comparing that, to when the system is idle.
Au_.exe Overview
So, what is au_.exe? Essentially, it’s a scripting engine that forms a vital component of AutoIt executables. It is very popularly used, as you will find it in a large portion of apps, released in the past couple of years alone. Below is a small list of apps that use the au_.exe during its installation or uninstallation:
Adobe Reader
Mozilla Firefox
Veoh
DivX Player
Yahoo Toolbar
Spotify
Razer Synapse
The primary responsibility of the au_.exe process is to pack a script into the SFX file, which in turn automatically starts the scripting engine. End users will thus, observe the au_.exe process within Windows Task Manager, while this is happening.
Note: If the end users was to forcibly close the au_.exe process within Windows Task Manager, it would immediately halt the installation or uninstallation process.
There are a wide number of adware installers that use the au_.exe process for the installation of their malicious programs. This in turn, has led to a lot of security suites flagging this process. However, in most cases they’re nothing more than false positives (as previously mentioned).
The reality is, that there isn’t any real way, for the security suite to determine whether or not the script run by au_.exe is legitimate, so, all instances of it are immediately flagged, just to be on the safe side.
Should You Remove Au_.exe?
In most situations, there is little reason for you to remove the au_.exe process. This is because the process is usually removed automatically, every time your temp folder is cleaned. That said, removing the file manually, will not in any way, adversely impact your operating system.
Moreover, any uninstall or installer that requires the au_.exe process, is more than capable of recreating the file.
To delete the au_.exe file, the end user would need to visit the following location:
C:\Users\[UserName]\AppData\Local\Temp\nsu.tmp
Additionally, there’s also the built-in Windows Cleanup tool that you can use, to automatically empty your temp folder.
Is Au_.exe A Potential Security Threat?
In the vast majority of cases, the answer would be no. But there is a known rouge security program called Antivermins that uses the same au_.exe process. This rouge app tricks the end user into installing it, then proceeds to provide the user with fake reports. This, variant of the au_.exe process was first discovered in 2007; however, instances of it still linger on the web.
This rouge app is, for all intents and purposes, malware, and as malware its main objective is to spread, forcibly installing itself on unsuspecting systems. The generally accepted term for these types of apps is rouge scanner.
What Affect Does Au_.exe Have On Your System?
Still talking about the Antivermins rouge scanner; it will produce a lot of popups messages claiming your system is infected. However, these reports are lies, designed to trick the user into purchasing a subscription for their removal. The scanner will claim it can remove the virus for a small yearly fee, but will continuously and regularly charge you.
Here are some additional ways this malicious app can and does adversely affect your system:
- It downloads malicious files directly to your systems temp folder.
- Prevents or inhibits integral system processes from running optimally.
- It steals confidential information from your computer.
Verifying Au_.exe
Now that you have some idea of what au_.exe is, the next thing for you to consider, is the legitimacy of the process on your system. Au_.exe as previously mentioned, is created dynamically, during the installation or uninstallation of an app; stored in your systems temp folder.
So an effective way to verify the legitimacy of the process is to visit its known stored location (as mentioned above), and check whether the file is there. From there you can determine whether the file is in fact, legitimate.
Another thing to take note of is the processes persistence. If it remains in Windows Task Manager (under Processes), even after the uninstallation or installation process has complete, then that should be cause for concern.
How to Fix It
The first thing you’ll want to do is quickly restart your system. Then check whether or not the process has gone.
If it has not, then you should do the following:
1. First, ensure you’ve booted into your computer as a full administrator.
2. Then right-click on the Taskbar and select Task Manager.
3. When Windows Task Manager loads up, under the Processes Tab, locate, then right-click on Au_.exe and select Open File Location.
4. Now upload the file to the following site: https://www.virustotal.com/gui/home/upload
Note: Click on File -> Choose file. When the Open applet appears, type the File Location into the File name box and click on Open.
This online scanner will attempt to determine the legitimacy of the file. If it reports that the file is malicious, then you should run a full scan of your system, using your current internet security solution.
If you don’t have an antivirus tool installed on your system, or you’re simply interested in trying something new (or potentially better), then I recommend you give SpyHunter a try. It’s amongst the very best antimalware tools out there. Both efficient and proficient in locating and removing threats from ones system.
You can learn more about this powerful tool, from the link below:
CLICK HERE TO CHECK OUT SPYHUNTER
Run Windows Repair Tool to Fix Au_.exe Errors
Another method you can use to analyse the authenticity of the Au_.exe process is through the use of Advanced System Repair Pro.
This is a tool that comes with a wide range of built-in tools and capabilities. Making it capable of scanning your system for malware, spyware, Trojans and alike. In addition, it can also clean your system, removing clutter and junk files.
Other capabilities include system optimisations which can, when implemented revitalise your system.
You can learn more about this helpful tool, from the link below:
CLICK HERE TO CHECK OUT ADVANCED SYSTEM REPAIR PRO
Use SFC
SFC stands for System File Checker, and is a tool used to repair or replace erased or corrupted system files. In the event that your system has been infected with a malicious file, due to the au_.exe process, a full system scan with SFC may be in order.
You can find additional information on this tool, from my post on how to run SFC Scannow.
Run DISM
DISM is another built-in repair tool, much like SFC, only it’s designed to restore the overall integrity of your operating system using replacement files from Microsoft’s server.
To run this tool, simply do the following:
1. Boot into your system as an admin.
2. Then press + R, type cmd and press CTRL + Shift + Enter.
3. When Command Prompt loads up, type the following command (below) and press Enter.
DISM /Online /Cleanup-image /Restorehealth
Are you looking for a way to repair all the errors on your computer?
If the answer is Yes, then I highly recommend you check out Advanced System Repair Pro.
Which is the leading registry cleaner program online that is able to cure your system from a number of different ailments such as Windows Installer Errors, Runtime Errors, Malicious Software, Spyware, System Freezing, Active Malware, Blue Screen of Death Errors, Rundll Errors, Slow Erratic Computer Performance, ActiveX Errors and much more. Click here to check it out NOW!