Malwarebytes is more effective than SuperAntiSpyware.
When compared to other security tools the advantage of Malwarebytes Anti-Malware
is that it uses a proprietary low level driver
similar to some anti-rootkit (ARK) scanners to locate hidden files and special techniques
which enable it to detect a wide spectrum of threats including active rootkits. The new scanning engine in version 2.0 has some enhancements to deal with current threats that the old version did not have.
Malwarebytes is designed to remove malware effectively with a THREAT SCAN (QUICK SCAN) which checks memory, looks at the most prevalent places and known launch points for active malware infections. Areas and methods tested include: Memory Objects, Startup Objects, Registry Objects, and Filesystem Objects. The THREAT SCAN also detects any running malicious files regardless of its location so even if the malware is running from a location not checked by the file system portion of the scan, the THREAT SCAN would still detect it. This check includes not only running processes, but also loaded modules such as .DLLs injected into other processes. Malwarebytes uses heuristics
that bypasses polymorphic blackhat packers & encryption, MD5
, check memory (loaded .exes and .dlls), unique strings, autostart load points and hotspots (everywhere current malware is known to load from) and multiple other malware checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes.
Enabling Advanced Heuristics Engine (Shuriken)
under the 'Detection and Protection' Option section enables a second method of heuristic analysis to Malwarebytes detection techniques. Heuristic analysis is always employed, even when this option is not selected.
Note: If there is an undetected dormant file not actively infecting the computer, then a CUSTOM SCAN might find it. However, a dormant file is not a threat to the system and an anti-virus is actually better suited to detect non-active threats due to it's scanning engine's design model and large database.
By default, files marked for "Remove
", are copied, renamed, encrypted and password protected, then sent to the quarantine folder. Quarantined items can be viewed by looking under the quarantine tab in Malwarebytes. The original file is either immediately removed or removed on reboot. While in Quarantine, the copy of the renamed original file is no longer a threat and therefore cannot do any harm. If at a later date you find MBAM removed a legitimate file (known as a false positive
), it can be restored from Quarantine by clicking the Restore button. When the quarantined file is known to be malicious
, you can delete
it at any time by launching the program, going to the Quarantine tab, and choosing the option to delete. If the file was a false detection, then you can choose the option to restore it.
BTW, where is au.exe running from...the full file path (location)?
Ace Utilities by Acelogix_Software using this file name as well as malware.
i.e. C:\%Program Files%\Ace Utilities\