Long-time antivirus pros Malwarebytes claims to offer a free “antivirus replacement and anti-malware tool.” While it has been criticized for not offering enough antivirus features, I decided to take another look and signed up for the free 14-day evaluation license.
Malwarebytes has truly responded to critics’ doubts about its real-time scanning ability and put some powerful antivirus capabilities at the core of its product. Malwarebytes now offers three scan types—including the “hyper scan” which probes the system memory and startup objects for threats at an accelerated pace. The most comprehensive scanning mode, however, is actually the “threat scan” which looks for a variety of threats, including unauthorized registry edits, trojans, and worms.
Unlike previous versions, Malwarebytes now offers real-time protection—which looks for zero-day attacks or vulnerabilities that haven’t been patched yet. This feature uses four simultaneous layers, including web protection to block access to harmful websites and a behavioral (heuristic) analysis scanner to block programs that are behaving suspiciously. I tested the web scanner with a list of phishing URLs and the blocking worked seamlessly out of the box, without the need for browser extensions.
Granular Real-Time Protection Control
The real-time protection can also be configured on a per-application basis. The “manage protected applications” feature lets you decide which programs will be monitored in real-time and is pre-populated to include common applications like the VLC multimedia player and Microsoft Office suite. If it doesn’t catch a program you have installed, it can be added manually. For those with the right know-how, the advanced anti-exploit settings provide complete control over how the malware protection interacts with installed programs.
Using this window, I was able to toggle Data Execution Prevention (DEP) protection for Google Chrome and could enforce BottomUp ALSR Enforcement on all installed PDF readers. DEP protection monitors for potentially unsafe program memory use in real-time, and the ability to apply it across an entire type of programs (such as “media players”) or to a suite of programs (such as all Microsoft Office tools) could save a lot of configuration work for advanced users.
Real-time protection is the very core of product—the company has gone on record as saying that on average, less than ten percent of viruses and malware programs are now caught by the program’s signature-based definitions. This means the real-time protection is doing almost all the work, and why I strongly encourage users to invest in a Premium subscription.
Fast Scanning, Inconclusive Benchmark Results
The scanning itself runs extremely quickly (mine took under three minutes) and a nice chain-link diagram shows you exactly where the engine is in the file-checking process. I was able to watch as the scanner moved from checking the startup files to scanning the Windows registry and concluded by conducting heuristics analysis on running processes. While the scan detected all the virus samples I copied into the test folder, one piece of malware was missed. The program has a somewhat spotty track record with independent benchmarks, but it’s more than capable of serving as a system’s only antivirus tool.
After the scan concludes, a detailed report provides plenty of helpful diagnostic information such as the scan type that was run, the database that was used for the scan, and even the exact build number of the operating system at the time.
All aspects of the scanning process can be extensively customized. Users may wish to enable rootkit scanning (which is disabled by default) and can turn on malware scanning, ransomware scanning, and exploit protection. Likewise, Potentially Unwanted Program (PUP) and Potentially Unwanted Modification (PUM) scanning can be turned off to conserve CPU resources, but I don’t recommend it.
Malwarebytes allows the user to decide whether they want to use the program as a standalone or for additional security. I appreciated the ability to decide exactly which scanning methods to enable and noticed there were no prompts to override the built-in Windows Defender or Windows Firewall. A dedicated self-protection module ensures that the program itself isn’t corrupted by other tools on the system. This is helpful for users who run the program in conjunction with another tool, as false-positives can be hard to avoid when running multiple cybersecurity tools.
Schedule Scans Exactly When You Want Them to Run
Finally, the antivirus scanner provides a very comprehensive schedule scans management tool. I was able to create and edit an unlimited number of scheduled scans, configure recurrence intervals, and instruct the program whether or not to conduct an update check before initiating the scan. The scheduler also has a “recovery option” which allows you to execute a scheduled scan that was missed for any reason. Overall, this is more than the scheduling options that some more basic programs provide.
In the unlikely event that users identify a bug in the product, Malwarebytes even operates a “Bug Bounty” program in which the most interesting user-submitted samples are awarded cash prizes of between $100 and $1000. Evidently, they take security seriously.
Reports Area Provides Complete Scanning History
Malwarebytes features a dedicated reports module which aggregates all of the system scans. The reports are ordered chronologically, and entire scan reports can be accessed at the click of a button. This is useful for seeing how many files were identified with various scanning methods—users may wish to employ a less thorough scan if the reports are consistently “clean” for quarantined files, for instance.
Instant Popup Notifications Let You Take Decisive Action
Premium users can also enjoy access to instant popup notifications when any of the four real-time protection layers identifies a threat, such as a known phishing website being blocked, a virus being quarantined, or suspicious program modifications being identified.
In addition to providing immediate notifications, it also provides helpful guidance on what to do about it. When it flagged my phishing URL, for example, I was advised to whitelist the URL by clicking on “manage exclusions.”
Convenient Dashboard Provides Key Status Updates
Naturally, the more feature-packed a program, the more overwhelming the user navigation may appear. Thankfully, Malwarebytes has good User Interface (UI) principles and a dashboard which shows which system components are engaged. A green check-mark circle shows that the system is in good running order while a real-time protection sidebar allows users to toggle the four real-time protection layers without having to even enter the settings menus. Likewise, the dashboard shows when the last scan was, the next scheduled scan, and whether the program’s definitions are updated or not.
Seamless Internet Security Browser Integration
Malwarebytes’ internet security and blocking integrate directly with web browsers without having to install add-on tools or extensions (which can use RAM and affect search results). I tested phishing URLs on Google Chrome, Microsoft Edge, and Mozilla Firefox, and was prevented from accessing the website each time.
Ease of Use
Overall, Malwarebytes is a very user-friendly program. It’s simple enough for novices and has enough advanced controls for more highly-skilled users.
The dashboard, the well-organized menu options in the left sidebar, and the notifications were particularly good. These are also replicated under the bell icon on the dashboard—which is useful if you want to be reminded of what the system has recently detected. The chain-linked diagram while scanning showed me what the program was looking for. Windows users can even choose whether or not to show the program’s features within context menus in Windows Explorer.
Installation took under three minutes from download to opening the dashboard, and I didn’t need to install any additional components to use all the features.
Malwarebytes provides comprehensive support for both private and business users. The company operates an extensive online support area which includes a searchable index of troubleshooting guides and user guides for each supported platform (Windows, Mac, iOS, and Android). Easy-to-follow video content for common tasks, such as activating product licenses, is also available.
Dedicated Support Program for Ticket Monitoring
The company has a dedicated remote support option called Malwarebytes Support Tool. This standalone program provides a convenient means of looking up open support tickets and creating new ones without opening a browser or email. After I filled out the form, the program gathered logs from the main program before confirming the ticket and providing me with a number.
Additionally, the company provides a user support forum to request advice from both other users and staff members (these are conveniently listed in a directory). If all else fails, users can initiate a live chat session. Malwarebytes has offices in California, Estonia, and Ireland, and operates US and EMEA telephone support centers for both sets of business hours.
Support-wise, the team seems to be very competent. My query regarding whether newly installed programs are automatically included in the real-time protection scanning received an answer in under five hours. (The answer, by the way, is yes.)
Malwarebytes Premium is available to purchase online as one- and two-year subscriptions for Windows, MacOS, and Android; the iOS version must be purchased directly from the Apple App Store. Pricing is tiered between one and ten devices—and at the top end of that scale, the price really becomes a bargain.
Notably, Malwarebytes offers a 60-day money-back guarantee, which is among the longest guarantee periods in the industry. Additionally, all new users can test a fully-functional 14-day trial.
At the conclusion of the 14-day trial, users can continue using the product after it downgrades to the free version, or they can upgrade to Premium. However, only the Premium version gives users access to the four real-time protection layers which form its main defense against malware and zero-day threats.
Other differences between the free and Premium versions are:
|Feature||Free version||Premium version|
|Instant notifications with recommended action advice||No||Yes|
|Advanced scan options, including fast hyper scan mode||No||Yes|
Malwarebytes has restricted the program’s main feature—real-time malware protection—to the Premium version only. In my opinion, Malwarebytes would be of very little use without the upgrade. Without zero-day threat protection and the ability to configure scheduled scans, systems would be left wide open to a variety of dangerous cybersecurity threats. Either invest in the Premium version or don’t use it at all.