This is our all-in-one roundup reviewing every Malwarebytes consumer security solution for 2022. On this page, after our brief intro, you’ll find
(a) a full evaluation of the entry-level Malwarebytes Premium, along with our reviews of the additional features incorporated with the rest of the range:
(b) Malwarebytes Premium + Privacy, and
(c) at the end of the article is our review of the free offering, Malwarebytes Free
You can jump to the reviews of those individual products by clicking on the links in the bar at the top of this page.
Malwarebytes is a Californian company which has been developing malware-hunting products for more than 15 years.
It claims the latest range is smarter than traditional antivirus, thanks to layers of technology like anomaly detection, behavior matching and application hardening.
There are no other major security extras, though. No firewall, parental controls, backup or anything else: Malwarebytes is just about the fundamentals, squashing malware and blocking access to malicious links.
You can sample the basics of the product anytime with Malwarebytes Free. There’s no URL blocking, no real-time threat detection, but on-demand scanning for malware, spyware and rootkits could make it useful as a ‘second opinion’ scanner.
- You can sign up for Malwarebytes’ antivirus solutions here
Malwarebytes Premium adds real-time protection, URL blocking and an extra layer of ransomware protection. It’s available for Windows, Mac, iOS and Android, but many of the most powerful technologies (URL filtering, ransomware and zero-day protection, uninstall protection) are Windows-only.
It’s priced at $40 a year for a single device, one-year license, or $80 to cover five devices.
A Malwarebytes Premium + Privacy bundle gets you malware protection and an unlimited Mullvad-powered VPN, also covering five devices, for an annual $100 (there’s no two-year discount.)
As an antivirus, that’s expensive. Bitdefender Total Security has many more features; covers Macs, Android and iOS as well as Windows, but can still cover up to ten devices for $40 in year one, $100 on renewal.
Total Security doesn’t have an unlimited VPN, but if that’s important, Avira Prime includes a VPN and a pile of other features, and also covers five devices for $100. Or if you’ve more hardware, a 25-device license is just $130, and monthly billing means you can try it out for just $10.
Malwarebytes installs quickly and easily. We were offered the chance to have a 14-day trial of Malwarebytes Premium, and although this requires handing over an email address, there were no other hassles of any kind (we didn’t even have to confirm our email.)
Checking the Malwarebytes installation folders showed a relatively lightweight package with around 400MB of files, and just a couple of significant background processes.
This didn’t look a package that would slow you down, but AV-Comparatives’ last Performance Test results suggested otherwise, placing Malwarebytes a disappointing 14th out of 17 contenders.
Malware may try to disable antivirus before attempting to infect a system, so a good security app needs to be able to protect itself. We test for this by launching various attacks of our own – deleting files, closing processes, disabling services, more – and checking to see if our performance remains intact.
Malwarebytes began well, with its core service beating off all our attempts to close it down, remove or disable it.
But then we managed to unload a key Malwarebytes filter driver with a single command, killing its ability to inspect files as they’re accessed.
This doesn’t automatically mean you’re vulnerable in every situation. An attacker could only launch this type of attack if it’s able to run malicious code on your system as an administrator; Malwarebytes should detect most dangerous files before they can run anything, and if it misses something, this shouldn’t have admin rights.
Even if a malware makes it over those hurdles, there’s still a chance Malwarebytes could block it at the behavioral level.
Still, this is a clumsy security hole which we rarely see with top antivirus apps, and it leaves us wondering if there may be other issues we missed.
If you’re the hands-off, ‘set and forget’ type, there’s not much to do after installation. Malwarebytes runs in the background and protects you immediately, with nothing else to do.
When you need to run an on-demand scan, that’s as easy as double-clicking Malwarebytes’ system tray icon, hitting the Scan button and waiting for the results. It’s all very straightforward, and even the least technical of newbies will feel at home right away.
Malwarebytes main Scan feature quickly checks memory, startup items and key areas of your file system. It made sensible choices on our test system, examining enough areas to be useful, but not so many that we were kept waiting for results, and completed in a speedy 7 minutes 25 seconds. (If you’re in a real hurry, a Quick Scan checked RAM and startup objects in as little as 5 seconds on our review system.)
Scan times overall proved reasonable, with Malwarebytes checking our 50GB of test executables in 25:18 minutes for the first scan, 21:18 for the second. That’s similar to many other vendors, although some speed up later scans by only checking new and changed files (Bitdefender Home Premium took 50 minutes for scan #1, for instance, but dropped to 50 seconds by scan #2.)
A separate Custom Scan enables choosing the items you’d like checked, including specific files and folders, and gives you a little control over how they work (whether it should scan inside archives, and what to do with ‘potentially unwanted programs’, for instance.) It’s a welcome touch, although doesn’t begin to match the high level of control you’ll see with more geek-friendly products from Avast, Avira and others.
You’re able to scan files, folders or drives from the right-click Explorer menu. Unfortunately, the Windows client can’t handle simultaneous on-demand scans, so try this when it’s running a regular scan and you’ll be told you must wait. This isn’t a critical issue – Malwarebytes’ engine still picks up threats as they appear, even if another scan is running – but it’s a hassle that you don’t get with the best antivirus.
Malwarebytes also provides simple URL filtering, detecting and blocking any attempts to access malicious links. This works at the network level, with no need for browser extensions, ensuring it protects all your apps.
Results were only average in our tests, but even that’s enough to be useful, and it’s a worthwhile addition to the package.
The Settings dialog is mostly about toggling features on and off (updates, notifications, web filtering, malware protection and so on), but you do get fine-tuned control over Malwarebytes’ exploit protection, where the packages uses multiple techniques to protect against zero-day attacks for common applications and application types.
These options are so technical that even the most expert of users might struggle to know what to do with them. (Should you apply ‘Dynamic Anti-HeapSpraying Enforcement’ to all your browsers, for instance? Quickly, now.) Other options are easier to understand, though (‘Disable loading of VBScript libraries’), and just having this level of control does bring some benefits. If you find your PDF reader isn’t working properly after installing Malwarebytes, for instance, turning off the various exploit features for PDF apps might deliver a fix.
If you’re hoping for a pile of bonus features – or any extras at all – then you’re out of luck. There’s no specialist banking protection here, no password manager, none of the items you might get with some packages. This focus on the fundamentals does at least keep Malwarebytes easy to use, though, and if you don’t need that kind of extra, you might appreciate its simplicity and lack of clutter.
Malwarebytes has never been the best performer in conventional lab tests.
AV-Comparatives’ July-October Real-World Protection test saw Malwarebytes placed 13th out of 17 contenders with a protection score of 99.6%.
AV-Test was even less impressed, awarding Malwarebytes 5.5/6 for protection in its October 2021 Windows Home User test. That placed it 19th out of 21 apps: only K7 Security and eScan scored lower.
Malwarebytes hasn’t submitted its software to SE-Labs consumer tests for a while. It does appear in the Q1 2021 Consumer Report, though, where it came last out of 15 with a Total Protection rating of 91% (Sophos, AVG, ESET and even Microsoft Defender scored 100%.)
That’s not great. Okay, it’s terrible. To try to verify this, maybe get some more detail, we put Malwarebytes through a few tests of our own.
The first involved test apps which exploited common Windows tools to create processes, download malicious files and generally behave in a suspect way. Malwarebytes ignored the behavior and, initially, the files. It blocked them all on launch, though, keeping us safe.
That’s a good end-result, but others are more cautious. Top performer Trend Micro spotted our test app’s dodgy-looking actions, and close their processes before they could download anything. Kaspersky and Bitdefender detected some of the behavior, and if they missed anything, spotted the malicious files when they were downloaded (no waiting for them to be executed.)
As a second, more high-stakes test, we pitted Malwarebytes against a simple ransomware simulator of our own creation. As the engine wouldn’t have seen this before, we would see if its behavior monitoring alone could detect the threat.
The results weren’t good, with Malwarebytes doing nothing at all as our simulator encrypted thousands of test documents.
Other vendors score much higher on this test. Trend Micro, Kaspersky and Bitdefender not only spotted our simulator by its actions alone, they also killed the process and recovered the handful of lost files, ensuring we didn’t lose a byte of data.
We normally don’t treat failing this test as a major black mark, because our test is a single sample, not even real malware, and it’s unsafe to draw big conclusions from so little data.
In this case, though, it does broadly match what the labs are saying: Malwarebytes simply doesn’t deliver the protection you’ll get from the best vendors, and that has to be a concern.
Malwarebytes Premium is a likeable security app which will make your PC a little safer, but it’s not the full antivirus replacement claimed on the website. Grab a copy of the free version (evaluated below), maybe, but run it alongside another antivirus app to ensure your safety.
Malwarebytes Premium + Privacy
Malwarebytes Premium + Privacy is, well, the name tells you everything: it’s the commercial Malwarebytes Premium plus the company’s VPN product, Malwarebytes Privacy.
Privacy uses Malwarebytes’ own apps (Windows, Mac, Android and iOS are supported), but these connect to Mullvad’s network underneath. That’s fine with us; it’s a solid VPN with excellent speeds and a strong focus on privacy.
The network looks a little small at 400+ servers in 30+ countries. They’re well spread, though, with thirteen locations in the US alone, so there’s a good chance you’ll have a server near you.
The apps are basic in the extreme, but there are technical pluses underneath. Malwarebytes Privacy connects via the fast and secure WireGuard protocol, for instance, and its apps include a kill switch to protect you if the connection drops.
Pricing isn’t bad at $100 to protect five devices and antivirus and VPN for a year – Mullvad charges $70+ for its VPN alone – but other top suites give you many more features.
Norton 360 Deluxe, for instance, includes antivirus, a VPN, parental controls, Dark Web monitoring, a password manager, webcam protection, hosted backup with 50GB of cloud storage, and more, and a five device license costs $35 in year one, $105 on renewal. If you’re looking for than just antivirus and a VPN, that looks a significantly better deal.
Malwarebytes Privacy has a simple but familiar interface. The dashboard displays your current location; you can choose another from a simple text list, then connect and disconnect with a click. Easy.
Desktop notifications tell you when you’re protected and when you’re not, and the dashboard updates to display your new IP, and highlight its location on a world map.
Switching servers is convenient as there’s no need to close the active connection, first. Just choose a new location from the list and the app reconnects.
The app is missing several common features. There’s no Favorites system to group your most commonly used locations. No ping or load figures to help you choose the best servers. You can’t switch protocols, either: it’s strictly WireGuard-only.
Look a little further, though, and you’ll find plenty of useful technical touches. The app can automatically connect when you access insecure networks, for instance. A kill switch protects your identity by blocking internet access if the VPN drops. Support for split tunneling enables controlling which apps use the VPN and which don’t, and a flexible multihop system can route your traffic through two VPN servers for extract privacy. We were impressed, briefly, until we spotted another big omission.
While most VPN apps try to connect to your nearest server by default, Malwarebytes Privacy doesn’t have an ‘Automatic’ or ‘Fastest’ option. It seems to choose Sweden as a default, wherever you are, leaving you to choose your preferred location manually.
Connection times were reasonable, at around 5 seconds. And the WireGuard protocol made for excellent performance, with UK download speeds reaching 780Mbps. We’ve seen faster – NordVPN got close to 900Mbps in recent tests – but it’s better than a lot of big names (Windscribe, Private Internet Access and Surfshark reached 400-500Mbps in recent testing.)
The core VPN engine scored well in some areas. If you’re connected to location A and switch to location B, for instance, most VPN apps close the first connection, leaving you unprotected until they establish the new one. Malwarebytes Privacy seems to use a temporary kill switch, blocking internet traffic for just those few unprotected seconds until the VPN is restored. Smart.
Unfortunately, the actual kill switch was less useful. We sometimes found that when the kill switch was on, the app couldn’t connect: it blocked our internet access so thoroughly, it couldn’t even get online itself. Not so smart.
The bad news continued with our final unblocking tests, too, with Privacy failing to get us into BBC iPlayer, US Netflix, Amazon or Disney+.
Malwarebytes Premium + Privacy looks cheap, adding a VPN for just $20 more, and speeds are great, but poor unblocking results and assorted technical troubles make it impossible to recommend. Check out a specialist VPN provider, instead – you can get a better service for under $40 a year with the best value long-term contracts.
The free edition of Malwarebytes has no real-time protection and won’t prevent a malware attack, but it can usually detect and remove any existing threats, from annoying adware to the stealthiest of rootkits.
This makes for a very limited application. You don’t have to worry about scan types, or scheduled scans, or all the regular Malwarebytes shields (web filtering, and malware, ransomware and exploit protection) – there’s little to do beyond click Scan when necessary and wait for the report.
The free Android app, like its desktop cousin, removes existing malware but can’t prevent new infections.
There’s a small bonus in a Privacy Audit, which shows you which apps can monitor your calls, track your location or exploit other permissions you might not realize you’ve given away. That’s not worth a lot – you can find other apps to do the same, for free – but we’re happy to see it here. And with a Play Store rating of 4.5, it looks like most users are happy, too.
Malwarebytes free iOS offering is simpler, with just a couple of functions: ad blocking for Safari, and automatic filtering of fraudulent texts.
Malwarebytes is supposed to be about malware protection, of course, and recent Windows testing shows it’s far less effective at this than most of the top competition.
Malwarebytes Free isn’t intended for use as your regular antivirus, though. With no real-time protection, you should be able to install and run it alongside your preferred antivirus as a second opinion, backup scanner.
Malwarebytes Free isn’t a great antivirus tool, but it could be helpful in a few situations. Use Windows Defender’s real-time protection, for instance (a fair choice as it outperforms some commercial apps), then run a daily Malwarebytes scan to catch everything else. You won’t have the protection you’ll get from the best suites, but you’ll be safe from most threats, and this setup won’t cost you a penny.
We’ve also highlighted the best antivirus