Usually, I test malware protection by challenging an antivirus utility to prevent the installation of my malware sample collection. However, as noted, Malwarebytes Free doesn’t include real-time protection. With no help from the labs, I had to find some way to evaluate its virus-busting skills. So, skipping the ransomware, I launched my samples in groups of six or eight, allowed them some time to finish installing, and challenged Malwarebytes to clean up each mess using its full scan.
(Credit: Malwarebytes/PCMag)
The time required for these scans varied between about five and nine minutes. At the end of each scan, Malwarebytes displayed its findings. By carefully examining those reports, I determined which samples it detected. Due to the number of traces found, the app suggested running a deep scan for all but one of the groups. The deep scan time ranged from one hour and 37 minutes to two hours and 22 minutes. More than half the scans required a reboot to finish the cleanup process.
The current average time for a full scan is two hours, while the average time for a Malwarebytes deep scan came in about one hour and 45 minutes. Yes, the initial scan remains blazingly fast, but if it finds malware, it’s worth your while to let it spend all the time it needs to root out the traces.
(Credit: Malwarebytes/PCMag)
In a surprising number of cases, Malwarebytes deleted the malware installer without doing anything about the active malware processes spawned by that installer. That’s no better than a total miss in my book. Not counting those installer-only removals, Malwarebytes detected 82% of my samples. When last tested, with a completely different set of samples, it detected 83%—at least it’s consistent.
Had Malwarebytes perfectly removed every trace of the malware it detected, it would have scored 8.3 points. However, the scans left behind tons of malware traces, including both executable programs and data files. Leaving behind executable programs cuts the score for a sample in half, while leaving large amounts of data files shaves increments off the score. Overall, Malwarebytes scored 6.8 points, very close to the 6.7 score from its previous test.
Once again, though, Malwarebytes does not attempt malware blocking in its free edition. As a cleanup-only tool, Malwarebytes can be forgiven for eliminating the essential, active malware files, leaving the rest to be swept away by your regular antivirus.
For a different sort of test, I rolled back the virtual machine testbed to a snapshot before any malware samples were launched and ran a full scan. Malwarebytes detected and quarantined 99% of the samples, including every example of ransomware. It also eliminated 98% of my set of hand-modified samples, an unusually high detection rate for those. If you’re lucky enough to run a scan between the time ransomware enters your system and the time it springs into action, the free scan could help, at least in theory.
