Pros & Cons
-
- Near-perfect score in malware blocking test
- Very good protection against malicious and fraudulent sites
- Ransomware protection detected all samples
- Now includes tools and data breach reporting
- Perfect score from one antivirus testing lab
-
- Some tools limited to Windows 11
Malwarebytes Premium Security Specs
| Behavior-Based Detection | |
| Malicious URL Blocking | |
| On-Access Malware Scan | |
| On-Demand Malware Scan | |
| Phishing Protection |
The earliest antivirus programs identified known malware by matching byte patterns called signatures. Modern malware techniques defeat signature-based detection, so modern antivirus apps like Malwarebytes Premium Security employ heuristic detection, behavioral analysis, and other advanced techniques. Unlike Malwarebytes Free, which only scans on demand, the premium edition is a full-scale antivirus with all expected features. Malwarebytes earned excellent scores in some of our tests, but Editors’ Choice winners Bitdefender Antivirus Plus and Norton AntiVirus Plus boast top scores from multiple independent labs and offer more advanced features.
How Much Does Malwarebytes Premium Security Cost?
A single year’s antivirus subscription for Windows and macOS editions is commonly priced at just under $40 per year. ESET NOD32 Antivirus, Trend Micro Antivirus+ Security, and ZoneAlarm Pro Antivirus + Firewall are among the antivirus utilities that fit this profile. Bitdefender and Webroot Essentials are also under $50. Malwarebytes splits the difference, at $44.99 per year for one license.
Where most antivirus apps come in packs of one, three, five, and possibly 10 licenses, Malwarebytes is more flexible. You can choose from two to 20 licenses at a price of $29.99 plus $10 per license. So, for example, a two-pack costs $39.99, and a 20-pack runs $229.99.
The Malwarebytes Plus edition adds VPN protection. Its price is $47.99, plus $13 for each additional device for more than five devices. Pricing for five or fewer licenses doesn’t follow a simple pattern, but you can protect two devices for $72.99 per year and four for $92.99. I’ll discuss the VPN component when I evaluate the top-tier Malwarebytes Ultimate.
With Norton AntiVirus Plus, you pay $84.99 per year for five licenses, or $59.99 for one. That gets you an array of suite-level features, including online backup, firewall, a vulnerability scan, and more. McAfee AntiVirus Plus used to offer unlimited cross-platform licenses for $64.99 per year, but the current McAfee AntiVirus covers just one PC. You get it through third-party retailers, where it typically costs about $49.
No money in the budget for antivirus? No problem! You can install Avast Free Antivirus, AVG AntiVirus Free, or a dozen other free antivirus utilities at no charge.
Simple Interface, Speedy Scan
After a quick installation, the Malwarebytes main window appears. The current edition has undergone some changes. Where the left-side menu used to just include Dashboard and Settings, it now adds Identity Protection and Tools. In addition, the menu now shows icons only, sliding out to display text labels when you point at it. The free edition also includes Identity Protection and Tools; I’ll describe those below.
At right, a large panel houses the Malwarebytes Trusted Advisor feature, which initially advises running a full scan. Much like the AutoPilot feature in Bitdefender, Trusted Advisor reports on the status of your protection and offers advice on how you can bring your score closer to 100. For a boost to your confidence, you can review the security successes that contribute to your ever-improving score.
(Credit: Malwarebytes/PCMag)In the middle, you’ll find three large panels titled Scanner, Detection History, and Real-Time Protection. The free edition looks almost identical, except that all three features are enabled. A larger panel below represents the VPN component, which is enabled only if you’ve paid extra to include it. This review focuses on the basic Malwarebytes Premium, not the Plus edition bundled with VPN protection.
(Credit: Malwarebytes/PCMag)Out of the box, Malwarebytes uses a light or dark theme matching your overall Windows theme, though you can override this to force one or the other.
Scans and Schedules
When you call for an on-demand scan, you get a full Threat Scan by default, just as you do with Malwarebytes Free. In testing the free edition’s ability to clean up existing malware infestations, I found that the full scan averaged from four to nine minutes. The same was true when scanning with Malwarebytes Premium. By observation, if the initial scan finds a significant malware problem, it requests a Deep Scan. In testing, this scan averaged about one hour and 45 minutes, just slightly faster than the current average of two hours.
(Credit: Malwarebytes/PCMag)The scan scheduler lets you run a full, quick, or custom scan on a regular basis. You can choose an hourly, daily, weekly, or monthly scan, or you can set it to scan any time the system reboots. By default, scheduled scans wait to start until the machine is idle. Quick scan, custom scan, and scan scheduling are premium-only features and welcome ones.
(Credit: Malwarebytes/PCMag)Malwarebytes offers the free Browser Guard security plug-in for Chrome, Edge, and Firefox, whether you install the free or premium antivirus. In testing, it proved effective at steering the browser away from fraudulent (phishing) URLs and pages that host malware. If you use Chrome, Edge, or Firefox, be sure to install this useful extension.
Lab Test Results
Independent antivirus testing labs strive to create tests that emulate real-world situations, but this emulation isn't perfect. Some of them still include simple file recognition as one part of their testing. In the distant past, Malwarebytes rejected lab tests, stating that they couldn’t accurately evaluate the app’s advanced detection techniques. My notes show that a few years ago, Malwarebytes sporadically showed up in reports from AV-Test Institute, AV-Comparatives, MRG-Effitas, and SE Labs. But the latest reports from these labs don’t include Malwarebytes.
I recently added a fifth lab to my collection. AVLab Cybersecurity Foundation releases test reports every two months, and Malwarebytes has consistently earned top scores from this lab. In the current report from this lab, it scored a perfect 100%.
Each lab reports on the tested antivirus apps differently, so I devised an algorithm that maps the various outputs to a scale from 0 to 10 and then combines them to derive an aggregate lab score. Malwarebytes, like Sophos, has exactly one score, a perfect 10. A third of the antivirus apps I follow don't have any scores, so Malwarebytes looks good by comparison.
All else being equal, having scores from more labs is better. Avast, Norton, and Microsoft Defender Antivirus appear in the latest reports from all five labs, scoring 9.8, 9.6, and 9.1 points, respectively. ESET was tested by four labs and also scored 9.8 points, while Bitdefender and McAfee earned 9.8 points from three labs.
My Malwarebytes contacts point out that the company's ThreatDown antivirus for big business regularly earns perfect scores from MRG-Effitas. That's true, and it's certainly a good thing, but it won't contribute to the score for Malwarebytes Premium. All the labs are very clear that their results apply only to the actual product tested, not necessarily to related products.
Features Shared With the Free Antivirus
Naturally, this commercial product incorporates every feature from the free edition. In the important areas of real-time protection and web-based protection, it goes well beyond its free counterpart. However, a couple of new features appear equally in the free and premium editions. Please read my review of Malwarebytes Free for full details. I’ll summarize here.
(Credit: Malwarebytes/PCMag)Clicking the Identity Protection menu choice brings up a page with two features listed: Digital Footprint and Protect your digital identity. The latter is an identity theft remediation system that becomes available when you upgrade to the top-tier Malwarebytes Ultimate. As for digital footprint scanning, it takes any email you own and creates an exposure report, listing data breaches that have included the email, along with other exposed private data.
The new Tools page includes several warnings that the features are experimental and advises you to make a backup and set a system restore point before using them. Under Tools, you get three items: Windows Firewall Control, Startup Applications, and System Tweaks. Yes, Windows Firewall does have its own user interface, but the Malwarebytes version is easier to understand for the one user in a thousand who wants to configure Windows Firewall.
(Credit: Malwarebytes/PCMag)The startup manager does nothing more than reversibly disable items from launching at startup. It’s nothing like Norton’s fancy equivalent, which reports resource load and prevalence for each startup item and gives you the option of delaying launch rather than disabling it entirely.
Similar Products
Our Current Picks for The Best Antivirus Software for 2026
That leaves the System Tweaks component, which is accessible only in Windows 11. Here, Malwarebytes pulls together many items that you could reach via Settings or Control Panel and lays them out in a convenient format. See my review of the free app for full details.
Brilliant Malware Protection
For most antivirus utilities, my malware protection test begins the moment I open the folder containing my current collection of malware samples. The minor file access that occurs when Windows Explorer reads a file's name, size, and attributes is often enough to trigger a real-time scan. For others, clicking on the file or copying it to a new location gets the attention of real-time protection. If none of those events trigger real-time protection, I try downloading the samples from cloud storage.
Like Avast, Emsisoft Anti-Malware, and McAfee, Malwarebytes's on-access scanning doesn’t kick in until just before a program launches. Skipping mere on-access scanning saves time and resources, no doubt. However, I’m happier with an antivirus that wipes out known threats on sight. That way, you're protected even if the antivirus crashes or stops working.
To test this program’s malware protection, I launched each of my samples in turn. In every case but one, Malwarebytes quarantined the sample before it could launch. It also supplied a description of the malware type for each file it caught, such as Riskware, Adware, Trojan, BadJoke, or Virus.Parite.
(Credit: Malwarebytes/PCMag)UltraAV currently owns the top spot in this test, with 100% detection and a perfect 10 points. But Malwarebytes is a strong second, scoring 99% detection and 9.9 points. Webroot also managed 99% detection, but a few minor bobbles shaved its score down to a still impressive 9.7.
It takes me quite some time to gather and curate a new set of malware samples, so I use the same sample set for quite a while. My malicious URL blocking test, by contrast, always uses the very latest in-the-wild malware. It starts with a feed of real-world malware-hosting URLs supplied by London-based testing lab MRG-Effitas. I launch each dangerous URL and note whether the antivirus under test blocks access to the page, eliminates the malware payload, or sits idly without preventing the malware download.
Malwarebytes Free was at a disadvantage due to its lack of a real-time protection module that would check downloads for malware. The free edition managed 73% protection, slightly less than when last tested.
(Credit: Malwarebytes/PCMag)I repeated the test for Malwarebytes Premium, using the very latest malicious URLs. The premium edition earned points in three distinct ways. In many cases, Browser Guard diverted the browser away from danger, just as with the free edition. In other instances, a notification popped up explaining that the site was blocked based on the download of a dangerous file. I also observed pages blocked by the Web Protection component, though Browser Guard always gets the first crack.
(Credit: Malwarebytes/PCMag)With all these protective components in play, Malwarebytes Premium Security scored better than the free edition but still blocked just 83% of the verified malware downloads, a score that puts it in the lowest quarter of current products. At the other end of the scale, Avira Free Security, Bitdefender, Sophos Home Premium, and the Chrome-specific Guardio all reached a perfect 100%.
This test specifically measures how well each antivirus prevents downloads from malware-hosting pages. Just to see what would happen, I had Malwarebytes actively scan the malware downloads that made it through to the test system. It eliminated all but two of them. Likewise, when I tried to launch those fresh downloads, it blocked all but those same two from launching and deleted them. I’d like to see Malwarebytes apply that same level of scrutiny in all its protection modes.
Phishing Protection Success
A hack attack using malware must somehow get the malicious program onto your system, cause the code to execute, and evade detection by the operating system and antivirus software. A phishing attack, by contrast, only needs to fool the hapless user. Phishing sites mimic banks, retailers, and even dating sites, often using a URL that looks almost legitimate, like PyaPal for PayPal. A victim who logs in to the fake site has given away those all-important login credentials. Goodbye, bank account! Goodbye, social media reputation!
To test phishing protection, I start by scraping hundreds of newly reported frauds from sites that track such things. I work to include both those that have been analyzed and blocklisted and those that are still unknown. I launch each phishing URL in four browsers, one protected by the antivirus being reviewed and one apiece using the built-in protection in Chrome, Edge, and Firefox. If any of the four can’t load the page, I skip it. I also discard any pages that don’t actively attempt to steal login credentials.
Whether you’re running the premium edition reviewed here, the free edition, or Malwarebytes Premium Security for Mac, your phishing protection comes from Browser Guard. It’s not surprising that Browser Guard managed the same 96% detection regardless of the platform.
(Credit: Malwarebytes/PCMag)That 96% detection is a fine score, beating out protection built into the three browsers by an average of 20%. TotalAV Antivirus Pro also scored 96% in its own most recent antiphishing test. But that score loses some of its luster compared with the eight competitors that managed a perfect 100%. VPN-focused NordVPN Plus and Surfshark One were among these winners, as was the phishing-centric Norton Genie. In the standard antivirus realm, AVG, Avira, Guardio, McAfee, and Webroot also managed 100%.
Integrated Ransomware Protection
You don't really expect ransomware to get past your antivirus. Indeed, Malwarebytes handily eliminated every one of my ransomware samples before any could begin to execute. However, the potential consequences of missing a ransomware attack are staggering enough to merit a separate evaluation of this app’s ransomware protection component.
I don’t have access to zero-day ransomware attacks that slip past normal antivirus engines. To test ransomware protection, I turned off all the other real-time protection layers, simulating a zero-day situation. After carefully disconnecting the test virtual machine from the internet, I released my samples one by one and noted how Malwarebytes reacted.
The ransomware protection layer focuses on file-encrypting ransomware, so it’s not surprising that a whole-disk encrypting ransomware attack and a similar whole-disk wiper attack got past it. Two file-encrypting ransomware samples didn’t take any action (it happens) and thus weren’t detected based on behavior. But Malwarebytes caught all the remaining 10 file-encrypting samples. Most of them managed to encrypt a few unimportant Windows data files and logs while the antivirus was analyzing their behavior. However, one sample encrypted about six dozen files, including all the other ransomware samples. And another rendered more than 5,000 files into encrypted gibberish before Malwarebytes quashed it.
(Credit: Malwarebytes/PCMag)With all protection layers active, as they would normally be, Malwarebytes eradicated every single ransomware sample. Even when I crippled it by disabling everything except the lone ransomware protection component, it still detected and deleted all the file encryptors, with mostly minimal collateral damage. If a zero-day ransomware attack gets past this program’s other layers of protection, this test suggests its behavior-based ransomware-specific component will come to your rescue.
Exploit Protection Doesn’t Detect Failed Attacks
The explainer page that goes with Real-Time Protection includes a note that Malwarebytes protects against exploits that use security vulnerabilities to break into your system. Digging into advanced settings for this feature, I found a collection of exploit types handled by this feature, things like DEP bypass protection, Anti-Heap spraying detection, and Office WMI abuse prevention. I left all these settings alone, except to turn on one called Block penetration testing attacks.
(Credit: Malwarebytes/PCMag)Then, I proceeded to hit the test system with a couple of dozen penetration testing attacks generated by the Core Impact testing tool. These attacks target vulnerabilities in Adobe apps, Firefox, Windows components, and other products.
Exploit protection by Malwarebytes only takes action to prevent attacks with a possibility of success. Since my test systems are fully patched, they weren’t truly vulnerable, so Malwarebytes didn’t react.
Final Thoughts
(Credit: Malwarebytes)
Malwarebytes Premium Security
Unlike its popular free edition, which lacks real-time protection, Malwarebytes Premium Security is a full-fledged antivirus utility that captures malware on demand, on schedule, and on launch.