IObit Malware Fighter Pro – Review 2020
You don’t install an antivirus tool with the idea that it will politely show the door to any malware it finds. You want it to get rough and tough, to fight that malware and keep it from coming back. From the name, you might expect IObit Malware Fighter to be just what you need for combatting existing and future malware infestations. And your expectation would be wrong. In our testing, this product proved to be more pussycat than tiger.
You pay $39.99 per year for an IObit license, which is a common price point. Bitdefender, F-Secure, Trend Micro Antivirus+ Security, Webroot, and others go for about that price. Admittedly, I have never seen a time when IObit wasn’t on sale for $19.99. For $59.99 you can get a three-license subscription for Kaspersky, Bitdefender, and others. Got a lot of devices? With McAfee AntiVirus Plus, that same $59.99 price lets you install protection on every Windows, macOS, Android, and iOS device in your household.
IObit does offer a free version of Malware Fighter, but it lacks bonus features and even some central antivirus features, and it doesn’t include tech support. Given that the commercial edition fared so poorly in testing, I didn’t see a point in evaluating the free edition separately.
Getting Started With Malware Fighter
After the quick installation, IObit warned that I needed to run a database update, and that a full scan was in order. Once I activated the installation with a registration code, it offered to turn on the Bitdefender malware scanning engine and the ransomware protection module, neither of which comes with the free edition.
The product’s main window uses a rich gray-brown background with minty green buttons. An animated status indicator dominates the middle, with a big Scan button below. At the left is a vertical menu of icons, with explanatory tooltips that float into view when you point to each icon. The choices are: Home, Scan, Data Protect, Browser Protect, Security Guard, and Action Center. Icons at bottom right display the status of the three protection engines, IObit’s own antivirus and ransomware protection engines, and an engine licensed from Bitdefender. I did note a surprising typo in the banner across the bottom that invites feedback and “suggetsions.”
IObit installs extensions for Browser Protection in Chrome, Edge, Firefox, and Internet Explorer. It loads in Internet Explorer automatically, but you need to take action to get the other extensions installed and enabled. Installing the extension for Chrome simply failed, even when I tried to do it from the Chrome store. My IObit contact explained that the Chrome extension is temporarily offline, waiting for Google to approve some new features.
Note that the last menu item, titled Action Center, is just an upsell page encouraging you to install other products. At present, these include IObit’s Software Updater, Advanced SystemCare, Driver Booster, Uninstaller, and Smart Defrag. There are also links to install partner products IOtransfer, which manages iPhone data, and Smart Game Booster, which aims to up your frame rate.
No Help From Independent Labs
While I do perform hands-on tests using real malware, I’m always happy to get detailed reports on antivirus capabilities from the big, independent testing labs. Getting good lab scores is important, but even simply showing up in the reports is a plus. When a product appears in a lab’s report, it means the lab felt the product was worth evaluating, and the company felt participating in tests was worth the cost. I follow test scores from four big labs, AV-Comparatives, AV-Test Institute, MRG-Effitas, and SE Labs.
Avira, Norton AntiVirus Plus, Kaspersky, and several others make an appearance in results from all four labs. IObit, like about a third of the antivirus products I track, appears in none of the lab reports.
Each of the four labs uses a different scoring method. I’ve created an algorithm that maps all four onto a 10-point scale to produce an aggregate score. Avira has the best score among products tested by all four labs, 9.8 points. Bitdefender Antivirus Plus beat Avira out with 9.9 points, though its results came only from three labs. That’s clear indication that both products are effective.
Malware Protection From Mediocre to Dismal
With no lab results at all for Malware Fighter, I rely completely on my own hands-on tests. I don’t have the big staff that the labs do, but I can hit each product with real-world malware and analyze its success, or lack of same.
My malware protection test starts when I open a folder containing my current collection of real-world malware samples. As with many antivirus tools, the minimal access that occurs when Windows Explorer displays the list of files proved sufficient to trigger Malware Fighter’s on-access scanning. It detected 85 percent of the samples at this stage, in each case asking whether to remove the threat, leave it but deny access, or whitelist it. I always chose Remove.
For the next stage, I launch each sample that got past the shoot-on-sight initial culling. Malware Fighter caught a few more at this point, bringing its total detection percentage up to 89 percent and scoring 8.8 of 10 possible points. That’s not a great score, though it’s certainly better than the 7.2 points it earned when last tested.
You may note that Avira matched this not-so-great score, and Bitdefender, tested a few months ago, came in even lower. But remember, both of those products raked in excellent marks from the labs. When my results don’t line up, I defer to the labs.
At the top of the list is Webroot SecureAnywhere AntiVirus. Webroot’s unconventional detection methods don’t lend themselves to most lab tests, but it routinely scores high in my own tests. In its most recent test, it managed a perfect 10.
Once I’ve spent the time to gather, curate, and analyze a new set of malware samples, I necessarily use that collection for a good long while. To measure a product’s effectiveness against the most current malware, I use a feed of recent discoveries supplied by London-based testing lab MRG-Effitas. Typically, these malware-hosting URLs are no more than a few days old. I launch each of them, discarding any that have already gone dead. For those still active, I record whether the antivirus diverts the browser from the dangerous site, catches the malware during or just after download, or totally fails to prevent the malware download.
Out of 100 active malware-hosting URLs, Malware Fighter’s Surfing Protection caught precisely none. That’s not a huge surprise, since it detected just four percent last time around. I did notice that while Surfing Protection showed up in Internet Explorer’s list of extensions, it didn’t display a visible toolbar button. Just to be thorough, I repeated the test using Edge, with no change to the results.
Malware Fighter did catch 66 percent of the malware payloads during the download process. However, it actively (and incorrectly) reported the other 34 percent as safe, even ones tagged as malware by as many as 50 other antivirus products.
The URLs for this test are different every time, but they’re always the most recent. Very few products have scored lower than Malware Fighter, and many have scored much better. McAfee, Sophos, and Vipre Antivirus Plus all managed 100 percent protection in their latest tests.
Rather Slow Scan
When you install an antivirus utility, you should always run a full scan at the start, in case the system is already infected. After that, the real-time protection should keep out any new problems. Malware Fighter strongly encourages this initial scan. The status indicator on the main page won’t go green until you take care of that task.
On my standard clean test system, a full scan with Malware Fighter took just short of two hours, close to twice the current average for a first scan. When I repeated the full
scan, it finished in 33 minutes. Enough products optimize subsequent scans that the average for a second scan is 28 minutes. That slow initial scan isn’t a big deal, provided that you allow plenty of time for it.
Phishing Protection Epic Fail
Malware Fighter’s Surfing Protection didn’t block any malicious URLs, and when I last tested the product it didn’t do anything about phishing either. It’s not a matter of not trying; the description of Surfing Protection clearly states that it should fend off phishing pages.
Just what is phishing? Fraudsters create replicas of sensitive websites in hopes that dopes will try to log in. The cleverest frauds capture those login credentials and pass them along to the real site, leaving the victim none the wiser. At this point they own your account. Some folks are clever enough to recognize these frauds, but for everyone else, a little help is in order.
For testing purposes, I gather the newest reported frauds I can find, aiming to include ones that are too new to have been widely blacklisted. I launch each simultaneously in four browsers. The product under test protects a browser instance with its internal phishing protection disabled; the other three use phishing protection built into Chrome, Firefox, and Microsoft Edge.
The last time I tested Malware Fighter against phishing sites, its real-time antivirus kicked in a few times, reporting discoveries with names like “Trojan.HTML.Phishing.NA.” I counted these as successful detections, which brought the program’s score up to a paltry 12 percent. That didn’t happen with the current test. Like Ashampoo Anti-Virus, Malware Fighter scored a big fat zero.
At the other end of the spectrum, Kaspersky Anti-Virus and Trend Micro both managed 100 percent detection in their latest tests. Almost half of recent products scored 90 percent or better. Over my last several reviews, Malware Fighter’s phishing protection score has bounced between zero and barely above zero.
See How We Test Security Software
Porous Ransomware Protection
Like Bitdefender, Trend Micro, and others, Malware Fighter includes a ransomware protection component that can block unauthorized access to your documents, images, and other files. For a sanity check on products that aim to block unauthorized file access, I use a simple-minded fake ransomware program that simply XOR-encrypts all text files in the Documents folder, and a very simple text editor, both of which I wrote myself. Malware Fighter correctly detected both, even blocking the editor’s attempt to read a protected file.
To prepare for testing ransomware protection with real-world ransomware, I first turned off all other protective layers. I couldn’t turn off IObit’s own antivirus engine, but disabling the Bitdefender engine proved sufficient to keep real-time protection from wiping out my ransomware samples. I launched a dozen ransomware samples, one at a time, and noted the product’s reaction.
Malware Fighter didn’t react at all to screen-locker ransomware and whole-disk encrypting ransomware. That makes sense; its anti-ransomware component specifically aims to prevent encryption of your important files. Two of the file-encrypting samples didn’t take any action, and hence weren’t detected.
Ransomware protection kicked in for four of the remaining eight, and successfully defended against one of them, though the ransomware did encrypt a few files before succumbing. The other three managed to encrypt the contents of the Documents folder and more, despite Malware Fighter’s efforts. And the remaining four, the ones whose file activity wasn’t detected, simply proceeded to encrypt files and demand ransom, without any attempt at defense by the antivirus.
In my ransomware protection testing, I’ve encountered products that fail when ransomware launches at startup. I tested that possibility using the one sample that Malware Fighter fought off successfully. I configured that sample to launch at startup and rebooted the test system. It apparently did its dirty deeds before Malware Fighter woke up, meaning my documents got encrypted without a peep from the antivirus.
It’s clear that Malware Fighter is trying to keep files safe. Throughout my testing, I had to repeatedly tell it not to block my hand-coded analysis tools from accessing their own files. But when confronted with actual, sneaky ransomware, it just didn’t do well.
Bonus Features
Malware Fighter includes quite a few bonus features, many of which turn up on the Browser Protect page. It prevents unauthorized changes to your home page, search engine, and DNS settings, for example. While Surfing Protection didn’t block any malicious or fraudulent sites in my testing, it does mark up search results to show safe and dangerous links. You can also configure the product to protect web-based email and block ads.
The Anti-Tracking feature isn’t the same as the active tracker blocking found in Avast Free Antivirus and others. Rather, it deletes tracking cookies any time you close the browser. And the Plugin / Toolbar Cleaner is just a pitch to install IObit Uninstaller.
On the Security Guard page, you can enable or disable eight distinct types of protection, plus the Bitdefender antivirus engine. Don’t even think about turning off Bitdefender, though! File Guard checks files on access, USB Disk Guard scans any USB drives you mount, and Startup Guard forbids programs from setting themselves to install at startup without your permissions.
In a nod to spyware protection, Camera Guard warns you any time an unknown program tries to peek at you through your webcam. Actual viruses are uncommon these days, and disk-infecting Master Boot Record viruses even more so, but the MBR Guard adds a layer of protection against MBR viruses.
A few of the security guard components are harder to understand. A behavior-based detection component watches for Malicious Action, which makes sense. But Network Guard claims to block dangerous web pages; doesn’t Surfing Protection do that? Process Guard checks for malicious processes, something I would have thought real-time protection would handle.
At first glance, I expected the Safe Box feature to represent an encrypted container of some kind, like the vault feature in many security suites. That’s not quite what it is. Putting a file “in” the Safe Box doesn’t move it. Rather, it hides the from Windows Explorer and prevents both read access and write access. You can disable any of those three options, for example leaving Safe Box files visible and readable but banning changes. I don’t know why you’d do that.
You can opt not to password-protect the Safe Box, and if you forget your password, Malware Fighter simply emails you a new one in plain text. That’s a clear security fail. Other products do a much better job of protecting your important files.
Improved, Still Ineffective
IObit Malware Fighter Pro boasts a snappy-looking user interface, but its malware-fighting abilities just aren’t up to snuff. No labs certify its abilities, and it earned a mediocre score in our malware protection test. Its detection of malicious and fraudulent websites totally whiffed, batting zero. And while it includes a ransomware protection component, that component proved only marginally successful in testing. This editio
n scored better in in our malware protection test than the previous edition. It also didn’t exhibit the odd behavior where one component declared a download safe while another flagged it as malware. Even so, it’s not a product we’d recommend.
Bitdefender Antivirus Plus and Webroot SecureAnywhere AntiVirus cost the same as Malware Fighter and bring vastly more value. Kaspersky Anti-Virus costs $59.99, but that gets you three licenses, and it, too, exhibits abilities way beyond those of Malware Fighter. For the same price as Kaspersky, McAfee Antivirus Plus lets you protect every device in your household. With these impressive Editors’ Choice products available, there’s no reason to spend your money on Malware Fighter.
IObit Malware Fighter Pro Specs
On-Demand Malware Scan | Yes |
On-Access Malware Scan | Yes |
Website Rating | Yes |
Malicious URL Blocking | Yes |
Phishing Protection | Yes |
Behavior-Based Detection | Yes |
Vulnerability Scan | No |
Firewall | No |