Isn't the general advice that if malware has been installed specifically due to physical access, then the entire machine should be considered permanently compromised? That is to say, if someone has access to your unlocked machine, I've heard that it's way too late for MalwareBytes to be reliable....