It's free for a reason...
Start by opening up your favorite browser, in my case Mozilla's Firefox. Next, open up a window to the Google and perform a search for free antivirus. Then, look through the almost endless list of software providers and count how many company names you recognize. Names that will almost certainly stick out like Norton, AVG, and PCTools show up on the first page of results. The rest of the results displayed are almost entirely overshadowed by just these first few results, but what about other big names like ESET's NOD or McAfee? If you followed the steps in the beginning of this article you will remember our search criteria were for "free antivirus".
Notably our results directly reflect those search parameters, even if some free antivirus offerings are absent like Microsoft's Security Essentials. The results are clear and at this point it would be good to ask what are you really getting for free, and will this product cover all your needs or leave you and your system with a false sense of security?
The act of careless clicking while surfing the web will leave you and your system in a world of hurt. In our case we've taken some extra steps to ensure we not only get infected, but we control what viruses we test each software application with. In our case we used 2 widely encountered trojans: Tojan.Downloader:JS, and Trojan.AutoIt:AdClicker. These two viruses along with a few more generic distros made for some interesting results in our lab tests. The applications tested consisted of: AVG Free, Avast, BitDefender Free, Microsoft Security Essentials, and Malware Bytes which acted as the control in this experiment.
The first to be tested was AVG Free edition. While the anti-virus was operating I installed the first two viri** and proceeded to check AVG to see if any detection occurred. No detection was made, and the viri were already running in the background wreaking havoc. Continuing with the test, I then ran a full system scan. AVG Free found seven infections. It detailed the two executables originally infected and all local infected installments. One file was healed and the other six remained on the system, until I deleted them through AVG. So, from this first trial you should examine that AVG Free was able to detect the infection and the infected files where the viri originated from.
Avast, our second application of interest was installed after AVG Free was removed. Again, I proceeded to install the viri after my installation of Avast was operational and once again the Antivirus solution did nothing to warn me of my infection. Next, I ran a full system scan. Avast returned one result and removed it. It should also be noted that Avast never found the original infected executables, so if I so choose to I could re-infect my machine with the same faulty executable files.
BitDefender Free was next on up on the digital chopping block. Not only did BitDefender Free not detect the operational viri but detected no infection during its full and deep system scans. Immediately after these scans BitDefender became infected and lost its ability to fully scan the system. After the anti-virus became corrupted I proceeded to scan the folder holding the infected executables. BitDefender free found one object, and deleted it automatically. It should be noted that BitDefender performed an update, and after system restart became corrupt. This is no excuse though, and Bitdefender was given no extra leniency in our trials. Whether or not it failed because of the update is irrelevant and took place after the initial scans which returned zero results.
For kicks I decided to test PC Tools Antivirus Free solution. PC Tools Antivirus Free edition was up dated and running before I released the viruses. This offered little support to the application which failed on every level. Having neither a real-time scanner nor any detection during a full system scan it seemed pretty clear that this tool is as stripped down as they come.
Finally, Microsoft Security Essentials was put to the test. Microsoft Security Essentials, a free Antivirus, spyware, and other malicious software solution were released in 2009. Security Essentials is notably easy to use with its tab-pane system and automatically updates. A feature not offered in BitDefender free or PC Tools free editions. So, how did Microsoft's software perform? After Security Essentials installed, was completely updated, and running, the fun began. As soon as I introduced the executables to the system it detected the infection before ever launching the viri. After launching the viri it then proceeded to detect the infected executables as before, and the new infection sites. To be nitpicky it didn't detect the loads of tracking cookies on the system but then those things won't cause a million pop ups to occur or steal your financial data, but if you care about those things just set your temp folder to a couple megabytes in size or disabled entirely. Microsoft's Anti-malware solution hit the mark, with its quick response, infection notifications, and quick system scans. I did find that it took a bit longer to remove a file in its repair/move/remove process but in this case it seemed like the application was actually working and not just bogged down by an outside operation or process.
In these tests it should be noted that every Antivirus solution except PC Tools and BitDefender has a real-time scanner process of some sort, which can make most of the results found in these trials quite disconcerting. The winner clearly goes to Microsoft Security Essentials in our internal lab tests, but AVG took a close second, if only for its ability to produce infected results.
Again, the question remains what are you really getting in a free anti-virus solution? That answer can be found in my "Part 2" of this article :)
**Viri - Meaning more than one virus.
