How effective is free antivirus software? I had a chance to see a real, in-the-wild example just this month, and the results were, to put it mildly, unexpected. The bottom line? Microsoft’s free antivirus solution found and removed a threat that two well-known paid products missed. Here are the details. [Update: After I publlished this post, a second example appeared, courtesy of a rogue commenter in the Talkback section. See the results at the end of this post.]
I’ve had Microsoft Security Essentials (MSE) installed on my main working PC for most of the past year. Mostly, I use it for real-time protection. I typically disable the scheduled virus scans on my PCs and instead occasionally do a manual scan just to confirm that nothing out of the ordinary has snuck through. Last month I decided to perform a scan using the Full option. Because I have 2.5 terabytes of hard disk space, with roughly 40% of it in use, I knew the scan would take a long time. So I scheduled it to run while I was out running errands.
When I came back, here’s a snippet of what I found:
MSE had detected several files files that it considered malicious. One was a rigged PDF file (not shown here). The other was a single file in the Java cache folder on this system that contained three separate exploits. Using the information in the MSE history pane, I found the file and uploaded it to Virustotal.com
, which is a free service that allows you to scan a suspicious file using 43 separate antivirus engines. The file, identified by a unique hash, had already been analyzed, so I got the results immediately: