How to choose an antivirus app for Windows and Mac

You need PC protection, but should you choose free or paid, and what do you need besides antivirus? Here's what to look for in security software.

Some argue that you don't need antivirus software if you just stay away from sketchy websites and email attachments. Unfortunately, there's a large cottage industry dedicated to deceiving people into inviting malware onto their computers. Think of antivirus software as your digital seatbelt: You don't strictly need it most of the time, but if you ever do, it can really save your bacon. And usually it has a negligible impact on your computer's performance. Here's how to evaluate your Windows antivirus options and find the right app for you.

Free or paid?

You may wonder why products like Norton, McAfee, or Kaspersky ask you to pay $25 to $75 for an annual subscription when it looks like you can a pretty good antivirus app for free. Well, that money usually pays for better protection, judging by the independent tests run by AV-Test and AV-Comparatives. The paid versions tend to scan faster, produce more accurate findings, and have a lower impact on system performance.

The quality gap between free and paid apps is not large, but if you shop around, you can pick up a year's subscription for $20 or less. We found McAfee 2016 Total Protection on Amazon for $19.99, and it will protect all your compatible devices (although the iOS version doesn't scan for viruses, because Apple doesn't give app developers that much access to the OS). That's less than $2 per month, and you don't have to juggle device licensing.

Also, security isn't just about infected files. Malware comes in many flavors, from adware to phishing scams, and antivirus apps vary in what they defend against. For example, the major antimalware vendors maintain databases of website URLs that are flagged as suspect or hostile. These databases take time and money to maintain, so you don't usually get phishing protection in the free version of the app.

Also, it's hard to develop a scanning engine that recognizes new malware that does not yet have an official fingerprint, or that can correctly conclude that a location is not infected -- false alarms can cause unneeded stress and costly downtime. An engine with a high level of detection intelligence is expensive. So you might think of the difference between a free antivirus suite and a paid one as being like the difference between a lap belt in your car and a five-point harness: Both will spare you from serious injury most of the time, but the second one will clearly do better in a worst-case scenario.

All the major security software publishers offer trial versions of their software, so you can test-drive them yourself to decide what you need and what you don't.


Updating your OS and your software is one of the best defenses against malware. You need to keep your security app current to make sure you have the latest virus definitions.

To make that easier, security publishers are increasingly switching to rolling releases rather than annual releases of their software. You no longer need to buy a new version every year, nor do you have to wait for major new features. As long as you have a subscription, you will always get the latest version. There's no "last year's model" that you unknowingly buy right before the better one comes out. Even free antivirus software has been transitioning to rolling releases lately.


Is the app transparent about information it may collect about you? Some antimalware suites record user data and send it to the software publisher. For example, Norton's Community Watch feature uses "information on running processes, visited URLs, or general system information from your computer when Norton detects a possible risk." This data is anonymized to protect your privacy, but if you don't want to send any info at all, you can disable the feature in the administrative settings. Leaving Community Watch enabled gives researchers more information for identifying new malware and figuring out ways to stop it before it becomes a widespread problem.


How secure is the antivirus software itself? A feature we don't see often enough is the ability to password-protect the app. This can prevent other people from fiddling with your settings, but it also confirms that you really want to shut down or uninstall the software. A lot of malware attempts to disable your protection, and passwords throw up a roadblock. Norton and McAfee suites normally have this feature, but it isn't enabled by default.

Also, you may occasionally need to pause malware detection to install other software. Applications that need low-level access to your operating system can get blocked by your antimalware software, which recognizes suspicious behavior as well as suspicious files. Perhaps ironically, installing a new antivirus app is likely to make your current antivirus app throw up a red flag. Unrecognized files with an EXE file extension may get outright deleted by your antimalware suite if you attempt to open them. Some antimalware apps have only an on-off toggle for pausing detection, but the more premium suites like Kaspersky, Norton, and McAfee give you more options, such as automatically turning themselves back on after a set amount of time, in case you forget.


Does the app speak to you in plain English or industry jargon? As a rule, antivirus software is "set it and forget it": You install the app, and it works in the background. If you want to customize your scans, the app should explain its settings in layman's terms. Pretty much every antimalware app seems to dump some of its documentation on the Web. There are pros and cons to this approach: It keeps the user interface lean and means that you can browse explanations without having to install the software; however, you can't access the info if you've been knocked offline.

More Resources's Security and Antivirus Center

What to do if your computer has a virus

A guide to Windows 10 security settings

About Tom McNamara

Tom is the senior editor covering Windows at