Antivirus Guide

A Complete Guide to Antivirus Protection & Internet Security in 2023

All of our content is written by humans, not robots. Learn More
Aliza Vigderman
Gabe TurnerChief Editor
Last Updated Nov 21, 2022
By Aliza Vigderman & Gabe Turner on Nov 21, 2022

Since we’re all hopelessly addicted to technology, no one wants a virus on any of their devices, be it a smart TV, laptop, smartphone, and more. Antivirus software, while it’s not 100 percent effective, is a smart way to guard against not only viruses but also malware, spoofing, and other cyber threats. However, many people don’t know where to start when it comes to antivirus software. That’s where we come in, giving you the information you need to decide which antivirus software is right for you. But first, let’s take it back to basics.

What Is Antivirus Protection?

In a nutshell, antivirus protection is software that preventatively detects, neutralizes then gets rid of malware. Using a regularly updated database of malware and viruses, it runs scans comparing a device’s files to the files in their database. It also scans the device for any suspicious behaviors that could indicate malware, which allows the software to detect malware even if it’s not already in the database. Again, no antivirus protection is 100 percent foolproof, but with up-to-date databases and behavior-based detection, the best antivirus software is your best bet against cyber attacks. Learn more about whether you still need antivirus, in particular whether Chromebooks need antivirus, whether Windows 10 has built-in antivirus, whether Macs need antivirus, and whether iPads need antivirus.

Antivirus Software Features

Now that you have an idea of what antivirus protection is, let’s break down exactly how antivirus works and what it scans for.

What Does Antivirus Software Scan For?

Antivirus software scans for a few things both on-demand and on-access. While an on-access scanner, or OAS, runs in the background of your device, an on-demand scanner, or ODS, only scans when you “demand” a scan manually or schedule scans in advance. But what exactly is the software scanning for, in the first place?

  • Malware: Malware is an umbrella term that covers a number of different types of cyber threats, including ransomware, adware, and spyware. At its core, though, malware is designed to access people’s devices without their consent or awareness. Once they’ve gained access, malware is used to steal people’s personally identifiable information, which can be used for identity theft, or simply to mess with their settings. Malware can be in the form of computer worms, which are programs that duplicate themselves throughout a network to collapse it. Computer works can exist in email messages or attachments, which is why you should never click on unknown emails. There’s also trojan viruses, malware that’s disguised as legitimate software, just like the Trojan horse, that lets hackers access and control devices, so antivirus can stop hackers. From there, the different types of malware break down as follows:
  • Spyware: Spyware refers to programs that infect devices and collect the user’s information, like their bank and credit card information, names, and more. One type of spyware is keyloggers, which record keystrokes to steal credentials.
  • Ransomware: People aren’t the only things that can be held ransom; devices can be held ransom, as well, if hackers hijack into a computer and block access until a ransom is paid.1
  • Adware: Adware hides on devices and shows the user advertisements as well as monitors their online behavior. This helps brands create targeted advertisements based on what the user searches for. Here are steps to remove adware, if need be.
  • Scams: Scams can occur in many forms, be it text, apps, online messages, emails, websites and more. They can come in the form of unsolicited commercial or bulk email, known as UCE or UBE, commonly referred to as junk mail. And here’s a hint: most reputable services will not spam their customers with this sort of junk mail. Here are two other types of spam:

    • Phishing: In a nutshell, phishing is a form of email fraud that occurs when emails contain malicious attachments to dangerous websites or downloads.2
    • Pharming: Pharming is similar to phishing in that it involves fake websites and malicious code. However, rather than contacting users via email, pharming occurs when that malicious code is inserted directly onto a computer or server, bringing users to fake websites without them clicking anything.
  • Spoofing: Spoofing happens when a person pretends to be someone else to get a user’s credentials so they can access their systems, steal information and spread malware. This can be done through email, websites, texts, GPS, and other methods.
  • Remote access attacks: Next to last, remote access attacks are malicious actions that target either one or an entire network of computers. Rather than affecting the computers themselves, these attacks find the machine’s vulnerable points to view and steal data, introduce malware and viruses, and more.
  • Viruses: Finally, a virus is any malicious code or program that attaches itself to legitimate files or programs and corrupts data, harming the software itself.

Note: Remote access attacks are also known as remote exploit attacks.

How Antivirus Software Prevents Cyber Threats

Now that you know everything to be concerned about when it comes to cyber threats, here’s exactly how antivirus software can stop them from happening in the first place.

  • Reactive file scanning: Before you open any new file, antivirus software scans it against a database of known malware.
  • Complete system scans: On top of that, the software will also scan entire devices for compromised data, although this process takes much longer than scanning individual files.
  • Web browsing protection: Files aren’t the only things that can contain viruses. The best antivirus software will also scan URLs and web pages for potential risks.
  • Real-time prevention: Not only will antivirus software scan for threats on-demand, but it’ll also do so automatically and constantly to prevent malware from taking shape.
  • Rapid infection and threat removal: If the antivirus software finds malware, it’ll quarantine the malicious files in a safe folder, letting the user review them manually.
  • Threat detection rates: When it comes to antivirus software, the chance of it detecting threats is entirely dependent on its database. Each company maintains its own database of malware, which they update constantly, known as a known-threat database. The detection rate is how accurate the software labels clean files versus potential threats, taking into consideration false positives and false negatives. Companies like AV-TEST, NSS Labs and A.V Comparatives are independent and verified labs that can vouch for these rates, as they test antivirus software on multiple devices and operating systems.

How Antivirus Software Detects Cyber Threats

We know that antivirus software uses a database of malware to look out for your device, but just how does it detect threats?

  • Behavior-based detection: These days, most antivirus software uses behavior-based detection in addition to signature analysis, which we detailed below. Behavior-based detection looks for code that can make changes to devices without permission, or anything that seems suspicious. Unlike signature analysis, behavior-based detection doesn’t rely solely on a database of known malware but can also detect new malware.
  • Signature analysis: Signature analysis, in comparison, compares the signature or “fingerprint” of threats to their malware databases. However, if the threat isn’t already in the database, then signature analysis cannot detect it on their own, which is why so many softwares have switched to a behavior-based method.
  • Heuristic-based scanning: This type of scanning detects something called “polymorphic viruses,” essentially malware with code that changes to avoid detection.
    Machine learning: In order to identify threats, machine learning processes files’ data to detect patterns using computing power.
  • In-memory scanning: In-memory scanning just means that potential threats are examined after they’re already on a computer or device.
  • Sandboxing: Finally, sandboxing, otherwise known as quarantining, means segregating suspicious files in a safe part of an operating system so that they can’t attack the rest of the device.

If you have a virus, learn how to get rid of a virus on Android or how to get rid of a virus on a PC.

Antivirus Software Extras

Along with the main features of antivirus software, many companies bundle this software with other services, including VPNs, identity theft protection, parental controls and more. However, you may have to pay more, if the antivirus software is available on its own.

  • Parental controls: Parental controls typically let parents control what their children are seeing online, what they can search, and how much they’re using certain devices.
  • Firewalls or network protection: Firewalls scan not only devices for threats, but also their entire networks; these are usually bundled with antivirus software for free, although sometimes they’re included only in more advanced packages. In essence, network protection scans your network for devices and alerts you of any potential invasions.3
  • Secure browser: Secure browsers differ from software to software, but at the minimum, they’ll make sure that you don’t go to any malicious websites or click on malicious attachments.
  • Password manager: Password managers will store all of your usernames and passwords in an encrypted vault. They will also perform a password audit and generate new passwords for any that are old, weak or repeated.

Pro Tip: Is your password good enough to truly protect your account? Use our free password strength checker to find out.

  • Encrypted cloud storage: Some packages include a finite amount of encrypted cloud storage for any type of file that contains sensitive information.
  • System performance optimization: In order to boost your browsing speed and keep all of your programs up to date, some software offers optimization tools, although we generally believe that these are unnecessary to pay extra for. Instead, set your preferences to update software automatically, and manually clean out your files to clear up some space.
  • Identity theft protection: Some software also offers identity theft protection, software that will scan key criminal and financial areas for your credentials. Sometimes, this program also includes identity theft insurance.
  • VPN: Last but not least, VPNs are Virtual Private Networks that hide devices’ private IP addresses and encrypt their web activity, making them less susceptible to hacking. Learn more in our best VPN review.

Antivirus Software Pricing

Most antivirus companies charge for their software. The cost of antivirus depends on the software’s features, the number of devices it covers, and the length of your subscription. Based on what we’ve seen, annual subscriptions cost around $50, or roughly $4 per month. However, there are also companies that offer free antivirus software. Check out our list of the best free antivirus to learn more about their features, limitations, and whether or not a free antivirus software will work for you.

Antivirus reviews Antivirus pricing pages Cost of monthly plan Monthly cost with annual plan Monthly cost with two-year plan Monthly cost for three-year plan
Malwarebytes review Malwarebytes pricing N/A $3.33 for one device, $6.67 for five devices $2.92 for one device, $5.83 for five devices N/A
AVG antivirus review AVG pricing N/A $3.33 for one device, $6.49 for 10 devices N/A N/A
Norton antivirus review Norton pricing N/A $1.67 to $8.33 per device N/A N/A
Vipre antivirus review Vipre pricing N/A $2.92 for one device, $5.83 for 10 devices $2.92 for one device, $5.83 for five devices $2.92 for one device, $5.83 for five devices
Bitdefender antivirus review Bitdefender pricing N/A $3.75 for five devices, $4.17 for 10 devices $3.75 for five devices, $4.25 for 10 devices $3.33 for five devices, $3.83 for 10 devices
Trend Micro review Trend Micro pricing $4.99 for iOS devices only $3.33 for five devices, $5.83 for 10 devices $1.33 for iOS, $2.08 for Android N/A
Webroot review Webroot pricing N/A $3.75 for three devices, $5.83 for five devices $4.17 for three devices, $4.58 for five devices $3.89 for three devices, $4.44 for five devices
Avast antivirus review Avast pricing N/A $3.33 for one device, $4.17 for 10 devices N/A N/A
ESET review ESET pricing N/A $4.17 for one device, $7.50 for five devices $3.33 for one device, $5.83 for five devices $3.05 for one device, $5.28 for five devices
McAfee review McAfee pricing N/A $2.92 for five devices, $3.33 for 10 devices $1.25 for 10 devices N/A
Kaspersky review Kaspersky pricing N/A $3.33 for three devices, $3.75 for five devices $3.33 for one device, $3.75 for five devices $3.33 for one device, $3.75 for five devices

How We Test Antivirus Software

In order to protect your computer from viruses, you want antivirus software, but you can’t test it out without compromising your device…right? Exactly. That’s why we test out antivirus software not only for its general usability and features, but also for its ability to detect malware and viruses.

  • Malware: To see how well the software detected malware, we use test results from AV-TEST, which displays results for the most “widespread and prevalent” malware in terms of a percentage detected.
  • Viruses: We test out the virus detection ourselves using five different file types that contain viruses, which we download but do not open. Then, we run the software’s full device scan to see how many of the viruses it detected, which we compare to the results of over 40 other softwares.


While antivirus software can appear intimidating and confusing, it’s actually a lot less complicated than you probably make it out to be (and our antivirus how to pages can help you along the way). Plus, once you download the software and turn on automatic scans, there’s very little work that you’ll have to do in terms of upkeep, making antivirus software fall into the “set it and forget it” variety of services. As long as you don’t turn off antivirus, you’ll be protected.

Frequently Asked Questions

Still have some important questions regarding antivirus software in general? We’re happy to answer your questions.

  • What is the best free antivirus?

    The best free antivirus software is AVG. Its free plan covers one Mac and detects spyware, ransomware, malware, viruses, and unsafe downloads, attachments and links. It also scans networks for threats.

  • Is it worth paying for virus protection?

    It is worth paying for virus protection if you want coverage on all of your devices and detection for things like phishing. Usually, free subscriptions have some limits compared to paid versions, such as on the amount of devices connected or the types of threats detected.

  • What is the best antivirus for Windows 10?

    The best antivirus software for Windows 10 is Trend Micro, which costs either $29.95 for one year or $59.90 for two years. The software scans your device for malicious behaviors and has a firewall booster as well.

  • Does Windows 10 come with virus protection?

    Windows 10 does come with virus protection in the form of Windows Security Microsoft Defender Antivirus, built into their devices from the start .The software scans your computer for malware, security threats and viruses and updates itself automatically with the latest threat prevention. However, if you want to use a different antivirus software, Microsoft Defender Antivirus will be shut down automatically.

  1. BBVA. (2019). Antivirus software guide: what are they for and how to use them.

  2. Indiana University. (2020). About spam.

  3. Kaspersky. (2020). What to Look for In an Antivirus Software: Choosing Protection for an Android, Mac or Windows System.