What is Antivirus software? Getting started with PC security
As our lives become more and more digital, keeping our information and devices secure has become more important than ever. And that starts with good security software. An antivirus program is a piece of software that keeps your computer (or phone, tablet, etc.) safe from other software that tries to attack it. This includes detecting and blocking viruses, a very specific type of program, but also a wide variety of other digital threats.
PCWorld is constantly covering the latest news in viruses and other threats, and how to defend against them. For the best antivirus software in 2023, be sure to check out our extensive roundup of the best antivirus programs.
What is a computer virus?
To understand what antivirus software does, you need to know what a computer virus is. “Virus” in this context has a broad definition, but to put it simply, it’s a program that gets installed on your computer, then automatically spreads itself to other computers across a network or the internet, mimicking the spread of a biological virus spreading through an organism’s cells.
What precisely a virus does depends on the specific virus, but it’s never good. In the early days of personal computers, a lot of viruses were designed merely to damage your computer for the sake of pure mischief. The famous “ILOVEYOU” virus spread through email downloads and merely overwrote files on the hard drive with junk data, until the computer became unstable and had to be completely wiped.
Then there are viruses designed to take remote control of your computer, often without you realizing it, in order to create a secret network called a “botnet.” Botnets like MyDoom can be used to spread spam or scams, or attack other computers with distributed traffic designed to shut down web services.
Dominik Tomaszewski / Foundry
But the most insidious and personally dangerous type of virus, and the more common one in the modern world, is designed to steal from users themselves. This can be done several ways. A “spyware” or “spybot” program searches the files on your computer for your personal information like login passwords or bank accounts, while “ransomware” locks down your files and instructs you to send money to criminals to get them back. Often these will be sent as emails or websites pretending to be something they’re not, like a crucial software update you need to click on, a process called “phishing.”
In these cases, the self-replicating viral factor might not even be present, so the software isn’t even technically a virus. Other terms, like “worm,” “trojan” (as in the Trojan Horse) or the more all-encompassing “malware” might be more accurate.
What is antivirus software?
The types of threat are wide and varied, but antivirus software is designed to detect and stop them all. These security packages might be called simply “antivirus,” but also a “protection suite,” or just “defender.” Regardless, they all use a few straightforward methods to identify, contain, and neutralize viruses and other kinds of malware before it can infect your system. Antivirus software also continuously scans both your computer and your network traffic to identify threats. Currently, our top pick for an all-encompassing security package is Norton 360 Deluxe.
What does antivirus software do?
The most straightforward way an antivirus program can protect against viruses is by scanning your files. The antivirus software taps into a huge database of known viruses, trojans, and other kinds of malware—thousands and thousands of different kinds, constantly being updated—and searches for them on the files in your computer. The antivirus program even scans new files that you download immediately, including installable programs that might hide viruses behind other programs like games or tools.
When the antivirus program finds a file that it’s identified as malware, it immediately isolates the file from the rest of your computer and prevents it from running any operations that might affect other files or programs. With the threat isolated, it then thoroughly deletes the dangerous files. Usually it will display some kind of alert letting you know that it’s found and neutralized the danger.
This method of protection has proven to be extremely effective, but it’s not perfect. A virus or a piece of malware has to be identified before it can be added to the detection database… which means that for at least some amount of time, it has to be active “in the wild” of the internet before the database gets updated. That’s a good reason to practice basic computer security at all times, for example, not downloading unknown programs or opening email attachments from untrusted sources.
What’s the difference between antivirus and a firewall?
Antivirus software primarily scans your computer’s files and programs. A firewall is a piece of software that directly scans traffic going in and out of your computer on both your local network and the internet. This is important for your security, because firewalls can be used to block malicious data from coming in or going out. This can be used to prevent a program from sending your personal information out, or prevent a program from outside your computer’s network from controlling it remotely.
Some antivirus software includes at least some kind of basic firewall functionality to supplement its file and program scanning tools. For example, Windows Defender, a standard antivirus checker, and Defender Firewall, are both part of the built-in Windows Security system. Bundled firewalls are enough for basic security for most users, while dedicated firewall software (or even more advanced hardware-based firewalls) are generally for large corporations or organizations, requiring dedicated management by security professionals.
Are there any computers that don’t need antivirus?
If you have a Windows desktop or laptop that’s connected to the internet, you need an antivirus program. Personal computers have been connecting to the internet for over 50 years at this point, and viruses and other malware designed to infect them have been spreading for just as long. Browsing the web without some kind of protection in place is kind of like swimming in sewage: sooner or later, you’re going to get an infection.
Fortunately, Windows PCs have built-in protection in the form of Windows Security, a basic antivirus and firewall suite that’s included free with the operating system. So, as long as you can keep that updated (which it does automatically through Windows Update), you’re covered at the basic level. But what about other devices that connect to the internet, like your phone, tablet, your smart TV, or even connected devices like your security cameras or smart lights?
Dominik Tomaszewski / Foundry
Smartphones have become so ubiquitous that, yes, there are viruses and malware out there designed to infect them. They’re especially tempting for criminals because so much personal information is stored on them. But unlike desktops and laptops, iOS and (most) Android phones can’t download just any program out there, they have to go to the “official” Apple App Store or Google Play Store to get apps and games.
Apple and Google control the security for these programs on the server end. It’s not a perfect system — viruses, spyware, and malware have gotten through their detection filters before. But for the vast majority of users, this basic level of protection is enough that they don’t need to run extra anti-virus software.
Android phones are a bit of a special case here. Unlike iPhones, most Android devices can install programs that haven’t been pre-approved by Google in a process called side-loading. This is similar to installing a third-party program on Windows. And just like Windows, you need to be careful that you trust the source of the download if you install this software. Even here, Google has implemented a system called Play Protect that performs basic antivirus and anti-malware scanning for all apps, even those that are sideloaded. If you want even more protection, it’s available.
The same general principle applies to any device that gets its content and apps from managed sources, and doesn’t include open-ended access to the web, like smart TVs, e-readers, smart watches, et cetera. So long as the company managing the content keeps an eye on it, you really don’t have to worry about viruses made specifically for those devices, especially since there’s not much personal information at stake. That’s not a universal rule—it’s possible for almost any connected device to be compromised—but these gadgets are much lower priorities for malefactors.
Is Windows Defender a good antivirus solution?
The default security settings that came with Windows weren’t always up to snuff. Twenty years ago, you’d be called reckless for running Windows without any kind of add-on security software. But Microsoft has made a dedicated and admirable effort to make Windows much safer without needing any extras, paid or otherwise. So the simple answer is, yes, Windows Defender is pretty great.
The antivirus scanner built into Windows is constantly updated with the latest threat detection, and said updates are baked right into Windows itself. Most of the time you won’t even notice it running in the background, unless it directly detects and neutralizes a threat. Ditto for the basic built-in firewall in Windows Security: Aside from the occasional tweak necessary to grant network access to third-party apps and games, you’ll probably forget it’s there.
If you’re running Windows and you don’t have any cash to spare for more robust security, relax. You’ll still be fine as long as you keep your computer updated through Windows Update, and don’t go seeking out especially sketchy software.
Is Norton 360 a good antivirus solution?
Norton is a great choice if your store important or sensitive data on your PC, or you share it with other users who may not have the best judgment. In addition to standard file scanning, the subscription includes access to a VPN, dark web monitoring to alert you when your accounts have been compromised, free cloud storage, and a password monitor. It’s pricey, but a good choice for a “total package” security solution for up to five devices.
Avast has been in the game for a long time, and it remains a solid choice that’s less expensive than Norton. It doesn’t have all of the same features, but its resource hit is lighter, and it’s cheaper if you need to secure a ton of devices (up to 30 at the highest tier) at once. It’s a great choice if you need anti-virus and other security features on a PC that has to run hot, like a gaming or media production desktop.
AVG used to be a go-to pick for antivirus, because the basic version was free. That’s no longer the case—again, if you need a free solution, Windows Defender will suffice. But it remains a popular choice thanks to a much-improved interface and frequent virus scanner updates. It does offer notably fewer options than the choices above, at a price that isn’t that competitive.
Frankly, it’s not a great choice if you know what you’re doing in terms of advanced PC maintenance. Trend Micro Maximum Security is functional and very user-friendly, making it a good choice for those who are less than tech-savvy. But its more advanced features are both less robust and less reliable than the competition, and it doesn’t offer much of a price advantage.
McAfee is one of the oldest names in PC security…and boy, do they know it. The software is among the most expensive on the market on a per-device basis. While it offers some unique features like the “file shredder” secure delete and home network analyzer, it’s hard to recommend for anyone on a budget.