Not everyone has to maintain security for a host of PCs and other devices. For some, an antivirus that protects just one PC is both necessary and sufficient. If that’s your situation, McAfee AntiVirus might be just what you need. A license protects precisely one PC, and it gets excellent scores in both independent lab tests and our own hands-on tests. If this licensing style is too limiting, consider McAfee+, a cross-platform suite with unlimited licenses. And before making the choice for your singular PC, have a look at our Editors’ Choice winners, Bitdefender Antivirus Plus and Norton AntiVirus Plus. Both earn top scores in independent lab tests, and both offer a wealth of bonus features.
Don’t go looking for this antivirus on McAfee’s website. McAfee strongly encourages new customers to enter at the suite level, choosing either McAfee Total Protection for a fixed number of licenses or the unlimited-device subscription to McAfee+. At its higher pricing tiers, McAfee+ also comes with a comprehensive identity theft service.
If you want to purchase McAfee AntiVirus, you’ll need to visit a McAfee partner such as Amazon and Best Buy, where it lists for $49.99 per year. That’s the same as Bitdefender’s one-device price (you can read a full comparison between McAfee and Bitdefender here). Most antivirus utilities charge less for a one-license yearly subscription. For example, Emsisoft Anti-Malware, ESET NOD32 Antivirus, Trend Micro Antivirus+ Security, and ZoneAlarm Pro Antivirus + Firewall all go for just under $40.
That’s it for McAfee’s pricing scheme. If you want to protect three computers, you buy three licenses—or you switch to a McAfee suite. This is an uncommon model, though Trend Micro and Webroot Essentials work the same way. Most antivirus companies offer volume discounts for three, five, 10, or even more licenses. The average per-device price for a three-license subscription is about $18, less than half the one-device average. At five licenses, the average drops to $13, and at 10 licenses, it’s less than $10.
Similar Products
Webroot Essentials
When it was available, McAfee AntiVirus Plus cost users $64.99 per year to protect all the devices in their households. Since it has left the market, the only unlimited-license antiviruses I cover are Panda Dome Essential and TotalAV Antivirus Pro, which cost $119.99 and $198, respectively. Every time you install one of these on another device, you lower their per-device price.
Of course, with a free antivirus like AVG AntiVirus Free, you effectively have unlimited licenses. Avast One Basic, a stripped-down version of Avast One Gold, also costs nothing and protects all four popular platforms. These two are our Editors’ Choice winners in the free antivirus realm.
To install McAfee, you first go online and activate your license key. If you configure your account for automatic renewal, you get a Virus Protection Pledge from McAfee. That means if any malware gets past the antivirus, McAfee experts promise to remotely remediate the problem, a service that normally costs $89.95. In the unlikely event the experts can't clear out the malware, the company refunds your purchase price. Norton AntiVirus offers a similar promise (you can read our full comparison between Norton and McAfee here), as does ZoneAlarm Extreme Security.
With that housekeeping out of the way, it's time to download and install the antivirus. I was pleased to find that the installer did its job quickly and didn't require handholding from me. I did accept its offer to install the essential Web Protection in my default browser; you should too! Once installation is complete, the antivirus starts protecting you right away.
A large panel at the top left of the main window offers suggested actions, much like the recommendations from Bitdefender’s AutoPilot system. To the right, a smaller panel reports the on/off status of the antivirus and firewall components, with links to configure these important components. It also reports any issues with overall device status.
The lower part of the window holds four panels described as Shortcuts. From these panels, you can run an antivirus scan, remove temporary files that might allow tracking of your activities, configure Web Protection, and securely delete sensitive files.
Clicking the My Protection icon at left opens a feature-filled left-rail menu. It offers access to core antivirus tasks, such as launching or scheduling a scan and checking what’s in quarantine. Tracker Remover, Web Protection, and File Shredder appear in this menu as well as in the row of shortcut panels.
I follow five independent antivirus testing labs that regularly publish reports on their findings. Three of the five include McAfee in their latest reports, which is a good sign. It means that they consider it significant and worthy of their testing efforts. At present, McAfee holds perfect or near-perfect scores from those three labs.
Testing experts at AV-Test Institute rate antiviruses on how well they protect against malware, how light a touch they have on performance, and how little they interfere with usability by wrongly flagging valid programs and websites as malicious. An antivirus can earn six points each for Protection, Performance, and Usability, for a maximum of 18 points. McAfee reached a perfect 18 in the latest report from this lab, as did more than half of the other competitors.
Researchers at SE Labs use a capture and replay system to challenge multiple antivirus tools with identical web-based attacks. Each antivirus can earn certification at five levels: AAA, AA, A, B, and C. In the latest round of testing, almost all the tested programs, including McAfee, received AAA certification. Other antiviruses that reached the AAA level in the latest reports include Avast, Microsoft Defender Antivirus, and Panda.
AV-Comparatives regularly publishes a variety of tests; I follow three of them. Apps that pass a test receive Standard certification. Those that achieve exceptional success can earn an Advanced or Advanced+ rating. McAfee missed perfection by a hair, with two Advanced+ certifications and one Advanced. Avast, AVG, and ESET currently hold Advanced+ in all three.
McAfee’s success in the tough tests put on by MRG-Effitas has been uneven in the past. Where most tests report results across a range, this lab’s tests are effectively pass/fail, and McAfee racked up a few failures in the past. However, MRG-Effitas didn’t put McAfee to the test in its latest report. AVLab Cybersecurity Foundation, the latest addition to my labs collection, also skipped McAfee in its latest test results.
I've devised an algorithm that maps all the lab scores to a 10-point scale and yields an aggregate lab score from 0 to 10. McAfee’s scores from three labs yielded a respectable 9.8 points. ESET and Bitdefender, tested by four and three labs respectively, also scored 9.8 points. Maximum lab attention goes to Avast, Norton, and Microsoft. These three appear in reports from all five labs, scoring 9.8, 9.6, and 9.1, respectively.
In addition to checking results from independent testing labs, I put every antivirus through my own hands-on malware protection testing. Some programs I test don't show up in reports from any of the labs, making hands-on tests essential. Even for one like McAfee, certified by three labs, this process gives me a chance to experience antivirus protection in action.
In most cases, I start by opening a folder containing a collection of malware samples that I have collected and manually analyzed, so I know just what damage they can do. For many real-time antivirus components, the minimal access that occurs when Windows Explorer checks the file's name, size, and so on is enough to trigger an on-access scan.
McAfee scans files upon download and just before they launch, but it doesn’t scan on simple access. To exercise all the app’s detection components, I started by downloading my samples from cloud storage. In an impressive feat of protection, McAfee blocked 100% of the file downloads, sending them directly to quarantine.
I maintain a second set of samples, hand-modified so they won’t match simple hash-based detection systems. For each file, I change the filename, append zeroes to change the size, and tweak some non-executable bytes within the program. McAfee caught two-thirds of these on download, including all the tweaked ransomware samples. Avast and AVG caught the modified versions of all but 1% of the samples whose originals they detected, while Norton nabbed all but 2%.
McAfee’s perfect 100% detection score is matched only by UltraAV. Like McAfee, UltraAV eliminated all the samples on its first try. Unlike McAfee, even the minor file access that occurs when Windows Explorer displays a file’s data is enough to trigger UltraAV’s real-time protection. Either way, both quickly wiped out the entire collection. And a perfect 10 points is much better than the 8.5 McAfee scored when last tested.
When tested against this same malware collection, Malwarebytes Premium scored 9.9, while Avast, AVG, Norton, and Webroot took 9.7.
It takes a long time to collect, curate, and analyze a new set of samples, so I only change to a new set once a year. To see how each antivirus handles the very latest in-the-wild malware, I use a feed of the latest discoveries supplied by London-based lab MRG-Effitas. This feed is simply a list of malware-hosting URLs discovered over the last few days. I load the list into a small program that launches each URL and makes it easy to record whether the antivirus blocked access to the URL, eliminated the malware download, or totally whiffed on detection. I continue launching samples until I have data for 100 verified malware-hosting URLs.
McAfee's WebAdvisor component blocked access to 81% of the malware-hosting URLs, identifying some as Risky and others as merely Suspicious. I can’t imagine a sensible user proceeding to a page their antivirus labeled Suspicious, so I counted both types as successful diversions. The warning page also included tags to further define what WebAdvisor found, tags such as Malicious Sites, Malicious Downloads, Parked Domain, Consumer Protection, and more.
The remaining URLs reached the download stage and faced analysis by McAfee’s real-time detection. It sent most of these to quarantine. Overall, McAfee blocked another 16% of the URLs at the download stage, for a total of 97%. That’s good, but Avira Free Security Suite, Guardio, and Sophos Home Premium reached a perfect 100%, while NordVPN, Norton, and UltraAV achieved 99% protection.
After installing a new antivirus, you should always run a full scan. The time for that initial scan varies quite a bit, but the current average is just under two hours. McAfee’s current edition defaults to putting all necessary resources into the scan, so it finishes faster. The alternative is to work more slowly in the background, avoiding any interference with your ongoing activities.
When I timed a full scan in a clean virtual machine testbed, it took three and a half hours to finish. I hate to imagine how long it would have taken without Fast Scanning enabled. A second scan finished in half the time, very close to the average. I suggest just letting that first scan run in the background without worrying about how long it might take. McAfee also offers a quick scan, which it says takes “5 to 10 minutes.” On that same test system, the quick scan finished in half a minute.
In theory, you only need that drawn-out full scan once, as a real-time antivirus should handle new threats. However, as a second tier of protection, McAfee schedules a bi-weekly full scan. You can switch to scanning every week or once a month, or you can create your own custom schedule.
When you’ve got McAfee working for you in the background and running scans on a schedule, you may not be 100% aware of just what it’s doing for you. If you have any doubts or if you’re just curious, open the My Protection menu, scroll to the bottom, and choose Security Report. Now you’ve got a nice summary of just what your antivirus has done, with the option to dig in for full details about scans, real-time protection activity, and more.
Devising a Trojan for stealing user account credentials requires a malware coder to invent techniques for slipping past layers of antivirus protection and the operating system’s own security features. That’s no easy task, and it’s just the start. The Trojan still needs code to locate those credentials and phone them home. It’s a lot easier to just hoodwink the user into giving away their credentials. Not only that, phishing is platform-agnostic. Any device that has a browser, whether it's a Chromebook or a smart espresso machine, can be your downfall. Even if you're well-trained in spotting these scams, it just takes one lapse.
Phishing fraudsters create sites that masquerade as sensitive sites and spread links through spam, malicious ads, and the like. Bank sites, online gaming, dating sites—no secure site is immune. If you log in to the fraudulent website, you’ve handed your account over to the fraudsters. Such sites quickly wind up blocklisted, but the perpetrators simply spin up new ones.
Because phishing pages are ephemeral, I always test using the very newest reported phishing sites, scraped from websites that track them. In addition to known and verified frauds, I make sure to include some that have been reported but haven't yet gone through analysis. This puts pressure on the antivirus to heuristically examine web pages and detect fraud without relying on an always-outdated blocklist.
I launch each URL simultaneously in four browsers, starting with one protected by the antivirus in testing. The other three depend on protection built into Chrome, Firefox, and Microsoft Edge. I run through hundreds of reported phishing URLs, discarding any that one or more of the browsers can’t reach and any that aren't verifiable credential-stealing frauds.
McAfee’s WebAdvisor routinely aces this test, scoring at or near 100%. It reached that pinnacle in its last two tests, and again this time around. Also at the 100% detection level are AVG, Avira, Guardio, Webroot, and the phishing-focused Norton Genie, as well as the antivirus component of VPN-anchored security tools NordVPN and Surfshark One.
McAfee’s macOS edition also scored 100% when tested against the same samples.
You’ve seen that WebAdvisor can steer the browser away from both malware-hosting websites and phishing frauds. The browser extension can also color-code results in popular search engines, letting you see before even clicking whether a site is safe, dangerous, or untested.
By default, WebAdvisor marks up results in all popular search engines. That’s a change from past versions, which defaulted to only marking up McAfee’s own Secure Search. It also marks up links in Facebook, Instagram, LinkedIn, Reddit, X/Twitter, and YouTube. To change its coverage, click the toolbar icon for the WebAdvisor extension, click the gear icon at the top, and select the Preferences tab. Here you can turn off markup for all search engines or for each of the social media sites individually.
Ransomware attacks can be shocking, even frightening. Cryptojacking is much more subtle. You visit a website, and it co-opts your system resources as part of a distributed system that mines for bitcoin or some other cryptocurrency. Bear in mind that there's nothing illegal about mining for Bitcoin. Mining is where bitcoin and other cryptocurrencies come from. The problem comes when a website or program covertly hijacks your computer's resources to mine currency for someone else. While WebAdvisor used to let you fine-tune its cryptojacking detection, it now simply rolls that protection in with defense against other types of risky sites.
Bitdefender also offers protection against unwanted crypto mining, but only in its security suites, not in the basic antivirus.
The consequences of a ransomware attack getting past normal antivirus protection are serious enough that many antivirus apps add a dedicated ransomware protection component. I can often simulate the situation where a zero-day ransomware gets past the antivirus by simply turning off all protective layers except those aimed squarely at ransomware.
Alas, I can’t do that with McAfee, as there’s no independent ransomware protection component. As with Trend Micro, turning off real-time protection also turns off protection against ransomware.
Even so, I found a way to test this feature. As noted above, I keep hand-modified versions of every sample, which I use to check the flexibility of malware recognition. McAfee caught all of those, so I whipped up a new set of tweaked samples, different from all previous sets and thus never precisely seen before. McAfee eliminated most of these instantly on launch.
Most isn’t all, however. One modified ransomware sample ran to completion, encrypting over 12,000 files and displaying its ransom note. Good thing I run these tests in an expendable virtual machine!
A wiper sample also dodged McAfee’s protection. Wiper malware is similar to whole-disk encrypting ransomware, except that it doesn’t offer any way to recover. Wiper attacks reportedly hit Ukraine just before the start of Russia’s war on Ukraine. And my one wiper sample evaded McAfee’s protection even in its unmodified form.
In this simple test, McAfee demonstrated that it can block most ransomware attacks, even when the sample is hand-modified to evade detection. However, the fact that it missed one disk wiper attack and one tweaked sample, even with all antivirus components active, is worrying.
Most security companies reserve firewall protection for the full-blown security suite, but McAfee puts it right in the standalone antivirus. McAfee’s firewall checks outbound network traffic while leaving the built-in Windows Firewall to handle inbound traffic. That means Windows firewall is in charge of stealthing ports and resisting attacks from the web, tasks it handles well.
Those of us who've been around long enough remember the early personal firewalls, with their maddening, incomprehensible queries. “SlavaUkraini.exe wants to connect to URL 104.18.6.16 on port 8080; allow or block? Once or always?” Consumers just aren’t qualified to answer those questions. Some always allow access. Others always choose block…until they break something, at which point they switch to allowing everything. It's not an effective system.
In years past, McAfee’s default was Smart Access mode, meaning it made all decisions about allowed network permissions. If you really wanted an old-school experience, you could dig into the settings and switch to Monitored Access, but I always advised against doing so. That’s no longer a worry, as the current firewall uses neither mode. Rather, it leaves this protection to the built-in Windows firewall. What McAfee does is block attempts by your apps to connect with “risky sites.” I couldn’t manage to see this redundant feature in action, as such attempts were blocked by McAfee WebAdvisor.
Firewall protection isn't much use if a malware coder can craft an attack that disables it. As part of regular firewall testing, I attempt to disable protection using techniques that a malware coder could implement. It's hard to believe, but you can disable some security programs using a Registry tweak, like changing a value from On to Off or True to False. Looking at McAfee’s presence in the Registry, I found I could delete or modify most of the values, but doing so had no noticeable effect on the app, and rebooting the system reversed many of my changes.
When I checked running processes, I found four belonging to McAfee. The two firewall processes resisted termination. Killing the other two blew away the user interface, but it came back when I clicked its icon in the notification area.
In a similar fashion, when I stopped the Windows service that powers WebAdvisor, it came back when needed. The main McAfee service was hardened against tweaking. I did find I could set WebAdvisor’s startup mode to Disabled, meaning it would not launch at Windows startup. And yet, upon reboot, it revived. Overall, McAfee proved resilient, resisting my attempts to disable its protection.
Over the years, McAfee AntiVirus has dropped quite a few bonus features. Its designers are constantly tuning which features consumers actually use. Two that have survived are File Shredder and Tracker Remover.
You might think the Tracker Remover feature would aim to keep web ads and trackers from profiling you, but what it really does is clean up traces of your computer and browsing activity. Anyone who gains access to your computer can cause all kinds of problems. Even with no malice intended, they still might snoop around and learn just what you’ve been doing. Tracker Remover wipes out temporary files and empties the Recycle Bin for starters. It also clears cookies and history from Chrome, Edge, Firefox, and Internet Explorer. Similar features in other security apps go further, wiping out things like lists of recently used documents and browser cache files, but McAfee’s scan is quick and simple.
Out of the box, McAfee runs the tracker remover scan on a two-week schedule. You can turn off the scheduled removal or change it to run just once a month.
When you delete a file in Windows, it goes to the Recycle Bin. If you find you made a mistake, you can rescue it from the bin. Even after you delete an incriminating file, the feds can impound your computer and recover that file using high-tech software or even hardware. Secure deletion, often called file shredding, ensures that what you delete stays deleted, even against forensic file recovery.
You can right-click any file or folder and choose Shred from the menu that pops up, or open the File Shredder within the main app to shred the contents of the Recycle Bin, the temp folder, or any arbitrary folder. Take care; shredded files are really, truly gone. By default, McAfee runs two shredding passes, which is enough to defeat file recovery software. If you suspect the authorities may put your computer through hardware-based forensic recovery, you can choose three or five shredding passes.
Final Thoughts
(Credit: PCMag Composite; McAfee)
McAfee AntiVirus
- 5.0 - Exemplary: Near perfection, ground-breaking
- 4.5 - Outstanding: Best in class, acts as a benchmark for measuring competitors
- 4.0 - Excellent: A performance, feature, or value leader in its class, with few shortfalls
- 3.5 - Good: Does what the product should do, and does so better than many competitors
- 3.0 - Average: Does what the product should do, and sits in the middle of the pack
- 2.5 - Fair: We have some reservations, buy with caution
- 2.0 - Subpar: We do not recommend, buy with extreme caution
- 1.5 - Poor: Do not buy this product
- 1.0 - Dismal: Don't even think about buying this product
Read Our Editorial Mission Statement and Testing Methodologies.
McAfee AntiVirus earns very high marks from the independent testing labs and also scores high in our own hands-on tests. Unlike many competitors, it supports only Windows, with no volume discount for multiple PCs. If you truly need no more than protection for one Windows PC, it's a worthwhile contender. Otherwise, look to our Editors' Choice winners, Bitdefender Antivirus Plus and Norton AntiVirus Plus. Both earn excellent scores from testing labs around the world and pack in enough features to outdo many security suites.
STILL ON THE FENCE?
About Our Expert
When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.
Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.
In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.
- Microsoft Says Defender Antivirus Is Good Enough. I Say Nope
- Bitdefender Ultimate Small Business Security Review: Full-Powered Protection for Your Company
- Bitdefender Ultimate Security Review: Comprehensive Protection for Your Devices, Data, and Identity
- Bitdefender Premium Security Review: A Feature-Packed Suite With Unlimited VPN Access
- Bitdefender Digital Identity Protection Review: A Powerful Privacy Dashboard With a Premium Price
- More from Neil J. Rubenking
