Let's start with the GOOD NEWS:
Intego VirusBarrier is the only anti-malware program I can recommend for Mac OS X. Its interface and features are unmatched by any similar program. The signature updates are regular and reliable. Intego stay right up-to-date with all Mac OS X malware. The program is 100% compatible with Snow Leopard. Ignore all reports to the contrary. For Mac users who want a top notch single-user anti-malware program, this is the only one. Nothing compares, except perhaps Sophos, which is only designed for network users.
The new VirusBarrier 10.6 version adds a bunch of new security features worth the upgrade price. Some features are redundant to those already in Safari and FireFox. The reverse firewall is the only new feature I care about. Reverse Firewalls stop dead any way to zombie your Mac. They also stop all software from 'phoning home'. I've been using Little Snitch for years and love it. The reverse firewall in VirusBarrier 10.6 is not as good as Little Snitch. But it's there and it's useful.
A new single user license for VirusBarrier costs $49.95 and protects two Macs. A new family license is $69.95 and protects five Macs.The 10.6 upgrade is potentially free for those who purchased VirusBarrier 10.5 on or after November 25, 2009 through April 13, 2010. See Intego for details. Otherwise, the upgrade is $34.95 for single users. A family pack upgrade is $59.95 for protecting five Macs. Every new or upgrade license includes a year's subscription of malware signatures.
Intego also provide an occasionally useful and intelligent Mac Security Blog.
Now the BAD NEWS:
1) Accompanying the 10.6 update is a new advertising campaign that makes several wrong and ridiculous claims consisting of what is traditionally called BULL SHITE or FUD. Enjoy:
"More and more malware is discovered every day. Macintosh computers face threats from viruses, Trojan horses, worms and more."Incorrect! There are ONLY Trojan horses for Mac OS X. Period. The End. If you believe otherwise, you've been duped.
"VirusBarrier X6, the Lowest-Priced Mac Antivirus"No. FREE would be 'The Lowest-Priced Mac Antivirus', and there are a few of those to choose from. See below.
"... simply visiting a booby-trapped web page can compromise your Mac."This has never happened on Mac OS X in the wild or in a 'Crack A Mac' competition without an account user providing deliberate sabotage assistance. However it 'could' happen if a JavaScript or Java security hole wasn't patched in your web browser or operating system. (Readers of my posts know what contempt I have for the state of JavaScript).
I hope Intego have brains enough to dump the false advertising before they get sued. I despise FUD and would hate to have to put Intego on a par with Symantec, the renowned masters of anti-Mac security FUD and makers of easily the worst anti-malware for Mac.
2) Yearly malware subscriptions for VirusBarrier are required and expensive. $29.95 for one year. Yikes! A two year subscription is 50% off the second year at $44.90. If you're up for renewal and are using version 10.5, you might as well upgrade to 10.6 at $34.95 and get the included one year subscription, saving yourself $25.
3) Intego outright refuse to provide a list of malware detected and removed by VirusBarrier. That's idiotic and I've directly told them so. They don't care. Instead, I follow the imperfect but useful Threats Database provided by the PC Tools site, the makers of the up and coming competitor program iAntiVirus.
4) And of course, if you turn on the Real-Time Scanner feature, expect VirusBarrier to eat your CPU. So turn it off. You don't need it unless you're dealing with LUSERs, in which case all you have to do is prevent them from having access to an administrator account and password. It's seriously that simple.
CONCLUSION:
So what is VirusBarrier for? It protects you from LUSER behavior and lets you find and wipe out Windows malware you may be passing along to Windows users.
If you're a conscientious Mac user who checks the validity of all software you install, you don't need VirusBarrier to protect your Mac. There are less reliable free alternatives if you want to try them out, such as ClamXav and iAntiVirus. (Avoid MacScan, which is ultra-lame).
I'll be posting a detailed feature review in Part II after I test the new VirusBarrier 10.6.3 update.
--
Hi Derek
ReplyDeleteThanks for the recommendation. I've installed VB X6 10.6.11 and running it on my iMac OSX 10.6.6. I'm a new switcher from PC BTW so wanted user friendly AV software and found little sense before stumbling onto your blog.
I may well be a somewhat neurotic LUSER because I forget things at my age, and wonder how I know whether to trust something or not. It can feel a bit Catch 22. But because I want the download I authorize it, though I do try to check and find reviews or read forums on something first.
BTW, I asked Intego about the trojan you couldn't detect using Virus Barrier, and they've sorted that now.
But what do you have to say about this:
I get a clean sweep but when I check the log file a huge list of files were only partially scanned, including lots of Open Office templates, Python 2.6 testtar.tar, whatever that is, and part of Flip4mac's uninstaller, plus a few .xps files from my PC backup.
Once I'd found the little critters I dragged them manually to scan and was told no virus detected. But still don't know whether it's had a proper look!
Intego say they can't open a whole bunch of archive formats: "archive.pax.gz, test.tar, wilogo_gif.uu, dna_small_gif.uu, etc" and I can add a few more to that list. What's the use in that!?
My gripe is the front end doesn't warn you that some files were not scanned fully, and even the logs don't tell you why.
And it's not deeply intuitive where some of the tweaking is concerned, but I'm getting use to it. But IMHO it's not what my hubby calls Black Box technology where you can use it but don't necessarily need to know what's going on under the bonnet/hood) Or if you can it's because the risks of finding something are still so low.
Thanks
B
Hi Blackcurrant,
ReplyDeleteHere is the first of a couple replies.
I don't work for Intego and therefore cannot definitively answer these questions. However, let me give you my personal understanding of what you've described:
VirusBarrier has a feature called "Turbo Mode technology for faster scans", as described on the features page at their website. This system works by logging information about each file encountered during a scan. This information includes the file creation date, modification date and size. When the next scan is executed, each encountered file is briefly checked for this 'metadata' and compared with the log of previously scanned files. If VirusBarrier detects no change in the file it stops at that point and moves on to the next file. This allows skipping a full scan of these files, therefore saving a great deal of time. I expect the 'partial' scans you are noting in the scan log are those that have not changed since the previous scan.
Thank you for sharing the information you learned from Intego. I am a bit confused about one thing, however. If you go into VirusBarrier, click the Scan Settings button, then the Archives tab, you'll see all the Archive Kinds that you can activate VirusBarrier to scan. Included are:
•GZip (.gzip) - This is the GnuZip archive, the same as a .gz archive.
•Tar (.tar)
•Uuencoding (.uu)
These are all the formats you noted that Intego said they can't open and scan. And yet they are clearly listed as supported.
However, there are other archive formats I know VirusBarrier cannot scan, including:
•RAR - This is a proprietary format.
•7-Zip - This is an Open Source format so I don't understand why Intego can't add this format. It is, however, extremely obscure on the Mac.
•DiskDoubler - This is a proprietary format that was not forwarded beyond the old Mac OS environment.
•StuffIt archives of various types - These are proprietary formats.
•All 9 Amiga archive formats or the Amiga native file format - But who cares?
•NSA, NOW, CPIO, HA, SAR, EXE, PIT and further obscure formats on the Mac.
Then again, I don't know any anti-malware application that can scan every archive format available. Much as I like using 'The Unarchiver' freeware application, I know it cannot expand every format ever created either. Therefore, I have a few other expansion programs for odd other archives I encounter.
IOW: I don't expect any anti-malware application is aware of every archive format. I also don't believe it is important UNLESS particular malware uses that archive format in some way. If that were to occur, I am certain Intego would find a way to obtain or create a method for expanding and reading that format.
:-Derek
Part 2 of my reply:
ReplyDeleteAs for the "Black Box" concept, hopefully I've made it clear in my blog that the anti-malware community is a MESS. It would be great to hide all the cacophony behind a door you never need open. In the Enterprise, this is clearly a goal so that employees need not bother with anything distracting them from their jobs. Therefore, they hire IT experts to setup and run all the details in the background on the office network. Individual users don't have that luxury. Therefore, some of the wire dangle from the ceiling and you can see the shoes of the man behind the curtain.
As a techno geek I enjoy all the bells and whistles of VirusBarrier. But I also consider it the easiest to use for malware neophytes as well. The integration of NetBarrier into VirusBarrier has added in wonderful and important functionality. However, it has also added so many buttons and tabs that anyone would be confused. Learning about all of it and what settings to use takes a lot of RTFM time that few people wish to endure. Thankfully, out of the box VirusBarrier is just fine and usable for the average Mac user. If you want to check out the plethora of other settings to use, read about them and turn them on.
Thankfully, for now, having only 26 Trojan horses and two meagre pieces of illegal spyware means that typical Mac users can live without using any anti-malware application. I don't recommend it! But it is still the case.
VirusBarrier supplies a simple way to scan individual files of which you may not be certain. Click on any file or folder to highlight it. Then click with either your right mouse button or Control-click it to bring up the Contextual Menu. At the bottom of the menu is the Services sub-menu. In the list of services you will see "Scan with VirusBarrier X6...". Select that service with your mouse and VirusBarrier performs the scan for you and you're done. You don't have to open the application at all, drag and drop anything. This is great for avoiding potential Trojan horses.
I suspect I had one other point on my mind, but hopefully these replies will give you some useful information.
:-Derek