Review: Intego VirusBarrier X5 for Mac – OMFG I Have a Virus!

Reviewing Anti-Virus software for the Mac has always been a bit tricky. Macs have a well-deserved reputation for having pretty much 0 viruses under OS X (in the wild, anyway), so in general the thing most reviewers end up focusing on is whether or not the anti-virus software is annoyingly obtrusive to daily life (this is a huge problem on the PC-side of things with constant pop-ups, alerts, and attempts to up-sell you to the next tier or protection). So imagine my surprise and joy when after installing and running Intego’s VirusBarrier X5 on my brand new MacBook Pro, it discovered I actually had a virus!

Virus Barrier X5
Above: When a virus is detected, it is pretty obvious.

That’s right, I was actually happy to find that my system had a real life, honest to goodness virus – for two reasons, actually. First, I now had a legitimate way to verify that VirusBarrier does indeed do its job. I had assumed I would hit “Scan”, have it find nothing, and have to say “Well, I guess it works fine”. But secondly, and most importantly to the Apple fanboy in me, the virus it discovered was a WINDOWS executable that hearkened all the way back to 2001 when I used Microsoft’s Entourage e-mail client.

Virus Barrier X5
Above: A virus? On a Mac?!? Oh Wait, it’s a Windows virus.

Apparently as I upgraded from my original G4 PowerMac, to my MacBook, and now my MacBook Pro, I had just been copying over all my old documents and settings, including the Microsoft user data folder. Inside was a “joke” e-mail message I had been mass-forwarded by some idiot or another, and it contained a Windows executable file. Usually when I get these I just delete them, since even if it were a legitimate (and no doubt hilarious) .EXE attachment (if there is such a thing) I couldn’t view it on my Mac even if I wanted to. But apparently I let this one slide, and it sat in my Entourage junk folder for 7 years, infecting nothing, but there nonetheless.

The virus it found was called W32.Joke.Stupen.C, and was tacked onto the file Rumor.EXE , which appears to be a known virus of old.

Virus Barrier X5
Above: Behold “The Orb”

OK, so now that we know that it works, on to the traditional Mac-virus software question, “Is it annoyingly obtrusive?”. Happily, the answer is “no”. In fact, it sort of makes virus scanning fun.

As soon as you install VirusBarrier X5 (and restart your system), it begins protecting your Mac automatically in the background from all new incoming viruses. It will automatically scan e-mails, as well as any file you open, save, or create. But it does not automatically scan you entire system. For that, you need to launch the application an initiate a manual scan (or set up a scheduled scan).

Virus Barrier X5
Above: The outer ring serves as a progress bar, letting you know approximately how much longer you have to wait. Of course, the giant percentage numbers help too.

After launching, you will be greeted by VirusBarrier’s somewhat unusual GUI – the most striking area being “The Orb”. This giant green ball in the center is where much of the scanning feedback is delivered. The ring on the outer edge of the Orb provides a circular progress bar, and in the center you will receive a numerical progress percentage update, as well as see which files are being scanned. From this main screen you can select the drives or folders you would like to scan, setup scanning schedules of specific drives or folders, as well as see if any viruses have been detected and get an idea of how much system resources VirusBarrier is consuming. However the first thing you will want to do is hit the “Check Now” button on the top right of the screen to see if there are new virus definitions (the version I downloaded came with October definitions, but found some new December ones). Keeping up to date with virus definitions is important obviously from a protection standpoint, but it’s also important because of the way VirusBarrier scans for viruses.

The first time you run a virus scan, VirusBarrier will scan you entire system (assuming you leave the defaults set), including any attached drives. This initial scanning can take many hours, but once it has completed, all future scans will only scan files which have been added or modified since the last scan– sort of like how Time Machine backs up files. This means all future scans will complete in a fraction of the time that the original scan took. However, each time you download a new set of virus definitions, you’ll want to initiate a new manual scan of the system to make sure you do not have any newly discovered viruses.

Virus Barrier X5
Above: Odds are right now you don’t have to worry about iPhone viruses just yet, but it’s nice to know VirusBarrier can scan it anyway.

Performance

During the initial full system scan, I did notice a performance hit. Apps, like Mail took longer to open large mailboxes and display messages, and I had a few beachballs even though Activity Monitor showed Virus Barrier was not really using much in the way of system resources. However, after that scan completed (about 2 hours) the system went back to normal. The “Real-Time” scanning feature does not seem to dish out any noticeable performance penalty, so I am keeping it running 24/7 for now.

Virus Barrier X5
Above: Select what you’d like to scan.

Features

VirusBarrier X5 has some pretty slick features in addition to being able to catch 7 year-old Windows viruses. First, while viruses may not be a big problem on the Mac, Boot Camp users who occassioanlly run Windows on their Macs will be happy to know VB can scan their Boot Camp partition, as well as Windows files running under VMware Fusion or Parallels. For the non-Windows users, file corruption is a more real threat (although, again, not as much as on Windows) and VirusBarier can detect file corruption in addition to viruses and prompt you for action. When VirusBarrier detects a virus, the giant green “ORB” in the center will turn red – when it detects a file with data corruption, it turns yellow. You can set up what action VB should to take when viruses and corruption are detected, such as alert, repair, or quarantine.

VB also supports network scanning of mounted drives, as well as scanning the files of all users on a computer (although you will need an administrator’s password to take any “repair” action).

Virus Barrier X5
Above: You can customize which drives, folders, and files get scanned and when

You can set VirusBarrier to scan specific drives, folders, or even files, at set times. The scheduling interface is very intuitive, and reminiscent of Mail’s rules. Speaking of Mail, you can set up VirusBarrier to e-mail you if it should detect a virus, a useful feature for a system administrator (this “send e-mail alert” feature only works with Apple’s e-mail program, but VBX5 will scan any incoming and outgoing e-mail messages no matter what e-mail client you use).

If there is a particular file you are suspicious of, you can drag and drop that file onto the VirusBarrier icon in the dock, or onto the Orb if the app is open, and scan it. If it comes up clean, but you are still suspicious, VirusBarrier installs a contextual menu that allows you to right click on a file and choose to send it to Intego to have them test it, a really cool feature. If it turns up positive for a virus, it will be added to the next round of virus definitions, and help entire VirusBarrier community.

iPhone scanning?

Probably the only platform with less viruses than the Mac is the iPhone, yet Intego has decided to add iPhone and iPod touch scanning to the long list of Virus Barrier’s features. Given Apple’s tight controls over loading apps via the iTunes store, this may be of more use to the jailbreaking crowd who go through less stringent app approval process. When docked, the iPhone shows up as another device in the “Select” window. When scanning an iPhone or iPod touch, VirusBarrier X5 copies all the files contained on the device to the user’s startup volume in order to verify their security. If any malware or infected files are found, VirusBarrier X5 alerts the user and offers to repair or delete the infected files. This copying can take quite awhile, especially on a 16 GB model full of files, but given just how much personal data is on my iPhone, I figure it might not be a bad thing to do once every couple months or so. This might be a gimmick now, but could be useful in a year or so as the platform evolves.

Issues

Really the only issue I have with VirusBarrier turned out to not really be much of an issue at all. Because Apple manages Time Machine backups through a private, undocumented framework, VirusBarrier is unable to directly scan the files inside a Time Machine backup. When scanning a Time Machine volume, the scan takes about 2 seconds, as it only sees 1 file, not the entire 1,650,000 file contents of the backup. However, the work around is that, assuming you leave VB’s Real-Time scanning on, it will scan any file as it is copied to or FROM a Time Machine backup. So if, like me, you found you had a virus on your system, and realized it likely got backed up onto your Time Machine backup, you need not worry. If you ever restore the file, VB will catch it. Of course, that doesn’t mean I didn’t freak out knowing I had a virus on my Time Machine archive. :) So I deleted my Time Machine backup and started over (hey, the computer’s only a week old anyway).

Virus Barrier X5
Above: VirusBarrier cannot scan Time Machine backups, but it’s not a big deal

Conclusion

Intego’s VirusBarrier X5 lives up to its claim of providing complete, unobtrusive virus protection for your Mac. While the need for Mac Virus protection is still debatable for most users, Mac users running Windows under Boot Camp, VMware Fusion or Parallels have reason to genuinely be concerned, and as Mac users there’s still something comforting about having something there to back up our smugness. The powerful scheduling features, e-mail alerts, corruption scanning, and iPhone scans all make VirusBarrier a great choice for your anti-virus needs (real or imagined).

Price: $69.95 – yearly virus definitions ($29.95)
Pros: Fast, unobtrusive virus protection for your Mac, iPhone scanning, e-mail notification, File corruption detection, protection for Boot Camp volumes and Windows running under virtualization
Cons: Non significant

Comments
16 Responses to “Review: Intego VirusBarrier X5 for Mac – OMFG I Have a Virus!
  1. Uncle Miltie says:

    Here’s the problem with virus protection for your Mac – It still won’t protect you from yourself. Yes, it can keep those Windows Nasties from sitting harmlessly on your Mac. But what aobut the only known way to take down a Mac – downloading a program from the net that requires YOU to execute it with administrator rights? Let’s face it, no AV program is capable of preventing you from surfing to a Porn site and being stupid enough to agree to run whatever program they claim is needed to view their stuff. It can’t protect the user from stupidity.

    OTOH, think about a program like Onyx which if misused could significantly damage your Mac. That should be a far more concerning scenario for Mac users than worrying about viruses…

    UM

  2. CyberTeddy says:

    “it sat in my Entourage junk folder for 7 years”

    ehmm… why do you (you all) keep junk mails for years?
    when i get junk mail i’ll delete it right away (and empty the trash)… i mean alll those spam/junk/fun/chain mails just eat disk space…

  3. JohnO says:

    When did it become my job to worry about Windows users?

    This seems to be the thrust of all this AV talk lately. I feel today as I felt years ago about all this. If they don’t want viruses, don’t buy Windows.

    Intego, more than any other company, has pushed this idea as they cannot sell AV to a platform which literally has no viruses. They have to convince to you that it is important that YOU take responsibility for WIndows users bad choices. Otherwise, why buy it. So they fear-monger. And folks like you jump on the bandwagon.
    You’d be a bad computer user were you to allow this, is their campaign. And you buy into it.
    I think they are bad computer users for endangering the rest of us.

  4. Nick says:

    I’ve still got a disc with VirusBarrier from Intego on. It’s actually a full suite of Intego-Barrier apps – firewall, the lot. I uninstalled them all years ago after only running them for a month or two, because having them came to seem like a pointless exercise to me. Just looking at the disc now I see I’d bought it back in 2003. Five years ago! I can’t recall what I paid for it at the time – it certainly wasn’t cheap – but i guess I’d be five years worth of updates short in the wallet by now, too, if I’d persisted with it.

    If I still ran AV at all, I think I would choose Intego’s. It seems somewhat lighter than the alternatives, and, as you say, it has got a rather funky GUI.

    But i just can’t see it’s worth it for me. I think it may be necessary for some people with particular usage scenarios. As Rich Mogull puts it:

    “If you exchange large numbers of potentially risky files (especially forwarded email messages with attachments that aren’t otherwise scanned) with Windows users, and your email isn’t scanned at your mail server, consider antivirus software for their protection.”

    http://db.tidbits.com/article/9511

    But for the average Mac user, like Rich, I just don’t see the point, so I now give such software a miss.

  5. jeremy says:

    The best reason not to buy software from Intego is their insistence on a tax-like payment scheme. One must buy not only the program but also yearly av definitions subscriptions — failure to do the latter renders the former useless.

    I generally like to keep all my software current, but i like to make that choice myself. Sometimes an update is not necessary for my circumstances, so I pass on it. Intego’s scheme precludes my choosing. And even studious updating of the program will not ward off yearly payments for the av definitions.

    Now, imagine all purveyors of software arranging their sales similarly — “this software will fail in 12 months unless you renew your subscription”. Annual software-update day would become another version of tax day — to be regarded with anticipatory fear and loathing.

  6. Eric says:

    The MacUpdate promo going on for seven more days includes this app, along with nine others for $50. It’s a bargain.
    http://www.mupromo.com/winter.php

  7. Xeno says:

    Um… so it finds Windows viruses which are effectually useless. So what? UNIX systems are properly sandboxed unlike Windows, and why am I worried about Windows viruses? I run OpenOffice, Firefox, and am on a Mac.

  8. MPR says:

    iAntiVirus has a free-for-private-use version and only scans for OS X viruses (all 90 of them)

    http://www.iantivirus.com/screenshots/

  9. Tom Ward says:

    ClamXAV will do the same stuff – without the funky look – and it’s free.

    If you’re worried about passing stuff on why not use something free rather than wasting money on Intego’s effort to bleed you regularly?

    Cheers.

  10. And which 90 viruses would this be?

  11. Imagine Engine says:

    I believe it’s better to be prepared especially when it comes to protecting personal data. I’ve been using Intego’s Virus Barrier since I got my MacBook and really like how it’s both aesthetically pleasing to the eye, user friendly and non-intrusive.

  12. T. Payton says:

    Of course what else could a Mac antivirus program find but Windows viruses? Are there really any true Mac Viruses? I do have a thing on my system called Adobe Updater that I am sure is a Trojan. ;)

    BTW, watch the blasphamy in the headline. Your stuff shows up in more places than just your site (i.e. MacSurfer). Kinda a drag to have to answer my kids, “Hey dad what do those letters mean?”

  13. photogirl333 says:

    Thanks Doc!!
    I bought this yesterday and then saw your post today. Mine didn’t find a virus, of course, but I’m glad to know that it actually “works” when there is one! Good to know I can scan my iPhone too – that’s next on my list…

    ~pg

  14. Safe-T-Guy101 says:

    So here is the Deal… once you buy Intego software it yours…. period. If you buy X5 virus barrier you have it for life… no additional payments. However you also get netupdate privileges for a year, 2 or 3 depending on how long you buy for. Netupdate simply updates your software to the latest version. If you would like a later version of the software you must purchase the update… standard. There are many useful software from Intego not just AV. They have top notch developers and for anyone running a medium to large business or a school I would highly suggest there ultra intuitive content barrier. This is the best product on the net, don’t be fooled by companies such as Macsecurity or whatever other mumbo jumbo is out there… you always get what you pay for. I will also add that currently there are quarantined and known mac viruses that have not yet been released upon the net. Get protection you will need it!!!
    -Safe-T-guy101

  15. Marcel says:

    And what about archive-scanning (.zip, .rar etc.)?

    Is it possible for Virus Barrier?

  16. Derek says:

    This review still tops my list as the most interesting for an antivirus program. Any chance you’ll be doing an updated review for VirusBarrier X6?

Leave A Comment

ADVERTISE ON MACENSTEIN

Click here to inquire about making a fortune by advertising your game, gadget, or site on Macenstein.