The number of viruses affecting Macs remains
small. But we mustn’t be lulled into a false sense of security. Installing and using antivirus software is important.
For some people, the decision has been made by a company or college, or by the free copy of McAfee Virex that comes with a .Mac subscription. For the rest of us, choices include Intego’s VirusBarrier X 10.1.1, McAfee’s Virex 7.5.1, Sophos’s Anti-Virus 3.87, and Symantec’s Norton AntiVirus 9.02 (see “Antivirus Software Compared” for details).
Scanning for Trouble
Antivirus software helps keep Macs secure by scanning files as you access them and scanning folders or entire hard drives as requested. It then helps you deal with any oddities the scans may find. Clear information is important, as are tools for repairing or removing infected files.
For the most part, installing each antivirus product requires just a couple of clicks. The biggest glitch I faced was with Virex:it failed to install on a hard drive because Symantec AntiVirus was once installed there long ago. Support for the .Mac version of Virex is available only online; it took me a few days to get help.
A good antivirus program provides feedback as it scans so you know what’s up, and it allows you to keep working while it scans. The fastest program by far was VirusBarrier—it scanned almost 40,000 documents, inside a variety of nested folders, in about five minutes, and then in about a minute on subsequent passes in Turbo mode. Although it wasn’t as quick with the initial scan, Sophos Anti-Virus performed well on subsequent scans, zipping over unchanged files in a fraction of the time that the other programs took.
Configuration and Updates
The programs vary when it comes to the ease of setting options—for instance, scheduling downloads of new virus definitions. I was happiest with Virex because I could access all the program’s options—including its scheduling application, Virex Scheduler—from
the main user interface instead of going to Sys-tem Preferences.
Current virus definitions are critical. Norton AntiVirus’s excellent LiveUpdate tool obtains the latest updates from Symantec’s central servers, according to your schedule. Unfortunately, its oddly shaped window sits in front of all other programs unless you hide it.
Sophos Anti-Virus is designed for workgroups. So instead of downloading definitions directly to each Mac, you download an update once to a server and then point your computers to the update location to load it. While this comes in handy if you want to grab each update from the Net once for a large group of users, the Sophos implementation works only if you have a Windows 2000 or XP server. And the utility that manages the Sophos client software, Enterprise Manager, provides only definitions to the Mac clients. It can’t monitor the Macs for infections as it does the Windows machines.
Sophos says that it has plans for a stand-alone Mac client that can obtain updates from the company’s servers. But for now Mac-centric companies must add a local Windows computer to handle automatic updating. Sophos is also working on a version of its Windows-based management software that can communicate with Mac clients.
What If There’s a Virus?
The ideal antivirus tool protects you from viruses but doesn’t keep you from your data. It warns you about viruses it finds, informs you of ramifications and options, and then lets you proceed accordingly. VirusBarrier and Sophos Anti-Virus do a good job of scanning files in the background as they’re accessed. Both warn you if they find something and give you the immediate options of repairing or deleting the infected file. VirusBarrier is my pick for scanning files manually or on a schedule. If it finds infected files, you can select one or more from the list of results and then click on the Reveal In Finder button or the Repair button (see “Zap!”). Sophos Anti-Virus lists results, too, but you can’t do anything with the list. You must change the software’s mode from just scanning to scan-and-repair, and then run the process again.
Overall, the programs did a good job of finding viruses on my test drive. But Norton AntiVirus missed PC viruses entirely—only when I dragged my e-mail attachments folder to the program’s Dock icon did the software find and quarantine them. Symantec’s $30-per-incident customer support provided no help. Media contacts diagnosed that the program had aborted its scan before it had finished, without any indication. It turned out that the software was confused by unusual folder permissions.
Antivirus Software Compared
VirusBarrier X 10.1.1
||one user, $60; five users, $200; ten users, $360
||Attractive interface and fast scans, especially on unchanged files; clear warnings when viruses are found or infected files are open.
||included with $100 .Mac membership; five users, $203;ten users, $405
||Easy-to-access configuration; no visible progress indicator during scans; refuses to install if there are traces of other antivirus tools remaining.
||five users, $249; ten users, $399; 25 users, $799
||Fast scanner, but updates require a manual download or a Windows server; shows a list of infected files, but you can’t do anything with the lest.
||Norton AntiVirus 9.02
||one user, $70; five users, $280; ten users, $560
||Provides easy access to updates; good handling of detected viruses; occasionally misses some viruses when scanning entire drive.
Editors’ Choice in
Macworld’s Buying Advice
Any of these programs will provide the basic protection every Mac user needs. Norton AntiVirus is a reasonable contender for personal or group use, and it integrates well with other Symantec tools. Businesses should keep an eye on Sophos Anti-Virus, which has potential as a workgroup protector. Virex will do if you’ve already paid for it via a .Mac subscription, but installation issues and poor support prevent it from being our top choice. That spot is reserved for Intego VirusBarrier X. Its attractive interface, turbo performance, and clear handling of virus infections make it a winner.From VirusBarrier X’s main window, you can quickly repair or review one or more files from the list of scanning results.