SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Avast! Mac Edition Review

Posted on June 4, 2011

Review by Israel Torres

Introduction

avast! Mac Edition is an Antivirus software for Mac. The software offers the following features:

  • On-Access Scanning
  • User friendly interface
  • Automatic updates
  • Integrated email protection
  • PowerPC and Intel supported
  • Simple Installation

This software is not free, however they offer a free 60 day trial version to download from their website. It comes in a variety of subscription flavors starting at 1 Year. It’s also offered with it’s PC version for a discounted rate. (Figure.00)

Figure.00

Note: It is very important to be sure to backup your system with Time Machine or alternative backup software (Carbon Copy Cloner) prior to installation and after verifying you have the requirements necessary to install and run adequately.

Review Version (Figure.01)
Version: 3.1.1 R0 (ServiceKit 1.41)
Update : VPS 110611-1 of 11.06.2011
MD5 (avast.3.11.zip) = ceed3785ef3d238c5fcde432bae43531

Figure.01

Test Platform
Mac Mini 2.26 GHz / 2GB
Mac OS X 10.6.7 10J869
Intel Core 2 Duo 2.26 GHz 2 GB
Darwin Kernel Version 10.7.0

Installation

Prior to even downloading the downloadable installation check over the System Requirements page (http://www.avast.com/mac-edition) to verify that the target system is up to par with what the software supports. The requirements are pretty simple as it works with Intel/PPC processors from Tiger to Snow Leopard. They are quite clear in stating they don’t support anything prior/older.

The install is very quick (6 screens) the installer prompts the user to set some basic preferences during the installation (which is awkward). (Figure.03) The standard installation takes 52 MB to install and requires typing in an administrator’s password.

Figure.03

The default installation (Figure.04) has a few items enabled by default. None are explained what exactly it is they do (hence the awkwardness); all the user can do is accept them blindly and hope for the best. (which turns out isn’t the best option all the time).

Figure.04After the installation is complete avast pops up this toolbar. It serves as a front end and can be hidden from view. (Figure.05) Figure.05

Post-Installation and Preferences

After the install avast it presents itself by default; also strangely it brings up Apple Mail (Figure.06); it gets especially odd if Mail isn’t configured (as it wasn’t in this test) already as it appears to continue to bring it up and completely prevents the user from shutting down until it is removed from using email protection from preferences. :/

Figure.06

If the user doesn’t manually update (via it’s own updater) the software (3.1.1’s latest update is 2010); in a few minutes it updates itself to the latest and greatest engine/updates. (Figure.07) The GUI makes it confusing as what exactly is happening as it uses “programmer terms” and not friendly labels. In the preferences there are obvious signs of feature-creep in how the GUI is laid out and the features made available.

Figure.07

There are a lot of preferences; most of them don’t make sense and are confusing (Figure.07b). It would be great if they had an advanced mode and a simple mode. At the time of this testing everything is set to advanced without any cool wizards to guide the user through the configuration. Some areas even require the use to manually type in a path.

Figure.07b

The Menu Items

The menu items (Figure.08) consist of the Licensing (although it is constantly misspelled throughout and inconsistent to the documentation in the Help);

Figure.08

bringing up licensing pops up an obtuse and monolithic prompt (Figure.09) searching for some type of license file. Update checking (thought the toolbar feedback seems to be really only reactive to the one in the toolbar). Uninstall (which doesn’t seem to work as advertised).

Figure.09Scan Now requires that the user set up their scanning profile (since it isn’t made available to right click and scan items such as folders, files) they must be fully “pathed” throughout the configuration including the exclusions. The lazy way to go about it would be to choose Scan Volume but that doesn’t help on time if the user just want to scan a single archive, nested somewhere. The simplest way to mitigate all this is to just place the target folder on the Desktop and choose Scan Folder and find the way through to the desktop.

Save Current Scan report doesn’t really work out of the box and seems incomplete. (Figure.10) I call it “half-bakery”. What exactly is the user supposed to do with this? It appears after some fussing about that the scans aren’t entirely connected and also get lost and don’t report accordingly.

Figure.10

The avast! Toolbar

This toolbar is what the user is given to control the antivirus with. It sometimes spouts little messages on the lower left hand side without really letting the user know what is happening. (Figure.11) If the use isn’t savvy in computer speak they may be confused further.

Figure.11

Otherwise it normally states “avast is waiting for command”. The toolbar has 6 big buttons from left to right : Scan Now, Scan Volume, Scan Folder, Check Update, Virus Chest, Preferences. These are basically the same functions as the Menu items offer however when compared to the built-in help file someone got lazy in the technical writing department as the help file does not match the installed toolbar in many ways (Figure.12)

Figure.12

The Dock Icon

The dock icon keep track of the malware count (Figure.13) the user gets during a scan, and allows some operability via the icon (as the menu and toolbar).

Figure.13

Other than that it sits there and by default is run as a persistent application that never closes this would suit best as a menu item. (Figure.14) (Figure.14b)

Figure.14

Figure.14bUnstallation

BSD is short for Black Screen of Death; and that’s what the user gets when they install the default configuration they set them up with. (Figure.15)

Figure.15

This means the ENTIRE SYSTEM crashes and needs to be powered off before it can proceed to fix itself on the reboot. Whatever was going on during the install… forget about it. It didn’t even stand a chance. (Figure.16) (Figure.16b)

Figure.16Figure.16bSo after the reboot and the user unchecks the persistence mode (Figure.17) and then uninstalls (not documented by the way); Figure.17

let’s say the user gets the crazy idea to reinstall it. Sorry it can’t be done the same way as it was the first time. The user gets a license expired error after the install (Figure.18).

Figure.18

avast! devs also like to spell it “license” here and there and “license” other places. At this point the only thing the user can viably do is try to uninstall it again, call support, use google. The obvious places where artifacts could be getting in the way weren’t obvious at the time of the testing.

Overall the uninstallation function doesn’t seem complete as it just states it installed the software successfully. Again Q&A dropped the ball here; not only does the uninstall not work; it doesn’t even talk about an uninstall other than the title of the application. (Figure.19)

Figure.19

GUI

“… there are simply too many notes …”: One of my favorite movies is Amadeus, and I never really understood the saying Emperor Joseph II stated until I used this product.

The GUI isn’t what the average Mac user will comprehend intuitively. It looks like it was designed by a software “engineer” and then pasted over with a bunch of nice looking icons. The documentation and help don’t exactly match the delivered product which is evident that Q&A isn’t at the wheel of this bus. When the aesthetics are off it makes one question what underneath may also be off. In a Mac world look and feel is important the underlying quality is a given. This product feels like a Windows XP app ported to OS X in a fortnight over 4 continents and 6 teams (yes I went there).

The software doesn’t have context menus to where the user can right click and scan the file or folder; instead the user has to browse a path to the folder that the file is in or scan the entire volume until it is found.

The user is presented with far to many choices (Figure.20) with unheard of nomenclature and very limited documentation and help context as to what exactly it is that the checkboxes are asking and why some of them are off by default and why some of them are on.

Figure.20

Take for example the first one in Preferences “Chest entire archives if larger than ___ KB”. (Figure.21) Really? Sorry that isn’t English. Google translate failed you Mr. Technical writer.

Figure.21

Lab

In this section the test machine was removed from the network after the software was updated and removed all USB devices. Please do not try this at home.

I have a big zip’ o samples I collect out in the wild (Figure.22) that I test with malware testing products and it certainly triggered when I unpacked the zip, or when I scanned the zip through an obscure way (using the product to path my way to it). The chest feature seemed like a quarantine device; and if Mail isn’t set up it will create a fun error when the user tries to send a sample to avast.

Figure.22

I thought it found something when I started to unarchive the zip file and turned out the error message wasn’t of something detected it was more the product fumbling on itself (Figure.23). It states to do a bunch of stuff like “report please” and “send the log”; although it doesn’t state how to do it like where the log files are.

Figure.23

During the unarchiving (try 2) it also started to detect the various goodies I have in the zip file (Figure.24)

Figure.24

… there appears to be some type of latency as the scanner finds the files as they scroll by one at a time in a serial fashion. (Figure.25) The identification of the malware appears to be correct (probably the only pro this product has).

Figure.25

Figure.26

When it is all done scanning and finding things I clicked the create report button and get this prompt. What in the world type of extension is that (not in my voice, but in the user’s voice). (Figure.27) they should have named it .txt and let it be;

Figure.27

instead to read it you need to browse for something like TextEdit if you don’t have anything else loaded to read text files. (Figure.28)

Figure.28

I went to check the last scan and nothing was in there. Which was quite strange (Figure.30).

Figure.30Digging deeper it seems like the scan never took place. Here it isn’t clear whether the stuff it just found was something else entirely and if this is only for manual scans. (Figure.31)

Figure.31

Figure.32

I try a few more tests and it seems only in the manual scans does it find the malware and reports them in the scanner log. (Figure.33)

Figure.33

Some of the features for further investigating the malware doesn’t seem to work (for example the question mark really only appears for clicking when it is going to give an OK message (Figure.34)

Figure.34

which really doesn’t make sense since it isn’t enabled by default in the preferences! (Figure.35).

Figure.35

I would also occasionally get “Problem with Archiver” messages; no idea what they were related to and the error detail was quite sad. (Figure.36)

Figure.36

Moving malware into the chest ended up beachballing (Figure.37) – perhaps I had to many or something but it left me wondering what the heck is going on back there.

Figure.37

I eventually got a bunch of them in the Chest (Figure.38) and it is a basic quarantine so that avast could check them out; the mail feature died on me since I didn’t have Mail configured.

Figure.38

(Figure.39) Another Q&A Fail as I am sure the user isn’t supposed to ever see this. The part about the proprietary CyphSimple encryption sounds interesting though 😉

Figure.39

The coup de grâce was when I was able to INSTALL like MacDefender malware (Figure.40) without Avast making a peep! … so looks like it doesn’t get everything.

Figure.40

(Figure.41) … just for the record neither did Apple …as it has the latest definitions but Apple doesn’t claim to be an anti-malware company.

Figure.41

Support FAQ

At the time of this review their front facing site or datasheet doesn’t exactly (or at all) declare what the user gets for the 1-3 year subscription plans that start at 39.95$USD for 1 License. Apparently it is just added to the online cart and bought; after that the user is on their own.

Thoughts and Conclusion

There are free alternatives people! With free alternatives available out there that are superior in form and function I wouldn’t imagine why anyone would buy into this software. In my research and testing I don’t see how a lot of what I found got past their Q&A team. The overall GUI usability; the really odd behavior of its interaction with Mail; the Black Screen of Death on default uninstall; the uninstall and reinstall premature license expiration; the documentation inconsistencies all are the sign of untested software or extremely limited test cases with trite happy paths. I can only imagine an end-user drowning in issue after issue by using this.

Rating

1/5 – Unfortunately I’d recommend staying away from this software until they’ve put some time into evolving it. There are far too many anomalies to be considered stable for public consumption (for free or otherwise). If anything it should be stamped as a Beta.

On the Web

Further information, education and 60 day trial version download available at the following link:
http://www.avast.com/mac-edition
http://download316.avast.com/files/datasheets/mac-eng.pdf

Join our mailing list for the latest security news and deals