Is anti-virus in x64 necessary?

Solar

Limp Gawd
Joined
Jul 16, 2005
Messages
228
So I'm contemplating the move to Vista x64 and I'm making sure I have all my bases covered. Drivers, programs and what not. One question I'm having difficulty answering is about virus protection. Is it necessary to have an anti-virus program running in Vista 64? Personally I think the OS X argument comes into play here. Thoughts?
 
So I'm contemplating the move to Vista x64 and I'm making sure I have all my bases covered. Drivers, programs and what not. One question I'm having difficulty answering is about virus protection. Is it necessary to have an anti-virus program running in Vista 64? Personally I think the OS X argument comes into play here. Thoughts?

do u need an AV in Vista 64? yes

does it need to be x64? not necessarily
 
Personally I think the OS X argument comes into play here.
How so?
OS X isn't immune to viruses. Anyone that has half a brain would at least admit that... Whether it's a threat, or will be in the future is debatable, but there have been viruses on Mac.


do u need an AV in Vista 64? yes

does it need to be x64? not necessarily

I'd agree... I'll add though some 32 bit software won't run on 64 bit platforms, depending how it is written. Most will though.
But if you run 64 bit software on a 64 bit system your performance (which means scanning and on-demand speeds) will be better.


Like I said- most 32 bit software runs on 64 bit OS. Therefore, all the viruses out there can still be run on 64 bit.

64 bit does have the advantage right now of not supporting so many addons/plugins, and REDUCING your risk, but it is not, by far, eliminated.
 
If you're looking for a good AV for x64 (and it IS neccessary), Avira works wonderfully, running it right now. Nice and light, fairly fast scan speeds, and the best single engine protection you can get. Free too, which is a plus.
 
OS X isn't immune to viruses. Anyone that has half a brain would at least admit that... Whether it's a threat, or will be in the future is debatable, but there have been viruses on Mac.

I'll certainly agree with that. Let me revise that statement and talk about the effectiveness of writing a virus in terms of affected market share. Vista 64 cannot have a very large installed user base at this point, so would the time spent writing the malicious code really be effective?


Like I said- most 32 bit software runs on 64 bit OS. Therefore, all the viruses out there can still be run on 64 bit.

64 bit does have the advantage right now of not supporting so many addons/plugins, and REDUCING your risk, but it is not, by far, eliminated.

And I guess thats my question, how reduced is my risk? Is the underlaying framework of Vista 64 so different from the 32bit version that most viruses would be thwarted? Or would WOW64 actually help the viruses do what they want to do, thus making the move negligible?

If you're looking for a good AV for x64 (and it IS neccessary), Avira works wonderfully, running it right now. Nice and light, fairly fast scan speeds, and the best single engine protection you can get. Free too, which is a plus.

I'm rocking AVG Free, have you used it? Any personal comparisons between the two?
 
AVG free version 7.5 was decent, but nowhere near the detection rate Avira has. It's certainly light though. AVG 8 is a god damned clusterfuck, which is a shame, because I had a 1 year free license to the pro version, and wanted to like it SO badly. It's heavy, slow, cumbersome, and buggy as all hell.

I've tried a few AVs on x64, I'm always looking for something new. Kaspersky was good, but browsing was SLOW due to the web scanner, and it doesn't play well with other security software at ALL. Avast's UI horrified me, but it worked well. AVG and Avira were already mentioned, and F-Protect was damn good, but a bit bloated.

If you combine Avira free (google how to get rid of their pop-up when it updates, it's simple), a good anti-malware like SuperAntiSpyware, and a good behavior blocker HIPS, like Mamutu or Norton Antibot, you're pretty much golden. In fact, that's what I'm running right now. (A-Squared's antimalware contains Mamutu's HIPS built in, another free year's license). After I tried out Norton Antibot, I was crashing a LOT, but I can't narrow it down to being caused by that program. Because I don't have proof, I can't blame it for my instability.
 
There is no reason you shouldn't be running an anti-virus, just in case. I'm running NOD32 on all my Windows machines and while it may never find or have to remove a virus, better safe than sorry, right?
 
And I guess thats my question, how reduced is my risk? Is the underlaying framework of Vista 64 so different from the 32bit version that most viruses would be thwarted? Or would WOW64 actually help the viruses do what they want to do, thus making the move negligible?

It depends on how clever the virus is trying to be, really. If it's a simple program that runs some code, then it will be just as damaging as on 32-bit Vista, acting through WoW64 (although in Vista in general, UAC means that you'd have to give it privileges to do serious damage). If it needs to mess with the system at a low level, then it's more likely to become unstuck. A worm may or may not be able to exploit potential vulnerabilities in both versions of Vista, but, say, an attempt to inject 32-bit code into a 64-bit program isn't likely to end well. (Vista's Address Space Layout Randomisation will make some attacks harder on both versions.) 64-bit Vista will also commit suicide if it finds things tampering with the kernel.

Overall I think the overall risk is down from XP to Vista, and down from 32- to 64-bit (for now), but not eliminated. I'd prefer to run a virus scanner myself. However, there also seems to have been a marked decline in viruses recently; the main problem now seems to be malware.
 
And I guess thats my question, how reduced is my risk? Is the underlaying framework of Vista 64 so different from the 32bit version that most viruses would be thwarted? Or would WOW64 actually help the viruses do what they want to do, thus making the move negligible?


I'm rocking AVG Free, have you used it? Any personal comparisons between the two?
Not reduced enough to not run anti-virus.

And as 64 bit becomes the norm (probably will be Windows 7 before it gets decent market share... bottom line is the OEMs will need to start shipping it), just like everything else: more people will write for it. Write applications and viruses.
This is the same exact thing for OS X though, as it becomes more popular and worthwhile, it will be a larger target. It's just right now OS X and 64 bit Windows are such a small percentage of the computers out there, nobody really wants to mess with them. Windows just at a disadvantage already since it supports 32 bit software.

But like ^^^ already said, UAC would stop it from crippling your system. Only thing it could do is delete your documents and stuff, but it really couldn't do much else.


AVG is "alright". I'd probably choose it over some crap like Norton.

However, NOD32 is worth the money. Anti-Spyware and Anti-Virus in one... Hands down NOTHING beats it.
I've tried all the free AVs and I haven't really liked any of them.
 
If you combine Avira free (google how to get rid of their pop-up when it updates, it's simple), a good anti-malware like SuperAntiSpyware, and a good behavior blocker HIPS, like Mamutu or Norton Antibot, you're pretty much golden. In fact, that's what I'm running right now. (A-Squared's antimalware contains Mamutu's HIPS built in, another free year's license). After I tried out Norton Antibot, I was crashing a LOT, but I can't narrow it down to being caused by that program. Because I don't have proof, I can't blame it for my instability.
Comodo Firewall 3.0 has an amazing HIPS engine, not to mention the best free software firewalll you can get. I use Antivir + SuperAntiSpyware + Comodo and my pc is pretty much bulletproof (unless the government uses their backdoor :(). I would rather not put anything thats says norton on my puter if I can avoid it, you should try Comodo, it's really amazing.
 
I used Comodo for a while, and yes, it's powerful, but it's also VERY annoying with the sheer amount of popups it gives you. Norton Antibot isn't actually written by Symantec, it's Sana Security's SafeConnect, relabeled.

So, that being said, between the SPI/NAT router I have, and vista firewall, and then taking into consideration the annoyances that Comodo was giving me, I decided to drop it from my lineup. Outstanding program, just a bit too noisy for my tastes.

Also, Comodo and rules based HIPS are a bit difficult to work with if you don't know exactly what's going on and how things work. A behavior blocker does things automatically, Comodo will ask if you want to permit/deny, and if you choose the wrong thing, you let the threat completely bypass your security.
 
I actually ended up disabling most of the Defense+ features in Comodo because of the popups, but I couln't do without outbound protection, I want to know when programs are trying to use the internet.

Back on topic, NOD32 is very nice but when the free month runs out nothing beats Avira Antivir for free, works great in Vista x64 and XP x64.
 
I'll certainly agree with that. Let me revise that statement and talk about the effectiveness of writing a virus in terms of affected market share. Vista 64 cannot have a very large installed user base at this point, so would the time spent writing the malicious code really be effective?
If you check out some security sites, you'll see that most attack vectors have little to do with the particular version of Windows installed on the system.
 
I actually ended up disabling most of the Defense+ features in Comodo because of the popups, but I couln't do without outbound protection, I want to know when programs are trying to use the internet.

Back on topic, NOD32 is very nice but when the free month runs out nothing beats Avira Antivir for free, works great in Vista x64 and XP x64.

See, I agree with you on the outbound protection, but between winpatrol, my HIPS, and my AV, I'm confident I don't have anything malicious dialing out, and I'm VERY selective about the software I *choose* to install, so for me, outbound protection is nice to have but not necessary. When Online Armor gets an x64 version, I'll go with that, comodo turned into a giant pain in my ass.
 
Vista's firewall actually has outbound protection, but it's rather complex (controlled through the MMC snap-in only) and doesn't give a friendly popup asking if you want to give permission, as far as I know. That would seem pretty easy to do since there's already a popup for outbound programs - not sure why they didn't implement that.

Outbound protection is more of a damage limitation tactic really; the primary emphasis needs to be on stopping the malware getting there in the first place rather than trying to stop it leaving with personal information. But that's not to say it's not useful, indeed.
 
Outbound protection is more of a damage limitation tactic really; the primary emphasis needs to be on stopping the malware getting there in the first place rather than trying to stop it leaving with personal information.

Exactly.

Outbound filtering, 95% of the time, is more of a PITA than it is worth.

And like you said, the virus is already on the hard disk... And if the virus is the type that DOES NOT communicate, well... you're screwed either way.
 
I wasn't referring to viruses when I said I needed outbound protection, plenty of safe software tries to use the internet for no reason at all.
 
Ok thanks guys. It looks like I'll think about Avira moving forward. Personally I don't do stuff that is that riskaay that would necessitate HIPS or anything more than Windows defender + UAC + Firewall. It's like what the last few posts are saying, if an attacker wants my computer that bad, he'll probably find a way in regardless of what I have up. And if the virus is already in and doesn't need to dial out, then I'm just sacrificing processing cycles and performance for nothing.

And now that I look at a new thread, it asks a really good question, when was the last time you did get a virus?
 
Windows Defender is pretty much shit. SuperAntiSpyware runs light, it's free for on demand scanning ($20 lifetime license) and is pretty much the best you can get right now. I'd at least run a behavior blocker HIPS, it's non intrusive and offers great protection.
 
Back
Top