-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cyber Security Tip ST06-009
Coordinating Virus and Spyware Defense
Using anti-virus and anti-spyware software is an important part of
cyber security. But in an attempt to protect yourself, you may
unintentionally cause problems.
Isn't it better to have more protection?
Spyware and viruses can interfere with your computer's ability to
process information or can modify or destroy data. You may feel that
the more anti-virus and anti-spyware programs you install on your
computer, the safer you will be. It is true that not all programs are
equally effective, and they will not all detect the same malicious
code. However, by installing multiple programs in an attempt to catch
everything, you may introduce problems.
How can anti-virus or anti-spyware software cause problems?
It is important to use anti-virus and anti-spyware software (see
Understanding Anti-Virus Software and Recognizing and Avoiding Spyware
for more information). But too much or the wrong kind can affect the
performance of your computer and the effectiveness of the software
itself.
Scanning your computer for viruses and spyware uses some of the
available memory on your computer. If you have multiple programs
trying to scan at the same time, you may limit the amount of resources
left to perform your tasks. Essentially, you have created a denial of
service against yourself (see Understanding Denial-of-Service Attacks
for more information). It is also possible that in the process of
scanning for viruses and spyware, anti-virus or anti-spyware software
may misinterpret the virus definitions of other programs. Instead of
recognizing them as definitions, the software may interpret the
definitions as actual malicious code. Not only could this result in
false positives for the presence of viruses or spyware, but the
anti-virus or anti-spyware software may actually quarantine or delete
the other software.
How can you avoid these problems?
* Investigate your options in advance - Research available
anti-virus and anti-spyware software to determine the best choice
for you. Consider the amount of malicious code the software
recognizes, and try to find out how frequently the virus
definitions are updated. Also check for known compatibility issues
with other software you may be running on your computer.
* Limit the number of programs you install - Many vendors are now
releasing packages that incorporate both anti-virus and
anti-spyware capabilities together. However, if you decide to
choose separate programs, you really only need one anti-virus
program and one anti-spyware program. If you install more, you
increase your risk for problems.
* Install the software in phases - Install the anti-virus software
first and test it for a few days before installing anti-spyware
software. If problems develop, you have a better chance at
isolating the source and then determining if it is an issue with
the software itself or with compatibility.
* Watch for problems - If your computer starts processing requests
more slowly, you are seeing error messages when updating your
virus definitions, your software does not seem to be recognizing
malicious code, or other issues develop that cannot be easily
explained, check your anti-virus and anti-spyware software.
_________________________________________________________________
Authors: Mindi McDowell, Matt Lytle
_________________________________________________________________
Produced 2006 by US-CERT, a government organization.
Terms of use
<http://www.us-cert.gov/legal.html>
This document can also be found at
<http://www.us-cert.gov/cas/tips/ST06-009.html>
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRRridexOF3G+ig+rAQL1Fgf+NuwTIvZwBUau4GoTOdNsZ4XufognCUOz
TIcRKJeNhr5gKHjQIGHsQlQyIwcp7dE2KZ/c4pMXYadQKWP90VNZdgCe5yvcGSHZ
yGpotA0EiFfvILSrsjfudLJDviDt3wNYizuuJFU764qWNvjvuPvUKh/ypSSX//PC
JabTtxhM4FFdX5CxWPppVOj2HITuUculxuLLSRis/13wdV0YUMgwK3VixJD7kGRl
otcc1/PgDbU+qbQGhY9KyCjAapiYQBTIlB/nJl+1HZ4twbYmTtzIVozdWvB71NFe
jZVceVsKFUHViqGbZOW7xn/O0t5eKeoSScj1V9evWN4/vnT+Z0zv5g==
=5HRT
-----END PGP SIGNATURE-----
