-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cyber Security Tip ST06-009 Coordinating Virus and Spyware Defense Using anti-virus and anti-spyware software is an important part of cyber security. But in an attempt to protect yourself, you may unintentionally cause problems. Isn't it better to have more protection? Spyware and viruses can interfere with your computer's ability to process information or can modify or destroy data. You may feel that the more anti-virus and anti-spyware programs you install on your computer, the safer you will be. It is true that not all programs are equally effective, and they will not all detect the same malicious code. However, by installing multiple programs in an attempt to catch everything, you may introduce problems. How can anti-virus or anti-spyware software cause problems? It is important to use anti-virus and anti-spyware software (see Understanding Anti-Virus Software and Recognizing and Avoiding Spyware for more information). But too much or the wrong kind can affect the performance of your computer and the effectiveness of the software itself. Scanning your computer for viruses and spyware uses some of the available memory on your computer. If you have multiple programs trying to scan at the same time, you may limit the amount of resources left to perform your tasks. Essentially, you have created a denial of service against yourself (see Understanding Denial-of-Service Attacks for more information). It is also possible that in the process of scanning for viruses and spyware, anti-virus or anti-spyware software may misinterpret the virus definitions of other programs. Instead of recognizing them as definitions, the software may interpret the definitions as actual malicious code. Not only could this result in false positives for the presence of viruses or spyware, but the anti-virus or anti-spyware software may actually quarantine or delete the other software. How can you avoid these problems? * Investigate your options in advance - Research available anti-virus and anti-spyware software to determine the best choice for you. Consider the amount of malicious code the software recognizes, and try to find out how frequently the virus definitions are updated. Also check for known compatibility issues with other software you may be running on your computer. * Limit the number of programs you install - Many vendors are now releasing packages that incorporate both anti-virus and anti-spyware capabilities together. However, if you decide to choose separate programs, you really only need one anti-virus program and one anti-spyware program. If you install more, you increase your risk for problems. * Install the software in phases - Install the anti-virus software first and test it for a few days before installing anti-spyware software. If problems develop, you have a better chance at isolating the source and then determining if it is an issue with the software itself or with compatibility. * Watch for problems - If your computer starts processing requests more slowly, you are seeing error messages when updating your virus definitions, your software does not seem to be recognizing malicious code, or other issues develop that cannot be easily explained, check your anti-virus and anti-spyware software. _________________________________________________________________ Authors: Mindi McDowell, Matt Lytle _________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use <http://www.us-cert.gov/legal.html> This document can also be found at <http://www.us-cert.gov/cas/tips/ST06-009.html> For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRRridexOF3G+ig+rAQL1Fgf+NuwTIvZwBUau4GoTOdNsZ4XufognCUOz TIcRKJeNhr5gKHjQIGHsQlQyIwcp7dE2KZ/c4pMXYadQKWP90VNZdgCe5yvcGSHZ yGpotA0EiFfvILSrsjfudLJDviDt3wNYizuuJFU764qWNvjvuPvUKh/ypSSX//PC JabTtxhM4FFdX5CxWPppVOj2HITuUculxuLLSRis/13wdV0YUMgwK3VixJD7kGRl otcc1/PgDbU+qbQGhY9KyCjAapiYQBTIlB/nJl+1HZ4twbYmTtzIVozdWvB71NFe jZVceVsKFUHViqGbZOW7xn/O0t5eKeoSScj1V9evWN4/vnT+Z0zv5g== =5HRT -----END PGP SIGNATURE-----