-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cyber Security Tip ST06-009
Coordinating Virus and Spyware Defense
Using anti-virus and anti-spyware software is an important part of cyber
security. But in an attempt to protect yourself, you may unintentionally
cause problems.
Isn't it better to have more protection?
Spyware and viruses can interfere with your computer's ability to process
information or can modify or destroy data. You may feel that the more
anti-virus and anti-spyware programs you install on your computer, the safer
you will be. It is true that not all programs are equally effective, and
they will not all detect the same malicious code. However, by installing
multiple programs in an attempt to catch everything, you may introduce
problems.
How can anti-virus or anti-spyware software cause problems?
It is important to use anti-virus and anti-spyware software (see
Understanding Anti-Virus Software and Recognizing and Avoiding Spyware for
more information). But too much or the wrong kind can affect the performance
of your computer and the effectiveness of the software itself.
Scanning your computer for viruses and spyware uses some of the available
memory on your computer. If you have multiple programs trying to scan at the
same time, you may limit the amount of resources left to perform your tasks.
Essentially, you have created a denial of service against yourself (see
Understanding Denial-of-Service Attacks for more information). It is also
possible that in the process of scanning for viruses and spyware, anti-virus
or anti-spyware software may misinterpret the virus definitions of other
programs. Instead of recognizing them as definitions, the software may
interpret the definitions as actual malicious code. Not only could this
result in false positives for the presence of viruses or spyware, but the
anti-virus or anti-spyware software may actually quarantine or delete the
other software.
How can you avoid these problems?
* Investigate your options in advance - Research available anti-virus and
anti-spyware software to determine the best choice for you. Consider the
amount of malicious code the software recognizes, and try to find out
how frequently the virus definitions are updated. Also check for known
compatibility issues with other software you may be running on your
computer.
* Limit the number of programs you install - Many vendors are now
releasing packages that incorporate both anti-virus and anti-spyware
capabilities together. However, if you decide to choose separate
programs, you really only need one anti-virus program and one
anti-spyware program. If you install more, you increase your risk for
problems.
* Install the software in phases - Install the anti-virus software first
and test it for a few days before installing anti-spyware software. If
problems develop, you have a better chance at isolating the source and
then determining if it is an issue with the software itself or with
compatibility.
* Watch for problems - If your computer starts processing requests more
slowly, you are seeing error messages when updating your virus
definitions, your software does not seem to be recognizing malicious
code, or other issues develop that cannot be easily explained, check
your anti-virus and anti-spyware software.
_________________________________________________________________
Authors: Mindi McDowell, Matt Lytle
_________________________________________________________________
Produced 2006 by US-CERT, a government organization.
Note: This tip was previously published and is being re-distributed
to increase awareness.
Terms of use
<http://www.us-cert.gov/legal.html>
This document can also be found at
<http://www.us-cert.gov/cas/tips/ST06-009.html>
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSbfL/nIHljM+H4irAQJAaQf/RfyMDjcT7bVqZ11P9mTB4/d3SS34A3AG
MiQRATVzmvjTgMsWb2XTMO7w+SKfSRDr9T2mQU/wd/rdsPvImnoA8VdzEDn7WjVY
8y6csFnpsOD4YGsoOB8Cr9SpQSiNkVOFjglDUdv7x4/r2j1GuoxiDWG9sp44a3j/
iqwJotvONbdwfwxkQ3jwXH/161Y1XXgKdzT2jP99Z+Q9c9DZ9p+jGZ5y3QNB9zaZ
GIYMgB/ol0LJniqDcFnldXLZ+KqGGClvOMHG6UrlblJQ02Ot2uhivL7H9Oea5BhN
IHkIPUAcsZWrqlEor6EnnxCnKO5P5YZceEHWuHcfoKdP1LaolR0v4w==
=H73j
-----END PGP SIGNATURE-----
