Can I run more than one anti-malware program or firewall? Should I?

It's tempting to think more is better when it comes to anti-spyware and anti-virus software and firewalls. In reality too many can cause trouble.

//
With regards to firewalls, anti-virus programs and anti-spyware programs; can I have more than one of each of these programs installed in my computer? For example, I run ZoneAlarm; does that mean I should I turn off Windows firewall?

In recent years this question has become more complex than ever.

There are certain types of protection you need, and getting all that protection may involve running more than one program.

On the other hand, running more than one program of the wrong type can, indeed, cause problems.

Let’s see if I can’t sort this out for you.

What you need

As a general rule of thumb, you need only one of each of the following:

  • Anti-virus
  • Anti-spyware
  • Firewall

While that appears relatively simple, it gets complex because:

  • Some anti-malware programs attempt to do two or all three of those operations simultaneously – meaning that it’s easy to accidentally have two or more programs trying to do the same thing.
  • There’s no perfect anti-virus or anti-spyware tool – meaning that sometimes you’ll want to have others available.

Anti-virus tools

Most anti-virus programs operate in two modes:

  • Scan: the utility examines memory and files on disk for traces of malware. This involves actually examining the contents each file for things that “look like” viruses.
  • Monitor: often referred to as “real time” monitor, the anti-virus program is continually running and scans files as they arrive on your machine, notifying you nearly immediately if the file you just received contains something that looks like a virus.

There’s nothing at all wrong with periodically running anti-virus scans with more than one anti-virus program. The key here is that it’s just a scan – it starts, it scans, and then it’s done. There’s no opportunity to come into conflict with another anti-virus program.

Real time monitoring, on the other hand, is another story. When you install most anti-virus programs, they often automatically install and enable their real time monitors. Running two or more real time anti-virus monitors at the same time is very likely to cause a conflict. That conflict could result in error messages, crashes of the anti-virus programs, or other types of failure.

Bottom line: it’s certainly OK to have more than one anti-virus program installed, and it can make sense to run a scan using a different program from time to time, but you must make sure you only have one real time monitor enabled at a time.

The simplest way to do that is to rely on a single good anti-virus program, and make sure that its database of known viruses is continually being updated.

Anti-Spyware

Malware WordsAnti-spyware tools operate much like anti-virus tools, and that typically means the same two modes:

  • Scan: the utility examines memory and the hard disk for traces of spyware. While an anti-spyware program typically does not scan every executable file on the disk, it does check certain registry entries, look at the contents of certain files, and check for the presence of others for things that “look like” spyware.
  • Monitor: like anti-virus programs, anti-spyware programs often have a “real time” component that monitors for certain spyware-like activities. A good example is that an attempt to change your default home page will be caught (or prevented) in real time by many anti-spyware programs.

And once again, the bottom line is the same: periodic scans by different programs are quite alright, while the real time monitors installed by these utilities can easily come into conflict. Make sure only one package has its real time monitoring facility enabled.

The most important thing is to start with a good anti-spyware program, and make sure that its database of known spyware is continually being updated.

Anti-malware

The term “anti-malware” is where things get complicated.

Technically “malware” is an all-encompassing term for viruses, spyware, and anything else that we might consider harmful software. So in a sense an anti-malware tool would include both anti-virus and anti-spyware components.

And many do.

But then there are tools like Malwarebytes Anti-malware, which for years has been an important tool in our arsenal, and yet has long been explicit about not being an anti-virus tool. (They recommended another anti-virus tool in their support forums.) Even today, as the scope of the tool appears to be expanding, they still seem to be avoiding the term “anti-virus” in favor of “anti-malware and “anti-spyware”.

The result, of course, is confusion.

A malware plan

With all that confusion in sight, here’s a strategy that I use myself and recommend:

  • Select a single, good anti-virus program, install it and enable its real time component.
  • Select a single, good anti-spyware program, install it and enable its real time component.

That’s it. Note that quite often the same program might provide both anti-virus and anti-spyware – in fact it’s getting harder and harder to find packages that don’t. While in the past I’ve generally shied away from all-in-one solutions, some are getting better, if not inevitable.

What’s important here is that you know what components your anti-malware tool is providing, and not duplicate that with another tool.

When issues arise, and you suspect malware – particularly malware that you believe your existing tools have not caught1 – then you would install additional tools without their real time component enabled. The purpose of these tools is to run an additional scan of your computer for the suspected malware. This is traditionally where I turn to Malwarebytes’ free version.

This strategy keeps your system running with enough protection, but not too much protection, and with a plan should something ever make it through.

Firewalls

Firewalls are a different beast from the tools we’ve talked about so far. They fall into roughly two categories: hardware and software.

A software firewall is just that – software that’s installed on your machine that prevents certain types of intrusion into your system from the outside. And in some cases, it also monitors for suspicious attempts to connect to the outside from within your computer. In both cases the functions are performed in real time, as they happen.

As you can guess from the previous discussion, two programs trying to perform the same action at the same time can lead to problems. I would most certainly not run two different software firewalls at the same time. That implies that if Windows Firewall is turned on, I would turn it off as part of installing another firewall such as Zone Alarm. In actuality, I would expect the installation of a third party firewall to automatically disable and replace the built in Windows Firewall.

In most homes and small businesses, your router is a hardware firewall. Routers provide a level of protection that prevents your computer from being seen from the internet, unless you initiate the outbound connection. There’s nothing to install on your PC; it’s just another box that sits between you and your internet connection.

There’s nothing wrong with having both a software and a hardware firewall. It’s partially redundant, but it’s harmless. In fact, if there are machines within your LAN that you don’t actually trust, having both can actually be an appropriate choice, as your router will protect you from threats coming in from the internet, whereas your software firewall would protect you from threats that might originate from a compromised machine within your local network.

Technically, there’s also really nothing wrong with having multiple hardware firewalls. You can put a router behind a router if you like. However, a) it will slow down your connectivity somewhat, and b) there are certain types of communications protocols that may break as a result. Common protocols like web and email do not, so it’s usually OK, but it’s not really recommended.

This is an update to an article originally posted : November 9, 2006
Footnotes and references

1: It can happen. There is no perfect anti-malware tool, and not all tools will catch all malware.

There are 28 comments:

  1. Vincent Mc Kenna Reply

    This set me thinking ! I have been unable to install NAV for the last week, it keeps failing and asks me to start again, and keeps failing to install.
    I notice now that Windows Firewall is ” ON “, thats got me thinking — thats good !! I will now have to learn how to uninstall Windows Firewall, etc. Thanks for the education.

  2. dana Jones Reply

    I agree on the Firewall you can only run one firewall at at time. I use ZoneAlarm and it automatically turns off the XP firewall. As for AntiSpyware I have Windows Defender and SpywareDoctor running, and the PC does run a little slower, but the protection works. And for AntiVirus, on my new dual-core pc I have both AVG & Avast running with no problems. I chose AVG for the scheduler, and Avast for the boot-scan.

  3. zzuebe2 Reply

    Well, I use F-Secure Internet Security full time now (anti-virus, anti-spyware, and firewall) all in one package, but when I installed it, I forgot to uninstall Avast A/V and ran into all kinds of problems, (freezes, crashes), but that all stopped when I got rid of (uninstalled) the Avast. F-Secure disabled my Windows Defender & Windows Firewall by default upon installation and so far, so good.

  4. bill g mosley Reply

    i have both windows defender on, and symantic anti virus both running, does this conflict with each other

  5. Leo Reply

    I have an avast anti-virus (Avast) and windows defender/firewall in my laptop. I was planning to add either Symantec’s Conficker (aka Downadup) tool, Trend Micro’s Cleanup Engine, or Malwarebytes due to this conficker virus. should i go for it or would any of these conflict with my current protection or are my current system enough?

  6. Raam Reply

    Hi Leo,

    When choosing a firewall what are main criteria it should match ??

    How about NODE 32 SMART security, what’s your opinion about it ??

    Thank you.

  7. John Doe Reply

    If this author thinks that “as a general rule, you only need one of each”, then he obviously doesn’t have any experience with cleaning malware off of computers.

    Armchair technicians for the lose.

    Realtime protection is one thing — obviously you only want one RT AV running at a time. But no single AV, AS, AA, or other AM program is ‘all you need’. Any tech who has any amount of experience cleaning malware can tell you that no single program will get everything.

  8. Ralph Reply

    Remember the key is you should not install nore than one real-time background scanning security program. Most people will do fine with just a simple hardware firewall (router), Windows Firewall, Windows Defender (Vista/7, Keeping Windows updated,having a real time basic virus scanner like Norton or McAfee and then using an on demand product like Malwarebytes for when you think there may be a problem.
    Ralph
    Read about Windows 7 upgrades on my blog

  9. Frank Williams Reply

    I run 2 different anti-virus programs at the same time. I have run avg and Threatfire, and am now running Avira and threatfire. I left avg because it has become a resource hog. I have not had any problems doing this. Threatfire was designed to run with other anti-virus programs and works different than other programs and can catch viruses that have not been fixed yet. As I have only used it with these 2 programs I can not vouch for it running with any other virus programs. Check it out at threatfire.com. you may change your mind about running 2 virus programs at the same time. I used this type of anti-virus program for many years as my only virus program. since the Dos days and have only had 1 virus in the whole time.

  10. Glenn Ordell Reply

    Mortal enemies??? Example: If you install Kaspersky and Spybot Search & Destroy, Kaspersky gets “mad” about Spybot. When you go to uninstall Spybot, their uninstall program asks you “why?” One of the listed options is: “Kaspersky.”

    Next, Spybot comes back with a paragraph explaining that they have thoroughly tested their product in conjunction with Kaspersky, and can NOT find any conflicts.

    On the flip side of that coin, if you have Lavasoft’s Adaware installed, and try to install Spybot, Spybot warns you that the two products are incompatible!!!

    So who is speaking with a forked tongue?

    Also, the rules of the game change on a daily basis. So two programs that were completely compatible yesterday may not be today because one of them was updated.

    Hence, Leo’s concept of not running more than one of each type of program is generally the safest bet. Exception: My computer was acted very strangely for quite a few days. Kaspersky didn’t find anything wrong. So I “cheated” and installed Spybot, ran it, if found one problem, disposed of it, and now my computer’s performance has greatly increased. Of course, I immediately uninstalled Spybot after running it to avoid any potential conflicts with Kaspersky.

    Those are my thoughts…

    Aloha from Hawaii,
    Glenn

  11. Evan B Merz Reply

    I have but one question: I have Vipre antivirus and it seems to be doing a very good job of scanning my system. Why is there never any mention of Vipre anywhere (at least where I have looked)?

  12. Daniel Reply

    Hello, I found out that free antivirus, spyware firewall and so on don`t come complete, how may I assemble a package made up of free software: for example: avast free + zone-alarm firewall , and some other free peer to peer free protection and so on to be able to get it all as good as it gets without paying for commercial products (or downloading them illegally) ? Thank You! take care! Daniel

  13. David Hutchins Reply

    The new Panda Cloud Antivirus appears to run fine with VIPRE Antivirus/Antispyware/Firewall with no apparent conflicts or system slowdown. Also it is good to run an on demand manual scan for viruses once in a while with various products.

  14. Akshay Reply

    can i run a virus removal tool with another antivirus??????????????

  15. Mike Reply

    I am running norton 360 and Avast antivirus both at same time recently have been having a problem with down load speed suppose to have 8mps and only have 116kps could running them both cause this problem

  16. Vic Pico Reply

    using more than anti-virus program is possible.But your computer may run, slowly or stop, in some given time. is it my advise and opinion, to run on a reliable one anti virus.

  17. Jerome Reply

    I am running AVG 2011 also have IObit 360 on here are they ok 2 run @ same time also microsoft security essentials is on here but its off as it wouldnt allow me 2 turn on defender i recently removed trojan and think it has done severe damage as my security centre wont always stay on i have 2 use Advanced system care 2 turn it bak on anny advice would be much apreciated as i am not only fixin my comp but i fix m8s comps a bit 2

  18. greatkibble Reply

    I’m using superantispyware and spybot. I’m thinking of adding in Windows defender and all together Avast would be there with the rest as my body guards.
    Should I add in Windows defender? Is it worth it really?

  19. Jim Reply

    Microsoft Security Essentials installation instructions include the statement: ” You can keep your antispyware programs running, as they coexist peacefully.” Comment? True? False?

    I would believe what the program is telling – why would it lie? It will also warn you to remove other anti-virus programs.

    Leo
    02-Jan-2012
  20. Bob Reply

    For over 12 months, I’ve been running MSE along-side Avast, and using Search & Destroy for it’s immunization and the odd scan.
    When I had issues with Avast (v7 does not seem to run on my machine at all) and had to get rid of it, I soon managed to get a virus.
    I’ve now managed to re-install Avast v6, I have had no problems sinse.
    As a side-note, I have been thinking about adding Zone-Alarm’s firewall to the mix, as I’ve used it in the past. Is it worth the extra effort to replace Window’s firewall?

    In my opinion, no.

    Leo
    17-Mar-2012
  21. CookyMann Reply

    If I use the one Mfg’s anti-virus software (tested as the best percentage in CATCHING viruses), can I use another Mfg’s software (tested as the best percentage software in disabling/removing it)? And if so, must I somehow get the caught viruses out of the catching program’s quarantine area or vault?

  22. Amal Bhakta Reply

    I am running Avast! (paid edition) and Microsoft protections (anti-virus, anti-spyware, firewall, ) simultaneously. The Microsoft protections are built into my IE 10 and Windows 7. Should I continue using Avast! or remove it from my system?

  23. Zvi Reply

    I have been using (at home) Norton 360 Multi — which is supposed to be Anti-virus / Firewall / and (I think) anti-malware (not so sure about that).
    I also run Malwarebytes Anti Malware pretty often… There do not appear to be conflicts (at least I have not seen any) though when I first did this, the Norton product “objected” to the Malwarebytes product — I assume that the two have “hugged and made up”….
    I also have a router… (and, on the wireless side, use the WPA2-PSK (with AES) to encrypt the connection, as well as
    use MAC Address filtering) My thinking is that this combination should be adequate…..

  24. Frank L Reply

    Very good info. but how do I know if my software combo is good. For example, I am running Symantec Endpoint Protection (from work to use at home) and malware by “Malwarebytes”. Is that redundant or just overlapping?

  25. Chas Reply

    I have AVG Antivirus free and Advanced SystemCare pro. From all you guys have said should i remove one and leave and + Ccleaner? Thanks

Leave a reply:

Before commenting please:

  • Read the article. Seriously. You'd be shocked at how many people make comments that prove they didn't.
  • Comment only on the article. If you have a new, unrelated question start with the search box at the top of the page.
  • Don't post personal information. Email addresses, phone numbers and such will be removed.

VERY IMPORTANT: because of a rise an comment spam that's making it through our filters any comments that do not add to the discussion - typically off topic or content-free comments - run a very high risk of being flagged as spam and removed.

If you have a new question unrelated to the article above, ask it on the Ask Leo! ask-a-question page.