Let me expand on a few things that have been said.
Using more than one anti-virus program is not advisable
. The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously
. However, even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources
. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
Each anti-virus will often interpret the activity of the other as a virus and there is a greater chance of them alerting you to a "False Positive
". If one finds a virus and then the other also finds the same virus, both programs will be competing over exclusive rights on dealing with that virus. Each anti-virus will attempt to remove the offending file and quarantine it. If one finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a virus has been found when that is not the case.
Anti-virus scanners use virus definitions to check for viruses and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. To avoid these problems, use only one anti-virus solution
. Deciding which one to remove is your choice. Most anti-virus vendors recommend that you install and run only one anti-virus program at a time
When necessary, you can always get another opinion by performing an Online Virus Scan
In contrast, using more than one anti-spyware program with or without real-time protection increases your protection coverage without
causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. Even if your anti-spyware programs are not running in real-time, the overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware.No single product is 100% foolproof
and can detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined
with common sense and safe surfing habits provides the most complete protection.
Choosing a security toolkit with anti-virus and anti-malware programs is a matter of personal preference, your technical ability and experience, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. A particular combination that works well for one person may not work as well for another. You may need to experiment and find the ones most suitable for your needs. Another factor to consider is whether you want to use paid for
products or free alternatives
As a general rule most security toolslike Malwarebytes' Anti-Malware, SuperAntispyware, Spybot S&D, SpywareTerminator (without the optional Clam AntiVirus integration), etc will not conflict with your anti-virus program, although some of them may provide redundant alerts which can be annoying. However, you can overkill your system with resource heavy security programs that will drain your resources and slow down performance. Sometimes you just have to experiment to get the right combination for your particular system as there is no universal solution that works for everyone. Windows XP firewall
protects against port scanning but has limitations and it is no replacement for a robust 3rd-party two-way personal firewall.
Windows Vista Firewall
- The XP firewall is not a full featured firewall. Normal firewalls allow you to specifically control each TCP and UDP port but XPís firewall does not provide you with this capability. Instead, it takes a point and click approach to enabling or disabling a few common ports.
- The XP firewall does a good job of monitoring, examining and blocking inbound traffic but makes no attempt to filter or block outbound traffic like most 3rd-party personal firewalls.
- Thus, the XP firewall does not identify which programs attempt to initiate outbound network or Internet communications nor does it block the traffic when suspicious activity occurs.
- This feature can be helpful in preventing many types of malware attacks that may attempt to open ports or communicate with outside servers without the user's knowledge or consent. It also means that if your system has been compromised, a hacker could use your machine as part of a distributed denial of service attack.
- By default, Windows Firewall rejects all incoming traffic unless that traffic is in response to a previous outgoing request. If you're running Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. If your Firewall is not turned on by default, then your using an unpatched OS and need to update your system to SP2.
offers two-way filtering for better security but its the bare minimum and still limited. By default, most outbound filtering is turned off (outbound connections are allowed
) and inbound filtering is turned on (inbound connections are blocked
). Configuration is confusing and there is no practical way to to configure outbound filtering to stop all unwanted outbound connections. You can only turn inbound filtering on or off, and through the various tabs, configure how inbound filtering works. For independent reviews, read Vista Firewall Fails on Outbound Security
and Windows Vista's Firewall
If you choose a 3rd-party firewall, before installing it make sure you turn off the the Windows firewall
. For instructions with screenshots, see How to turn off the Windows Firewall in SP2
or How to turn on or off the Windows Vista Firewall
Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts
that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (your router) and a software firewall (Kerio or ZoneAlarm) in conjunction.
A hardware firewall
is really a software firewall running on a dedicated piece of hardware or specialized device (routers, broadband gateways) that sits between a modem and a computer or network. A hardware firewall is based on "Network Address Translation
" (NAT) which hides your computer from the Internet or NAT plus "Stateful Packet Inspection
" (SPI). It can provide a strong degree of protection from most forms of attacks coming from the outside (incoming traffic
). Hardware firewalls are easy to configure and can protect every machine on a local or home network. A hardware firewall typically uses packet filtering to examine the header of a packet to determine its source and destination addresses. This information is compared to a set of predefined or user-created rules that determine whether the packet is allowed (forwarded) or denied (dropped) on particular ports. They tend to treat any kind of traffic traveling from the local network out to the Internet as safe which can be a security risk.
With a software firewall
you have customized control and can specify which applications are allowed to communicate
) over the Internet from your computer. Programs that are not explicitly allowed to do so are either blocked or else the user is prompted for confirmation before the traffic is allowed to pass. Software firewalls generally offer the best measure of protection against Trojans and worms
but they are harder to configure and must share resources with other running processes which can decrease system performance. Many software firewalls have user defined controls for setting up safe file and printer sharing and to block unsafe applications from running on your system.
For more information see:
Edited by quietman7, 09 April 2009 - 08:21 AM.